Welcome to the JFrog Blog

Latest from JFrog Platform :

Gain Clarity on Cloud Usage with Enhanced Monitoring from MyJFrog

November 20, 2024 The JFrog Team

5 min read

We can all agree that visibility into resource usage is crucial for optimizing performance and managing costs to drive your business — especially in today’s cloud-driven world. MyJFrog is a comprehensive management portal for overseeing JFrog cloud platform instances and subscriptions. It provides a centralized control tower to manage and monitor subscriptions, resources, and usage.…

Read More
Design Considerations for Software Distribution to Edge & IoT Applications

Design Considerations for Software Distribution to Edge & IoT Applications

February 3, 2022 Juan Perez | 12 min read

UPDATE: JFrog’s Private Distribution Network is not available for public sale at this time. Make no mistake: You can’t overlook software distribution in DevOps. At risk are the reliability, security and speed of your software releases - and your business itself.  This is especially true in enterprises that are releasing across numerous edge endpoints or…
Read More
Don’t Miss Out: Highlights from DevOps Cloud Days 2022

Don’t Miss Out: Highlights from DevOps Cloud Days 2022

February 4, 2022 Brian Cox | 6 min read

If you didn’t attend our recently concluded DevOps Cloud Days online conference, you missed a learning event that those who did called  “fantastic” and “meaningful.” In written feedback, developers, operations staff, and security admins who attended described the presentations as “powerful,” “inspiring” and “excellent.” Fortunately, it wasn’t your last chance to share that fruitful experience…
Read More
DevOps 2022: 5 Big Rocks to Harness the Software Supply Chain

DevOps 2022: 5 Big Rocks to Harness the Software Supply Chain

January 5, 2022 Shlomi Ben Haim, CEO | 10 min read

Together with the community, JFrog pioneered what we now know as DevOps with a focus on binaries (aka software packages, artifacts or images). A decade ago, no one thought binary management would be a thing -- now it’s a standard most companies can’t live without. Back then, we said software universality would be necessary, and…
Read More
Cloud Nimble: The Next Evolution for Multi-Cloud and Hybrid DevOps

Cloud Nimble: The Next Evolution for Multi-Cloud and Hybrid DevOps

January 4, 2022 Gianni Truzzi | 7 min read

Over the last several years, systems architects have had to make sure their systems are cloud native, with applications that are optimized for scalable cloud technology infrastructure. In today’s environment, you should be asking whether your solutions are cloud nimble as well. For the modern enterprise, cloud computing is now the default model for applications,…
Read More
Pulling All Your Kubernetes Cluster Images from a Private Artifactory Registry

Pulling All Your Kubernetes Cluster Images from a Private Artifactory Registry

January 3, 2022 Yaniv Rozenboim - Cloud Security Architect, Uri Peled - Production Engineer, Dana Rozen - IR SecOps Engineer | 6 min read

There are many benefits to working with JFrog Artifactory as your private Docker registry, allowing you to store, share and deploy your binary artifacts in a single source of truth. This blog post will focus on using Artifactory in Kubernetes. Specifically, we’ll walk through the steps for configuring Kubernetes to pull images from Artifactory and…
Read More
Log4j Vulnerability Alert: 100s of Exposed Packages Uncovered in Maven Central

Log4j Vulnerability Alert: 100s of Exposed Packages Uncovered in Maven Central

December 30, 2021 Ilya Khivrich | 5 min read

The high risk associated with newly discovered vulnerabilities in the highly popular Apache Log4j library - CVE-2021-44228 (also known as Log4Shell) and CVE-2021-45046 - has led to a security frenzy of unusual scale and urgency. Developers and security teams are pressed to investigate the impact of  Log4j vulnerabilities on their software, revealing multiple technical challenges…
Read More
Catching Log4j in the Wild: Find, Fix and Fortify

Catching Log4j in the Wild: Find, Fix and Fortify

December 23, 2021 Gianni Truzzi | 10 min read

At many organizations, the surprise discovery that the widely used Log4Shell open source software has harbored a longtime critical vulnerability was as if Scrooge and the Grinch had teamed up for the biggest holiday heist of all. Incident response teams across the globe have scrambled to remediate thousands, if not millions of applications. “For cybercriminals this…
Read More
Your Log4shell Remediation Cookbook Using the JFrog Platform

Your Log4shell Remediation Cookbook Using the JFrog Platform

December 18, 2021 Asaf Cohen | 9 min read

UPDATED 1/14/2022: Added information on JFrog tool to patch Docker images in Artifactory repositories. Last week, a researcher from the Alibaba Cloud Security Team dropped a zero-day remote code execution exploit on Twitter, targeting the extremely popular log4j logging framework for Java (specifically, the 2.x branch called Log4j2). The vulnerability was originally discovered and reported to…
Read More
Glide to JFrog DevSecOps with the New Experience

Glide to JFrog DevSecOps with the New Experience

December 13, 2021 Eyal Ben Moshe | 5 min read

We're excited to share with you that we have launched a completely new way to start using the JFrog DevOps Platform that you – as a developer – will love. We’ve provided a super-easy, developer-friendly path to discovering how Artifactory and Xray can help you produce safer apps, faster, getting started through the command line…
Read More

Popular Tags