Welcome to the JFrog Blog

Latest:

The swampUP 2023 Agenda is Live!

May 25, 2023 Stephen Chin, JFrog VP of Developer Relations

3 min read

The wait is finally over and we are pleased to announce that the swampUP agenda is live! Join us September 13 for our one day, three-track, JFrog user conference focused on DevOps, DevSecOps, customer use cases and much more. September 13 | San Jose, CA We start the day with a series of keynotes from…

Read More

FILTER BY

All
Products
Solutions
Other
Got tool sprawl? Let’s consolidate.

Got tool sprawl? Let’s consolidate.

May 25, 2023 Sean Pratt, Senior Product Marketing Manager | 5 min read

If you’re a developer, DevOps engineer, or security technician, you know the feeling of managing multiple tools at once. It’s a phenomenon so prevalent in software development that it has its own name, “tool sprawl,” and it can make it hard for teams to do their jobs efficiently. What causes tool sprawl? Problems caused by…
Read More
The JFrog Platform Delivered 393% ROI

The JFrog Platform Delivered 393% ROI

May 24, 2023 Huz Dalal, Senior Director, Product Marketing | 4 min read

I’m excited to share the findings of a Forrester Consulting Total Economic Impact™ (TEI) study, a recently commissioned study conducted by Forrester Consulting on behalf of JFrog, which examines the potential return on investment (ROI) that organizations may realize by deploying the JFrog Software Supply Chain Platform. Software has become the critical infrastructure of our…
Read More
How a software supply chain platform streamlines DevOps best practices

How a software supply chain platform streamlines DevOps best practices

May 9, 2023 JFrog Team | 5 min read

Today's software developers are tasked with a lot more than just coding. To keep up with the fast-paced software-driven economy, they need to focus on automation, collaboration, security, distribution, data analysis, and agility to ensure quality builds and get releases to customers quickly and securely. DevOps and security professionals need a centralized system of records…
Read More
From zero to breach in seconds: Why you need to focus on software supply chain security now

From zero to breach in seconds: Why you need to focus on software supply chain security now

May 10, 2023 Paul Garden, Security Product Marketing | 5 min read

The RSA Conference 2023 addressed several key issues and trends in the cybersecurity industry. Generative AI was a key topic of discussion, with attendees, executives and policymakers seeing its potential in both offense and defense in the cybersecurity arms race. The White House's National Cybersecurity Strategy was also a topic of conversation across panels and…
Read More
What is Platform Engineering?

What is Platform Engineering?

May 2, 2023 Bill Manning, Solution Engineering Manager, JFrog | 5 min read

If DevOps is an approach to software development that emphasizes collaboration between Development and Operations teams, then Platform Engineering operationalizes that approach by creating a centralized platform that has specific sets of tools and processes. It’s the discipline of designing and building toolchains and workflows that enable self-service capabilities for software engineering organizations in a…
Read More
Software Supply Chain Security at RSA Conference 2023

Software Supply Chain Security at RSA Conference 2023

April 24, 2023 Huz Dalal, Senior Director Product Marketing | 4 min read

The risk of supply chain attacks increases as more companies rely on third-party vendors and suppliers for critical services and products. Supply chain attacks have become increasingly prominent in recent years. In 2022, for instance, supply chain attacks surpassed the number of malware-based attacks by 40%. These types of attacks involve targeting a company's suppliers,…
Read More
New .NET Malware “WhiteSnake” Targets Python Developers, Uses Tor for C&C Communication

New .NET Malware “WhiteSnake” Targets Python Developers, Uses Tor for C&C Communication

April 24, 2023 Andrey Polkovnychenko, Security Researcher Brian Moussalli, Malware Research Team Lead | 17 min read

The JFrog Security Research team recently discovered a new malware payload in the PyPI repository, written in C#. This is uncommon since PyPI is primarily a repository for Python packages, and its codebase consists mostly of Python code, or natively compiled libraries used by Python programs. This finding raised our concerns about the potential for…
Read More
Analyzing Impala Stealer – Payload of the first NuGet attack campaign

Analyzing Impala Stealer – Payload of the first NuGet attack campaign

April 10, 2023 Ori Hollander, JFrog Security Research | 9 min read

Analyzing Impala Stealer - Payload of the first NuGet attack campaign In this blog post, we’ll provide a detailed analysis of a malicious payload we’ve dubbed “Impala Stealer”, a custom crypto stealer which was used as the payload for the NuGet malicious packages campaign we’ve exposed in our previous post. The sophisticated campaign targeted .NET…
Read More
Meet Aran Azarzar, JFrog’s New CIO

Meet Aran Azarzar, JFrog’s New CIO

March 30, 2023 Shlomi Ben Haim, CEO, JFrog | 5 min read

Traditionally, a company’s chief information officer (CIO), is a highly technical person who usually ‘sits in the back office’ and oversees the information technology department's resources and staff. But that basic job description has dramatically evolved over the last decade, and now CIOs are considered one of the most strategic roles in the company, charged…
Read More

Popular Tags

Try the JFrog Platform

In the cloud or self-hosted

Start a Trial

or Book a Demo