Welcome to the JFrog Blog

Latest from Artifactory :

JFrog Security research discovers coordinated attacks on Docker Hub that planted millions of malicious repositories

April 30, 2024 Andrey Polkovnichenko, JFrog Security Researcher Brian Moussalli, JFrog Malware Research Team Leader Shachar Menashe, JFrog Senior Director Security Research

19 min read

As key parts of the software ecosystem, and as partners, JFrog and Docker are working together to strengthen the software ecosystem. Part of this effort by JFrog's security research team involves continuous monitoring of open-source software registries in order to proactively identify and address potential malware and vulnerability threats. In former publications, we have discussed…

Read More
How a software supply chain platform streamlines DevOps best practices

How a software supply chain platform streamlines DevOps best practices

May 9, 2023 lorenk | 5 min read

Today's software developers are tasked with a lot more than just coding. To keep up with the fast-paced software-driven economy, they need to focus on automation, collaboration, security, distribution, data analysis, and agility to ensure quality builds and get releases to customers quickly and securely. DevOps and security professionals need a centralized system of records…
Read More
What is Platform Engineering?

What is Platform Engineering?

May 2, 2023 Bill Manning, Solution Engineering Manager, JFrog | 5 min read

If DevOps is an approach to software development that emphasizes collaboration between Development and Operations teams, then Platform Engineering operationalizes that approach by creating a centralized platform that has specific sets of tools and processes. It’s the discipline of designing and building toolchains and workflows that enable self-service capabilities for software engineering organizations in a…
Read More
Gain real-time observability into your software supply chain with the New Relic Log Analytics Integration

Gain real-time observability into your software supply chain with the New Relic Log Analytics Integration

March 15, 2023 Kristian Taernhed, Sr. Technical Alliance Manager and Mahitha Byreddy, Senior Software Engineer | 4 min read

JFrog’s new log analytics integration with New Relic brings together powerful observability capabilities to monitor, analyze, and visualize logs and metrics from self-hosted JFrog environments. The integration is free for all tiers of self-hosted JFrog customers and utilizes the powerful, open source log management tool, Fluentd, to collect, process, and surface data in New Relic…
Read More
Release Trusted Software Faster – Our New release Lifecycle Management Beta Is Here

Release Trusted Software Faster – Our New release Lifecycle Management Beta Is Here

March 9, 2023 Sean Pratt, Senior Product Marketing Manager | 4 min read

Updated August 10th, 2023: Release Lifecycle Management is now generally available for all customers. Learn more in this blog post or view our technical documentation. Releasing production-ready software is a complicated tangle of tools and processes lacking visibility, traceability, and consistency. This leads to custom integrations and human intervention, which create opportunities for mistakes, impede…
Read More
How to Onboard to a Federated Repository

How to Onboard to a Federated Repository

March 8, 2023 Muhammed Kashif, Enterprise Solution Lead, JFrog | 7 min read

Scaling up your development organization typically involves spreading development across multiple locations around the globe. One of the key challenges with multisite development is ensuring reliable access to required software packages and artifacts for teams collaborating across time zones. The JFrog Software Supply Chain Platform solves this challenge with federated repositories in JFrog Artifactory. What…
Read More
Complete your Software Supply Chain with GitLab CI/CD and JFrog

Complete your Software Supply Chain with GitLab CI/CD and JFrog

February 27, 2023 adia | 4 min read

Software is more than building code. Developing software and ensuring quality builds requires managing a complete software supply chain. With the many security threats across the supply chain, managing each and every aspect of the software you deliver to your customers, including the entire process of how it was made, is critical to your organization.…
Read More
Automate Your Deployments on Kubernetes Using GitHub Workflows and JFrog Artifactory Custom Webhooks

Automate Your Deployments on Kubernetes Using GitHub Workflows and JFrog Artifactory Custom Webhooks

February 21, 2023 adia | 7 min read

Full automation makes your Continuous Deployment (CD) faster, seamless and less error prone. For example, triggering the deployment of your Helm Chart when a Docker image is pushed to production. The latest JFrog Artifactory release makes this easy! With a new Custom Webhook feature that enables a direct integration with a variety of services such…
Read More
Prevent Inadvertent Software Supply Chain Exposures When Allowing Public Access to Private Registries

Prevent Inadvertent Software Supply Chain Exposures When Allowing Public Access to Private Registries

February 9, 2023 Sean Pratt, Senior Product Marketing Manager | 7 min read

At JFrog, we’re serious about software supply chain security. As a CVE Numbering Authority, our JFrog Security Research team regularly discovers and discloses new malicious packages and vulnerabilities posing a threat to development organizations. We know that in order to deliver trusted software on demand, you must have a secure software supply chain — making…
Read More
JFrog’s Software Artifact State of the Union is Here! See What’s Actually Being Used in Software Technology Today

JFrog’s Software Artifact State of the Union is Here! See What’s Actually Being Used in Software Technology Today

February 6, 2023 Sean Pratt, Senior Product Marketing Manager | 3 min read

As software development becomes more complex, it's important for IT and software leaders to stay up-to-date on the latest trends. Tools like Stack Overflow's Developer Survey and the Tiobe Index can be helpful, but they rely on indirect data and don't provide a full picture of what's actually being used in production. JFrog's Software Artifact…
Read More
GitHub Tried to Change the Checksum for Release Archives. You Should Start Hosting Your Own.

GitHub Tried to Change the Checksum for Release Archives. You Should Start Hosting Your Own.

January 31, 2023 Christopher McArthur, Conan Developer Advocate | 3 min read

Yesterday, GitHub changed how the archives they provided are made. The result of this change surprised developers, triggering pipeline failures all over the world in most ecosystems. According to this GitHub post, this is a consequence of recent changes to Git itself, released almost six months ago and just deployed within GitHub now with unforeseen…
Read More

Popular Tags