Welcome to the JFrog Blog

DevOps Visionaries to Discuss Software Innovation at swampUP 2021

DevOps Visionaries to Discuss Software Innovation at swampUP 2021

In a unique, must-see joint appearance, five CEOs at the forefront of DevOps innovation will take the virtual stage at JFrog’s swampUP 2021 conference to candidly share their insights about the future of DevOps. JFrog CEO Shlomi Ben Haim will be joined by his counterparts at fellow DevOps industry leaders Datadog, Elastic, HashiCorp, and PagerDuty…
Automatically Assess and Remediate the SolarWinds Hack

Automatically Assess and Remediate the SolarWinds Hack

With software supply chain attacks on the rise, are you wondering how you can recover quickly from the recent SolarWinds breach at your company? Months after its discovery, the devastating SolarWinds hack remains a top concern for business, government and IT leaders. This destructive supply chain attack put the spotlight on software development security --…
3 Ways for Administrators to Scale DevOps Projects | JFrog

3 Ways for Administrators to Scale DevOps Projects | JFrog

With the global pandemic transforming the majority of customer interactions and transactions to operate in a contactless world, software development has accelerated to address the market shift towards digital businesses. For many enterprises managing this increase in volume and velocity of development projects has added stress to their processes and workforce. With this increased workload,…
Scaling Software Supply Chains Securely

Scaling Software Supply Chains Securely

Software supply chains are mission-critical for digital businesses, and as global conditions accelerate the growth in contactless interactions and transactions, many organizations are reviewing how to solve the challenge of scaling the volume and velocity of their software development and release processes to meet the digital demand.  The latest JFrog Platform release delivers a rich…
What’s New with JFrog Artifactory and Xray

What’s New with JFrog Artifactory and Xray

TL;DR Get the latest on self-hosted Docker rate limits, cutting through violation noise and new package type support. Without doubt, 2020 has been one of the most challenging years for everyone in recent history, but especially for those in the world of DevOps. JFrog has strived to continue developing and innovating at the same pace,…
Automate DAST in DevSecOps With JFrog and NeuraLegion

Automate DAST in DevSecOps With JFrog and NeuraLegion

NeuraLegion’s VP Oliver Moradov takes us through how you can use JFrog and NeuraLegion to automate AppSec testing in your pipelines. The days of long release cycles are well and truly behind us -- it is simply not feasible in our agile development world, with developers delivering software and more features at an unprecedented scale…
Yet Another Case for Using Exclude Patterns in Remote Repositories: Namespace Shadowing (a.k.a. “Dependency Confusion”) Attack

Yet Another Case for Using Exclude Patterns in Remote Repositories: Namespace Shadowing (a.k.a. “Dependency Confusion”) Attack

TL;DR The npm Registry is vulnerable to supply chain namespace shadowing, also known as "Dependency Confusion" attacks. Make sure you create npm scoped packages and force exclude patterns. Long-time Obsession with Exclude Patterns I remember the first JFrog customer training I delivered in February 2012. This slide was the one where I explained the importance…
Our Groundbreaking Partnership with Docker Is a Boon for DevOps Teams

Our Groundbreaking Partnership with Docker Is a Boon for DevOps Teams

Today we’re announcing a big move that will yield substantial, concrete benefits for our customers and for the entire DevOps community: A groundbreaking partnership with Docker that exempts Cloud users of the JFrog DevOps Platform from Docker Hub’s image-pull rate limits. This agreement further boosts JFrog’s vibrant ecosystem of integration partners, built on the “too…
A Two-Way Jira Speedway, the JFrog Artifactory App

A Two-Way Jira Speedway, the JFrog Artifactory App

The path between two clouds ought to be a speedy two-way street. That’s the DevOps pipeline principle behind the JFrog Artifactory App for Jira, which forges a traceable link between your issues in Jira Cloud and your builds in Artifactory on the JFrog DevOps Platform for cloud.  Bringing Issue Tracking to your DevOps Pipeline Once…