Welcome to the JFrog Blog

Latest from Artifactory :

JFrog Security research discovers coordinated attacks on Docker Hub that planted millions of malicious repositories

April 30, 2024 Andrey Polkovnichenko, JFrog Security Researcher Brian Moussalli, JFrog Malware Research Team Leader Shachar Menashe, JFrog Senior Director Security Research

19 min read

As key parts of the software ecosystem, and as partners, JFrog and Docker are working together to strengthen the software ecosystem. Part of this effort by JFrog's security research team involves continuous monitoring of open-source software registries in order to proactively identify and address potential malware and vulnerability threats. In former publications, we have discussed…

Read More
Get Ready for Next. <br>Put DevOps, DevSecOps, and AI to Work.

Get Ready for Next.
Put DevOps, DevSecOps, and AI to Work.

September 13, 2023 adia | 5 min read

Our community has always had a “next.” There was the dawn of the computer age, when “next” meant that processing didn’t take up an entire room. There was the “next” of personal computing. Next came laptops, the internet, microservices, cloud-native, cybersecurity, automation and more. The thing that is next is always right around the corner…
Read More
Adopt a “Release-first” Approach with Release Lifecycle Management in JFrog Artifactory

Adopt a “Release-first” Approach with Release Lifecycle Management in JFrog Artifactory

September 13, 2023 zoer | 6 min read

UPDATE: As of swampUP 2023, Release Lifecycle Management includes the ability to create Xray policies to block promotion and/or distribution of Release Bundles that contain malicious packages, CVEs, etc. Read on for more information about Release Lifecycle Management. Every organization has a process for building and releasing software. Smaller organizations may run a few automated…
Read More
swampUP Sneak Peek

swampUP Sneak Peek

August 10, 2023 adia | 3 min read

TL;DR: Register for swampUP today to learn from the best DevOps and DevSecOps leaders. Summer is almost over and you know what that means… swampUP 2023 is right around the corner! If you’re like us your attention span is torn between getting your last bit of fun in the sun while at the same time…
Read More
Combine Copilot and JFrog Artifactory for Maximum Efficiency

Combine Copilot and JFrog Artifactory for Maximum Efficiency

August 7, 2023 adia | 4 min read

Writing clean and efficient code can be time consuming, but with the right tools, it can be much easier. In this blog post, we will explore how to use Copilot for code autocompletion and JFrog Artifactory for your package management. What is Copilot? ​​GitHub Copilot is an AI-powered code auto completion tool developed by OpenAI…
Read More
A Guide to Installing the JFrog Platform on Amazon EKS

A Guide to Installing the JFrog Platform on Amazon EKS

July 26, 2023 zoer | 6 min read

Amazon Elastic Kubernetes Service — or Amazon EKS — is a managed service that enables you to run Kubernetes on AWS without having to manage your own Kubernetes clusters. The JFrog Platform is available on AWS, making it super simple to deploy applications reliably and predictably, scale them quickly, roll out new features easily, and…
Read More
Seamlessly Minimize Unnecessary Data Fetching with GraphQL Queries

Seamlessly Minimize Unnecessary Data Fetching with GraphQL Queries

July 24, 2023 adia | 4 min read

Many processes in our daily software development chain require data analysis in real-time. Ensuring the reliability of the data is vital, since multiple processes may rely on it. While taking into account the performance and fetching only the relevant data that is required for our specific use case. What is GraphQL? GraphQL is a query…
Read More
Addressing the npm Manifest Confusion Vulnerability

Addressing the npm Manifest Confusion Vulnerability

July 20, 2023 adia | 6 min read

A potential security risk in the npm ecosystem known as "manifest confusion" has recently been spotlighted in a blog post by Darcy Clarke, a former Staff Engineering Manager at GitHub. Clarke mentioned that JFrog Artifactory seems to replicate this issue, so of course we investigated it right away. In this post, we will explain what…
Read More
swampUP 2023 – Top 10 Reasons To Attend

swampUP 2023 – Top 10 Reasons To Attend

June 21, 2023 JFrog Team | 3 min read

JFrog’s DevOps and DevSecOps user conference is a unique and inspiring in-person event. Here’s why you don’t want to miss it! Wednesday, September 13 | San Jose, California Get lessons learned on how industry-leading companies are approaching their DevOps and DevSecOps challenges - with fellow practitioners that have implemented large scale solutions. Including companies such…
Read More
Got tool sprawl? Let’s consolidate.

Got tool sprawl? Let’s consolidate.

May 25, 2023 lorenk | 5 min read

If you’re a developer, DevOps engineer, or security technician, you know the feeling of managing multiple tools at once. It’s a phenomenon so prevalent in software development that it has its own name, “tool sprawl,” and it can make it hard for teams to do their jobs efficiently. What causes tool sprawl? Problems caused by…
Read More

Popular Tags