2023 was a big year. There were many interesting challenges and exciting developments within our industry, like the continued evolution of AI/ML, the discovery and remediation of widespread CVEs, and major leaps forward in the realm of end-to-end software supply chain security.
In that spirit, we want to recap the news and articles that you were most interested in last year. If you missed out on these, don’t fret! Get caught up with the recaps below so you can be prepared for what’s to come in 2024. Without further ado, here are the top 10 software supply chain blogs of 2023:
- JFrog’s Software Artifact State of the Union is Here! See What’s Actually Being Used in Software Technology Today
- The JFrog Platform Delivered 393% ROI
- Making the Move to Consolidation: Reducing Sprawl in 2023
- Unveiling Secrets Detection with JFrog Frogbot
- Collect and Manage Your Binary Metadata Using Build-Info
- Release with Trust or Die – Key swampUP 2023 Announcements
- Top Four JFrog Artifactory Enterprise Use Cases
- JFrog’s Cloud Migration Story
- Announcing the New JFrog Partner Program! The Evolving Tech Landscape Requires Agile Partnership Strategies
- International Cyber Security Month Tips
1. JFrog’s Software Artifact State of the Union is Here! See What’s Actually Being Used in Software Technology Today
As software development becomes more complex, it’s important for IT and software leaders to stay up-to-date on the latest trends. JFrog’s Software Artifact State of the Union provides a unique perspective on what technologies are being used to create software today. It’s based on data from JFrog Artifactory, which is used by over 7,000 customers worldwide, including the majority of the Fortune 100. So what did the report find? Read it to find out!
Using the JFrog Software Supply Chain Platform, teams have shrunk time to market, reduced wait times, and improved software supply chain security, enabling their organizations to deliver greater business value. How much value? This commissioned study conducted by Forrester Consulting on behalf of JFrog, examines the potential return on investment (ROI) that organizations may realize by deploying the JFrog Software Supply Chain Platform.
Sprawl is often seen as a natural result of the flexibility and empowerment of dev teams to choose their own tools, but organizations now understand the need for a single, streamlined system. While flexibility to choose the right tool for the job has enabled teams to move quickly, the result is a complex web of systems and processes to deliver software. If you’re considering a tool consolidation journey, here are three areas ripe for consolidation.
Secrets are the keys to unlocking sensitive data and systems and are like hidden gems for attackers. As organizations adopt DevOps practices, artifacts containing secrets are often stored and shared across various stages of the software supply chain, amplifying the risk of exposure. Secrets Detection with JFrog Frogbot delivers the proactive and holistic DevOps security today’s organizations require.
There is a considerable amount of information about binaries that can be collected during the build phase when they are being created. That’s why we developed an entity in JFrog Artifactory called build-info, JFrog’s own SBOM format, available as an open source tool. Build-info is essentially a recording of the build. So, what can we do with the information stored in the build-info? What value can it bring to us?
Every year, JFrog brings the DevOps community and some of the world’s leading corporations together for the annual swampUP conference, aimed at providing real solutions to developers and development teams in practical ways to prepare us all for what’s coming next. 2023 may have seen the most consequential announcements in recent memory, including those around Release Lifecycle Management, MLOps/AI, JFrog Curation and Catalog, and JFrog SAST.
As the integrated hub of the development ecosystem, enterprise organizations leverage JFrog Artifactory as the definitive single source of truth and system of record for software packages, continuously controlling how they flow from development to consumption at maximum speed and scale. These Artifactory use cases represent some of the challenges that many enterprise DevOps teams face every day.
Since inception in 2008, JFrog has hosted its own development environments on-prem. While this approach worked well for a time, the increasing need to deploy faster, while sustaining high quality and reducing hosting costs made us realize that we needed to leverage the JFrog SaaS Production environment. So in 2022, we started an effort to migrate our RnD environments from an on-prem solution to JFrog SaaS Production. This is the story.
9. Announcing the New JFrog Partner Program! The Evolving Tech Landscape Requires Agile Partnership Strategies
Doing the same thing over and over and expecting different results is the definition of insanity, as the saying goes. So why do we, in the tech industry, continue to look at our partnerships, incentives and processes the same way we have for 20 years? JFrog’s new channel partner program is different, designed specifically to make technology accessible for your customers, and simplifying the way you think about go-to-market motions.
Securing your software supply chain is an imperative, not an option. The heart of security lies in your CI/CD pipelines, fortified by code review and analysis. But it doesn’t stop at prevention; an incident response plan and access control are crucial. This holistic approach equips organizations to build a resilient and trusted software development process. Embrace these best practices as a culture of security, ensuring reliability and user trust in the ever-evolving digital landscape.