Welcome to the JFrog Blog

Latest:

Continuous Training and Deployment for Machine Learning (ML) at the Edge

July 13, 2022 Juha Kiili, Technical Writer & Senior Software Developer at Valohai
Michael Vakulenko, Senior Product Manager at JFrog

7 min read

Running machine learning (ML) inference in Edge devices close to where the data is generated offers several important advantages over running inference remotely in the cloud. These include real-time processing, lower cost, the ability to work without connectivity and with increased privacy. However, today, implementing an end-to-end ML system for edge inference and continuous deployment…

Read More

FILTER BY

All
Products
Solutions
Other
Testing resiliency against malicious package attacks: a double-edged sword?

Testing resiliency against malicious package attacks: a double-edged sword?

July 12, 2022 Andrey Polkovnychenko | 13 min read

The JFrog Security research team continuously monitors popular open-source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. At times, we notice trends that are worth analyzing and learning from. Recently, we’ve noticed a…
Read More
Team Up on DevSecOps with JFrog Platform App for Microsoft Teams

Team Up on DevSecOps with JFrog Platform App for Microsoft Teams

July 11, 2022 Deep Datta and Karol Harezlak | 4 min read

The JFrog DevOps Platform is your mission-critical tool for your software development pipelines. The results of key binary management events in Artifactory, Xray, and Distribution can reveal whether or not your software pipelines are on-track to deliver production-quality releases.  The new JFrog Platform app for Microsoft Teams brings real-time visibility and awareness of what’s happening…
Read More
Creating your first Pub project with JFrog Artifactory

Creating your first Pub project with JFrog Artifactory

July 6, 2022 Batel Zohar | 7 min read

Developers today need to build software from many platforms in order to reach their users. All while maintaining quality and achieving the best user experience possible. This can be a challenging task when you need to meet the growing needs of software development. This is where the Dart and Flutter come into the picture. A…
Read More
A Journey of a Thousand Binaries

A Journey of a Thousand Binaries

June 22, 2022 Ixchel Ruiz, Developer Advocate | 5 min read

As software developers, one of the things that we worry a lot about is our software dependencies. To speed up delivery time of new functionality within our code we reuse software - we don’t have time to reinvent the wheel. We stand on the shoulders of giants and leverage all the hard work and lessons…
Read More
CVE-2022-25845 – Analyzing the Fastjson “Auto Type Bypass” RCE vulnerability

CVE-2022-25845 – Analyzing the Fastjson “Auto Type Bypass” RCE vulnerability

June 14, 2022 Uriya Yavnieli | 11 min read

A few weeks ago, a new version for Fastjson was released (1.2.83) which contains a fix for a security vulnerability that allegedly allows an attacker to execute code on a remote machine. According to several publications, this vulnerability allows an attacker to bypass the “AutoTypeCheck” mechanism in Fastjson and achieve remote code execution. This Fastjson…
Read More
5 Takeaways From “Behind the Curtain: The Road to Terraform”

5 Takeaways From “Behind the Curtain: The Road to Terraform”

June 13, 2022 Sean Pratt, JFrog Product Marketing Manager | 4 min read

How much time are you wasting initializing your Terraform environments? If your answer is, “more than we should,” then we have some tips for you.  Terraform is a popular infrastructure-as-code (IaC) tool for anyone who deploys to the cloud. We use it here at JFrog to help manage infrastructure for our SaaS customers, and recently…
Read More
Denial of Service Vulnerability in Envoy Proxy – CVE-2022-29225

Denial of Service Vulnerability in Envoy Proxy – CVE-2022-29225

June 9, 2022 Ori Hollander, JFrog Security Research | 4 min read

The JFrog Security Research team is constantly looking for new and previously unknown software vulnerabilities in popular open-source projects to help improve their security posture. As part of this effort, we recently discovered a denial of service (DoS) vulnerability in Envoy Proxy, a widely used open-source edge and service proxy server, designed for cloud-native applications…
Read More
Artifactory, Your Swift Package Repository

Artifactory, Your Swift Package Repository

June 6, 2022 Sean Pratt, Product Marketing Manager | 5 min read

If you’re looking forward to WWDC 2022 for some exciting Swift news, we have just the thing. JFrog now offers the first and only Swift binary package repository, enabling developers to use JFrog Artifactory for resolving Swift dependencies instead of enterprise source control (Git) systems. Swift developers can benefit from Artifactory’s robust binary management and…
Read More

Popular Tags

Try the JFrog Platform

In the cloud or self-hosted

Start for Free

or Book a Demo