Welcome to the JFrog Blog

Latest:

Beyond Mirroring: 5 Reasons Your DevOps Strategy Depends on Repository Federation

March 10, 2026 Achinoam Katsoff-Sitton, JFrog Product Marketing Manager, DevOps

5 min read

For today’s leading enterprise computing environments, the concept of  "centralized headquarters" is a relic. Today, R&D happens on different continents, spanning cloud, on-prem and hybrid environments, while stretching across multiple regulatory jurisdictions. But here is the hard truth: Most global organizations are still managing their binaries using legacy mirroring or "blind" infrastructure-level syncing. They treat…

Read More

All Blogs

How JFrog’s AI-Research Bot Found OSS CI/CD Vulnerabilities to Prevent Shai Hulud 3.0

How JFrog’s AI-Research Bot Found OSS CI/CD Vulnerabilities to Prevent Shai Hulud 3.0

March 5, 2026 Barak Haryati, JFrog Senior Director of Product Security | 18 min read

Recent incidents have proven that Continuous Integration (CI) workflows are the new battleground for software supply chain attacks. Security Pitfalls in GitHub Actions workflows, such as the unsanitized use of pull request (PR) data, can allow attackers to execute malicious code during CI runs with devastating consequences. For example, the high-profile "S1ngularity" attack on the…
Read More
NIS2 Compliance in 2026: Compliance Doesn’t Have to Mean Complexity

NIS2 Compliance in 2026: Compliance Doesn’t Have to Mean Complexity

March 2, 2026 Danny Parizada, JFrog Senior Solution Engineer | 7 min read

Originally published February 2025 and updated March 2026. The Network and Information Systems Directive 2 (NIS2) is the European Union’s effort to fortify cybersecurity across critical industries and services. Building on the original NIS Directive, NIS2 has broadened its scope, introduced stricter requirements, and placed greater emphasis on supply chain security. As we move further…
Read More
JFrog Earns Microsoft Solutions Partner with Certified Software Designation for Azure

JFrog Earns Microsoft Solutions Partner with Certified Software Designation for Azure

March 5, 2026 Dante Zannoni, JFrog Director, Cloud Alliances - Azure Eyal Zafrani, JFrog DevOps Team Leader - Cloud Engineering Eran Nissan, JFrog Senior DevOps Architect - DevX Shiran Melamed, DevOps Group Leader | 6 min read

We’re excited to announce that JFrog has officially earned the Microsoft Solutions Partner with certified software designation for Azure. This status is granted to partners who complete a technical review audit for interoperability with Microsoft products and demonstrate a consistent track record of customer success. For our customers, this means the JFrog Software Supply Chain…
Read More
Native Nix Support in Artifactory: The Binary Cache for the Enterprise

Native Nix Support in Artifactory: The Binary Cache for the Enterprise

February 25, 2026 Tom Arie, JFrog Product Manager | 6 min read

The "works on my machine" era is officially over. Nix is changing the way we think about software by treating packages as functional, immutable values, ensuring that a build works exactly the same way every time, on every machine. But while Nix excels on a local laptop, scaling that level of reproducibility across a global…
Read More
JFrog Takes Software Resilience to the Next Level with 99.99% Uptime SLA

JFrog Takes Software Resilience to the Next Level with 99.99% Uptime SLA

February 24, 2026 Sean Pratt, Senior Manager, JFrog | 5 min read

Software delivery is no longer a back-office function; it’s the heartbeat of the modern enterprise. While a 99.9% uptime SLA for essential software delivery services works for many, the acceleration of software velocity has made the "three-nines" benchmark a possible liability. For high performing software organizations, and those delivering critical services, nine hours of annual…
Read More
From Prompt to Production: The New AI Software Supply Chain Security

From Prompt to Production: The New AI Software Supply Chain Security

February 23, 2026 Yoav Landman, CTO & Co-founder, JFrog | 7 min read

Listen to a NotebookLM podcast version of the blog:   When Anthropic announced Claude Code’s new security scanning capabilities, following the announcement of OpenAI's Aardvark, it marked an important moment for the industry. For the first time, expert-level security review is becoming embedded directly into the act of writing code. Subtle, context-dependent vulnerabilities can now…
Read More
The Need for Clean in the AI Era

The Need for Clean in the AI Era

February 19, 2026 Sean Pratt, Senior Manager, JFrog | 4 min read

In the AI era, software and new models are being born at a breakneck pace—but they’re also bringing a lot of "baggage" into the world. While AI coding agents are busy accelerating innovation, they’re also excellent at generating a massive byproduct: “digital dust.” Between obsolete releases, orphaned dependencies, and massive model versions, your repository may…
Read More

Popular Tags