Welcome to the JFrog Blog

Latest:

Gain Clarity on Cloud Usage with Enhanced Monitoring from MyJFrog

November 20, 2024 The JFrog Team

5 min read

We can all agree that visibility into resource usage is crucial for optimizing performance and managing costs to drive your business — especially in today’s cloud-driven world. MyJFrog is a comprehensive management portal for overseeing JFrog cloud platform instances and subscriptions. It provides a centralized control tower to manage and monitor subscriptions, resources, and usage.…

Read More

All Blogs

JCenter Sunset on August 15th, 2024

JCenter Sunset on August 15th, 2024

July 2, 2024 Melissa McKay, JFrog Developer Advocate | 5 min read

JFrog supported the Java community as the host of the JCenter repository for Java OSS libraries, packages and components as part of JFrog’s Bintray service for several years. When Bintray was deprecated on May 1st, 2021, to make way for the development and further advancement of the JFrog Platform, JFrog decided to continue the support…
Read More
When Prompts Go Rogue: Analyzing a Prompt Injection Code Execution in Vanna.AI

When Prompts Go Rogue: Analyzing a Prompt Injection Code Execution in Vanna.AI

June 27, 2024 Natan Nehorai, JFrog Application Security Researcher | 12 min read

In the rapidly evolving fields of large language models (LLMs) and machine learning, new frameworks and applications emerge daily, pushing the boundaries of these technologies. While exploring libraries and frameworks that leverage LLMs for user-facing applications, we came across the Vanna.AI library - which offers a text-to-SQL interface for users - where we discovered CVE-2024-5565, a…
Read More
JFrog & Qwak: Accelerating Models Into Production – The DevOps Way

JFrog & Qwak: Accelerating Models Into Production – The DevOps Way

June 25, 2024 Yuval Fernbach, CTO & Co-founder, Qwak | 9 min read

We are collectively thrilled to share some exciting news: Qwak will be joining the JFrog family! Nearly four years ago, Qwak was founded with the vision to empower Machine Learning (ML) engineers to drive real impact with their ML-based products and achieve meaningful business results. Our mission has always been to accelerate, scale, and secure…
Read More
The Agenda is Live for swampUP 2024!

The Agenda is Live for swampUP 2024!

June 19, 2024 The JFrog swampUP Team | 3 min read

The excitement is building. JFrog is pleased to announce the awesome agenda we have assembled for swampUP 2024 at the Omni Barton Creek Resort & Spa in Austin. Join us Sep 9-11 for one of the premier DevOps conferences of the year, focusing on the latest trends in software development platforms, supply chain security, OSS…
Read More
JFrog4JFrog: DevSecOps Made Simple

JFrog4JFrog: DevSecOps Made Simple

June 17, 2024 Batel Zohar, JFrog Developer Advocate Dana Rozen, JFrog Senior IR SecOps Engineer | 6 min read

Developers simply want to write code without interruption, while operations wish to build as fast as possible and deploy without restrictions. On the other hand, security professionals want to protect every step of the software supply chain from any potential security threats and vulnerabilities. In software development, every piece of code can potentially introduce vulnerabilities…
Read More
Taking a GenAI Project to Production

Taking a GenAI Project to Production

June 10, 2024 Shaked Zychlinski, JFrog AI Architect | 6 min read

Generative AI and Large Language Models (LLMs) are the new revolution of Artificial Intelligence, bringing the world capabilities that we could only dream about less than two years ago. Unlike previous milestones, such as Deep Learning, in the current AI revolution, everything is happening faster than ever before. Many feel that the train is about…
Read More
How to Connect the JFrog Platform to Your GitHub Environment to Create a Seamless Integration

How to Connect the JFrog Platform to Your GitHub Environment to Create a Seamless Integration

May 30, 2024 Batel Zohar, JFrog Developer Advocate Carmit Hershman, JFrog Senior Software Architect, CTO Office | 8 min read

The latest JFrog collaboration with GitHub enables you to easily combine your favorite solutions for source code and binaries in a seamless integration. This means you now have a unified comprehensive and secure end-to-end experience that supports your software projects. This integration covers everything from curating open source packages, coding, CI, release management, deployment and…
Read More
GitHub and JFrog Partner To Unify Code and Binaries for DevSecOps

GitHub and JFrog Partner To Unify Code and Binaries for DevSecOps

May 29, 2024 Thomas Dohmke, GitHub CEO Shlomi Ben Haim, JFrog CEO and Co-Founder | 5 min read

Note: This post is co-authored by JFrog and GitHub and has also been published on the GitHub blog As the volume of code continues to grow exponentially, software developers, DevOps engineers, operations teams, security specialists, and everyone else who touches code are increasingly spending their time in the weeds of securing, delivering, and scaling software.…
Read More
The basics of securing GenAI and LLM development

The basics of securing GenAI and LLM development

May 28, 2024 Sean Pratt, JFrog Senior Product Marketing Manager | 4 min read

With the rapid adoption of AI-enabled services into production applications, it’s important that organizations are able to secure the AI/ML components coming into their software supply chain. The good news is that even if you don’t have a tool specifically for scanning models themselves, you can still apply the same DevSecOps best practices to securing…
Read More
3 Key Considerations for Securing Your Software Supply Chain

3 Key Considerations for Securing Your Software Supply Chain

May 16, 2024 Shani Achwal, Senior Product Marketing Manager | 3 min read

An organization's software supply chain includes all the elements involved in developing and distributing software, such as components, tools, processes, and dependencies. Each link in this important chain presents the potential for security threats. Recent research conducted by Gartner shows a major increase in attacks targeting code, tools, open-source components, and development processes, particularly in…
Read More

Popular Tags