Welcome to the JFrog Blog

Latest from Artifactory :

Taking a GenAI Project to Production

June 10, 2024 Shaked Zychlinski, JFrog AI Architect

6 min read

Generative AI and Large Language Models (LLMs) are the new revolution of Artificial Intelligence, bringing the world capabilities that we could only dream about less than two years ago. Unlike previous milestones, such as Deep Learning, in the current AI revolution, everything is happening faster than ever before. Many feel that the train is about…

Read More
Your SpringShell (Spring4Shell) Remediation Cookbook Using the JFrog Platform

Your SpringShell (Spring4Shell) Remediation Cookbook Using the JFrog Platform

April 1, 2022 Asaf Cohen and Boaz Blankman, JFrog Security Research Team | 11 min read

A new zero-day exploit in the spring-web package called "SpringShell" (nicknamed “Spring4Shell”) was just leaked and is threatening the internet and the community. The JFrog security research team is investigating the exploit and continuously updating our blog post with technical details on the SpringShell (Spring4Shell) vulnerability.  In this technical blog post, we explain how you…
Read More
How to Use Pub Repositories in Artifactory

How to Use Pub Repositories in Artifactory

March 16, 2022 Ben Ifrach | 9 min read

If you’re one of the growing number of client app developers embracing the Dart programming language and Flutter and AngularDart toolkits, we’ve got some exciting news for you!  JFrog can now welcome Dart developers to the empowerment of Artifactory’s robust binaries management and the ways that it contributes to continuous integration. We’ve added Pub, the…
Read More
Amplify Artifactory and Distribution Changes Through PagerDuty

Amplify Artifactory and Distribution Changes Through PagerDuty

March 2, 2022 Deep Datta | 6 min read

When automated software delivery runs smoothly, it can whisper, and quietly attend to itself. But when your delivery and distribution pipeline runs into a problem, it must shout. Boosting the volume of Artifactory and Distribution change events and issues through PagerDuty can help ensure they’re heard by everyone whose job it is to monitor your…
Read More
How to set up a Private, Remote and Virtual Go Registry

How to set up a Private, Remote and Virtual Go Registry

February 23, 2022 Batel Zohar | 5 min read

The simplest way to manage and organize your Go dependencies is with a Go Repository. You need reliable, secure, consistent and efficient access to your dependencies that are shared across your team, in a central location. Including a place to set up multiple registries, that work transparently with the Go client. With the JFrog free…
Read More
JFrog’s Best DevSecOps Blogs of 2021

JFrog’s Best DevSecOps Blogs of 2021

January 13, 2022 JFrog Team | 7 min read

Always a concern for DevOps teams, security has now become a critical part of developing and releasing software – a reality reflected on the sharp increase in JFrog blogs about DevSecOps. In fact, we generated so many hard-hitting and instructive blogs about security and compliance in 2021 that we decided our DevSecOps coverage deserved its…
Read More
Pulling All Your Kubernetes Cluster Images from a Private Artifactory Registry

Pulling All Your Kubernetes Cluster Images from a Private Artifactory Registry

January 3, 2022 Yaniv Rozenboim - Cloud Security Architect, Uri Peled - Production Engineer, Dana Rozen - IR SecOps Engineer | 6 min read

There are many benefits to working with JFrog Artifactory as your private Docker registry, allowing you to store, share and deploy your binary artifacts in a single source of truth. This blog post will focus on using Artifactory in Kubernetes. Specifically, we’ll walk through the steps for configuring Kubernetes to pull images from Artifactory and…
Read More
Log4j Vulnerability Alert: 100s of Exposed Packages Uncovered in Maven Central

Log4j Vulnerability Alert: 100s of Exposed Packages Uncovered in Maven Central

December 30, 2021 Ilya Khivrich | 5 min read

The high risk associated with newly discovered vulnerabilities in the highly popular Apache Log4j library - CVE-2021-44228 (also known as Log4Shell) and CVE-2021-45046 - has led to a security frenzy of unusual scale and urgency. Developers and security teams are pressed to investigate the impact of  Log4j vulnerabilities on their software, revealing multiple technical challenges…
Read More
Catching Log4j in the Wild: Find, Fix and Fortify

Catching Log4j in the Wild: Find, Fix and Fortify

December 23, 2021 Gianni Truzzi | 10 min read

At many organizations, the surprise discovery that the widely used Log4Shell open source software has harbored a longtime critical vulnerability was as if Scrooge and the Grinch had teamed up for the biggest holiday heist of all. Incident response teams across the globe have scrambled to remediate thousands, if not millions of applications. “For cybercriminals this…
Read More
Your Log4shell Remediation Cookbook Using the JFrog Platform

Your Log4shell Remediation Cookbook Using the JFrog Platform

December 18, 2021 Asaf Cohen | 9 min read

UPDATED 1/14/2022: Added information on JFrog tool to patch Docker images in Artifactory repositories. Last week, a researcher from the Alibaba Cloud Security Team dropped a zero-day remote code execution exploit on Twitter, targeting the extremely popular log4j logging framework for Java (specifically, the 2.x branch called Log4j2). The vulnerability was originally discovered and reported to…
Read More
Glide to JFrog DevSecOps with the New Experience

Glide to JFrog DevSecOps with the New Experience

December 13, 2021 Eyal Ben Moshe | 5 min read

We're excited to share with you that we have launched a completely new way to start using the JFrog DevOps Platform that you – as a developer – will love. We’ve provided a super-easy, developer-friendly path to discovering how Artifactory and Xray can help you produce safer apps, faster, getting started through the command line…
Read More

Popular Tags