Welcome to the JFrog Blog

Latest from JFrog Platform :

JFrog & Industry Leaders Join White House Summit on Open Source Software Security

May 18, 2022 Stephen Chin, VP of Developer Relations, JFrog

6 min read

There’s no question the volume, sophistication and severity of software supply chain attacks has increased in the last year. In recent months the JFrog Security Research team tracked nearly 20 different open source software supply chain attacks – two of which were zero day threats. This steady barrage of vulnerabilities and malicious packages is driving…

Read More
npm supply chain attack targets Germany-based companies with dangerous backdoor malware

npm supply chain attack targets Germany-based companies with dangerous backdoor malware

May 10, 2022 Andrey Polkovnychenko and Shachar Menashe | 9 min read

Update May 11th: Following the publication of this blog post, a penetration testing company called "Code White" took responsibility for this dependency confusion attack The JFrog Security research team constantly monitors the npm and PyPI ecosystems for malicious packages that may lead to widespread software supply chain attacks. Last month, we shared a widespread npm…
Read More
Getting Real About Multi-Cloud DevOps

Getting Real About Multi-Cloud DevOps

April 14, 2022 Sean Pratt, JFrog Product Marketing Manger | 4 min read

By now you’ve probably gotten the message - multi-cloud DevOps (or a hybrid on-prem/cloud approach) is the future of development and deployment architectures. The benefits of this approach are pretty clear: future proofing your business, optimizing for performance and availability, avoiding vendor lock-in, leveraging the best tools/elements of each cloud provider, and more.  If you’re…
Read More
Welcome to the “New Normal” for Your Software Supply Chain

Welcome to the “New Normal” for Your Software Supply Chain

April 6, 2022 Mehdi Sif, Head of Product Marketing | 5 min read

The new world is “always-on,” hyper-connected, massively distributed, and moving at an accelerated “near-real-time” pace. Billions of active end-points such as bay stations (5G), vehicles, drones, and robots, each with various combinations of sensors, cameras, HW-acceleration plug-ins, host an exponential number of versions of embedded software bios, drivers, diagnostic, management, and other applications, with increasingly…
Read More
How to Integrate JFrog and Cycode

How to Integrate JFrog and Cycode

April 4, 2022 Batel Zohar | 3 min read

Four years ago the Clark School of engineering at the University of Maryland published a study quantifying that there is some kind of hacker attack happening every 39 seconds (on average). Which is unreal!! Source: University of Maryland A cyberattack can harm millions of people. Let’s take for example the Atlanta ransomware attack that used…
Read More
JFrog Introduces New Support for COBOL in Artifactory

JFrog Introduces New Support for COBOL in Artifactory

April 1, 2022 JFrog Team | 3 min read

You read correctly devs and software engineers - JFrog Artifactory now includes full support for COBOL (Common Business-Oriented Language)!! This legendary software pillar in designing business applications, is making a comeback due to its incredible flexibility in being operating system-agnostic, giving customers more options for supporting their diverse enterprise environments.  Created for transaction processing and…
Read More
Part II: A Journey Into the World of An Automated Security Operation Center (SOC)

Part II: A Journey Into the World of An Automated Security Operation Center (SOC)

March 17, 2022 Dana Rozen | 8 min read

Security operation teams continuously aim to focus on two main things: 1. Real cyber security threats (also known as “True Positive Alerts”), and 2. Reducing response time, especially when you have so many different sources to monitor. However, in reality, we deal with hundreds of security alerts on a daily basis, many of which are…
Read More
Shift Left for DevSecOps Success

Shift Left for DevSecOps Success

March 10, 2022 Bill Manning, Solutions Architect / Engineering Manager, JFrog | 7 min read

Not long ago, developers built applications with little awareness about security and compliance. Checking for vulnerabilities, misconfigurations and policy violations wasn’t their job. After creating a fully-functional application, they’d throw it over the proverbial fence, and a security team would evaluate it at some point – or maybe never. Those days are gone – due…
Read More
Our Solution for Scalable Multi-Region SaaS Deployment

Our Solution for Scalable Multi-Region SaaS Deployment

February 8, 2022 Uri Peled and Amit Michaely | 7 min read

Just like many other production DevOps engineering teams, our JFrog team deploys new version releases several times a day to AWS, Azure and GCP, across more than 20 cloud regions. This process used to take us many hours and could have even failed if it was done alongside maintenance by other teams. As part of…
Read More

Popular Tags