Welcome to the JFrog Blog

Latest from Artifactory :

JFrog’s Best DevOps Blogs of 2021

January 13, 2022 JFrog Team

7 min read

In 2021, JFrog provided a steady stream of insightful articles about software release trends, DevOps best practices, JFrog innovations and more. Here we’ve selected what we consider the best posts of last year, in case you missed them or want to re-read them. You’ll find primers on how our customers benefit from our trailblazing partnership…

Read More
JFrog’s Best DevSecOps Blogs of 2021

JFrog’s Best DevSecOps Blogs of 2021

January 13, 2022 JFrog Team | 7 min read

Always a concern for DevOps teams, security has now become a critical part of developing and releasing software – a reality reflected on the sharp increase in JFrog blogs about DevSecOps. In fact, we generated so many hard-hitting and instructive blogs about security and compliance in 2021 that we decided our DevSecOps coverage deserved its…
Read More
Pulling All Your Kubernetes Cluster Images from a Private Artifactory Registry

Pulling All Your Kubernetes Cluster Images from a Private Artifactory Registry

January 3, 2022 Yaniv Rozenboim - Cloud Security Architect, Uri Peled - Production Engineer, Dana Rozen - IR SecOps Engineer | 6 min read

There are many benefits to working with JFrog Artifactory as your private Docker registry, allowing you to store, share and deploy your binary artifacts in a single source of truth. This blog post will focus on using Artifactory in Kubernetes. Specifically, we’ll walk through the steps for configuring Kubernetes to pull images from Artifactory and…
Read More
Log4j Vulnerability Alert: 100s of Exposed Packages Uncovered in Maven Central

Log4j Vulnerability Alert: 100s of Exposed Packages Uncovered in Maven Central

December 30, 2021 Ilya Khivrich | 5 min read

The high risk associated with newly discovered vulnerabilities in the highly popular Apache Log4j library - CVE-2021-44228 (also known as Log4Shell) and CVE-2021-45046 - has led to a security frenzy of unusual scale and urgency. Developers and security teams are pressed to investigate the impact of  Log4j vulnerabilities on their software, revealing multiple technical challenges…
Read More
Catching Log4j in the Wild: Find, Fix and Fortify

Catching Log4j in the Wild: Find, Fix and Fortify

December 23, 2021 Gianni Truzzi | 9 min read

At many organizations, the surprise discovery that the widely used Apache log4j open source software has harbored a longtime critical vulnerability was as if Scrooge and the Grinch had teamed up for the biggest holiday heist of all. Incident response teams across the globe have scrambled to remediate thousands, if not millions of applications. “For…
Read More
Log4j Log4Shell Vulnerability Q&A

Log4j Log4Shell Vulnerability Q&A

December 21, 2021 Asaf Cohen | 5 min read

In our recent webinar, Log4j Log4Shell Vulnerability Explained: All You Need To Know, our  Senior Director Security Research expert Shachar Menashe shared information on the security issue and how to detect and remediate it. We are happy to share additional information in the following Q&A, based on the questions raised during the webinar. The Log4j…
Read More
Your Log4shell Remediation Cookbook Using the JFrog Platform

Your Log4shell Remediation Cookbook Using the JFrog Platform

December 18, 2021 Asaf Cohen | 9 min read

UPDATED 1/14/2022: Added information on JFrog tool to patch Docker images in Artifactory repositories. Last week, a researcher from the Alibaba Cloud Security Team dropped a zero-day remote code execution exploit on Twitter, targeting the extremely popular log4j logging framework for Java (specifically, the 2.x branch called Log4j2). The vulnerability was originally discovered and reported to…
Read More
Glide to JFrog DevSecOps with the New Experience

Glide to JFrog DevSecOps with the New Experience

December 13, 2021 Eyal Ben Moshe | 5 min read

We're excited to share with you that we have launched a completely new way to start using the JFrog DevOps Platform that you – as a developer – will love. We’ve provided a super-easy, developer-friendly path to discovering how Artifactory and Xray can help you produce safer apps, faster, getting started through the command line…
Read More
With AWS EKS Anywhere, DevOps with Artifactory Can Be Everywhere

With AWS EKS Anywhere, DevOps with Artifactory Can Be Everywhere

November 30, 2021 Jagdish Mirani | 4 min read

With all the focus on public cloud infrastructures, it’s easy to believe that there is no room for on-premises deployments of infrastructure. However, on-prem deployments are not likely to completely go away because often it’s just the right thing to do. If you operate in highly regulated environments, with a need for heightened security over…
Read More
Announcing the JFrog Slack App for Artifactory and Xray Cloud

Announcing the JFrog Slack App for Artifactory and Xray Cloud

November 16, 2021 Deep Datta | 4 min read

Imagine a world where every team member could directly contribute to software together. We’re living in that world now. With more than 10 million daily active users, Slack is one of the most ‘lived in’ collaboration tools used by software development teams around the world. With this in mind, JFrog is excited to announce that…
Read More

Popular Tags