Welcome to the JFrog Blog

Latest:

JFrog’s Best DevOps Blogs of 2021

January 13, 2022 JFrog Team

7 min read

In 2021, JFrog provided a steady stream of insightful articles about software release trends, DevOps best practices, JFrog innovations and more. Here we’ve selected what we consider the best posts of last year, in case you missed them or want to re-read them. You’ll find primers on how our customers benefit from our trailblazing partnership…

Read More
JFrog’s Best DevSecOps Blogs of 2021

JFrog’s Best DevSecOps Blogs of 2021

January 13, 2022 JFrog Team | 7 min read

Always a concern for DevOps teams, security has now become a critical part of developing and releasing software – a reality reflected on the sharp increase in JFrog blogs about DevSecOps. In fact, we generated so many hard-hitting and instructive blogs about security and compliance in 2021 that we decided our DevSecOps coverage deserved its…
Read More
Meet JFrog’s Newest Board Member – Meerah Rajavel, Citrix CIO and Technology Industry Veteran

Meet JFrog’s Newest Board Member – Meerah Rajavel, Citrix CIO and Technology Industry Veteran

January 10, 2022 Micheline Nijmeh | 13 min read

As JFrog continues to grow, having solid guidance and the right mix of talent on our board is important to help us reach our goals. We are honored to have recently welcomed seasoned business technology leader, Meerah Rajavel, to our Board of Directors. Meerah’s extensive experience in revenue growth, go-to-market, and business transformation strategies will…
Read More
Check Out JFrog’s New Community Site for Developers

Check Out JFrog’s New Community Site for Developers

January 7, 2022 Lori Lorusso, Developer Relations Community Manager, JFrog | 3 min read

JFrog has been hard at work behind the scenes restructuring how we share information with the developer community. We wanted to create a one-stop resource for developers who code in a variety of languages, with a focus on DevOps, DevSecOps, and cloud native technologies. So without further ado … let me introduce you to our…
Read More
The JNDI Strikes Back – Unauthenticated RCE in H2 Database Console

The JNDI Strikes Back – Unauthenticated RCE in H2 Database Console

January 6, 2022 Andrey Polkovnychenko and Shachar Menashe | 12 min read

Update 07/01/22 - Added credit to researcher @pyn3rd for similar independent previous findings in Acknowledgements section A short preamble Very recently, the JFrog security research team has disclosed an issue in the H2 database console which was issued a critical CVE - CVE-2021-42392. This issue has the same root cause as the infamous Log4Shell vulnerability…
Read More
DevOps 2022: 5 Big Rocks to Harness the Software Supply Chain

DevOps 2022: 5 Big Rocks to Harness the Software Supply Chain

January 5, 2022 Shlomi Ben Haim, CEO | 10 min read

Together with the community, JFrog pioneered what we now know as DevOps with a focus on binaries (aka software packages, artifacts or images). A decade ago, no one thought binary management would be a thing -- now it’s a standard most companies can’t live without. Back then, we said software universality would be necessary, and…
Read More
Cloud Nimble: The Next Evolution

Cloud Nimble: The Next Evolution

January 4, 2022 Gianni Truzzi | 7 min read

Over the last several years, systems architects have had to make sure their systems are cloud native, with applications that are optimized for scalable cloud technology infrastructure. In today’s environment, you should be asking whether your solutions are cloud nimble as well. For the modern enterprise, cloud computing is now the default model for applications,…
Read More
Pulling All Your Kubernetes Cluster Images from a Private Artifactory Registry

Pulling All Your Kubernetes Cluster Images from a Private Artifactory Registry

January 3, 2022 Yaniv Rozenboim - Cloud Security Architect, Uri Peled - Production Engineer, Dana Rozen - IR SecOps Engineer | 6 min read

There are many benefits to working with JFrog Artifactory as your private Docker registry, allowing you to store, share and deploy your binary artifacts in a single source of truth. This blog post will focus on using Artifactory in Kubernetes. Specifically, we’ll walk through the steps for configuring Kubernetes to pull images from Artifactory and…
Read More
Log4j Vulnerability Alert: 100s of Exposed Packages Uncovered in Maven Central

Log4j Vulnerability Alert: 100s of Exposed Packages Uncovered in Maven Central

December 30, 2021 Ilya Khivrich | 5 min read

The high risk associated with newly discovered vulnerabilities in the highly popular Apache Log4j library - CVE-2021-44228 (also known as Log4Shell) and CVE-2021-45046 - has led to a security frenzy of unusual scale and urgency. Developers and security teams are pressed to investigate the impact of  Log4j vulnerabilities on their software, revealing multiple technical challenges…
Read More

Popular Tags

Try the JFrog Platform

In the cloud or self-hosted

Start for Free

or Book a Demo