Welcome to the JFrog Blog

Latest from JFrog Platform :

Elevate and Streamline Your Developer Experience with JFrog-Coder Fusion

April 10, 2024 Yonatan Arbel, Developer Advocate

5 min read

It’s a scenario many developers know all too well: a configuration works flawlessly for one team member but doesn’t work for you. Starting a new job brings with it the excitement of fresh challenges and opportunities. However, it also entails the often painful task of setting up your development environment—a process that can be both…

Read More
Analyzing common vulnerabilities introduced by Code-Generative AI

Analyzing common vulnerabilities introduced by Code-Generative AI

February 7, 2024 adia | 15 min read

Artificial Intelligence tools such as Bard, ChatGPT, and Bing Chat are the current big names in the Large Language Model (LLM) category which is on the rise. LLMs are trained on vast data sets to be able to communicate by using everyday human language as a chat prompt. Given the flexibility and potential of LLMs,…
Read More
Improve Cloud Visibility with JFrog’s SaaS Log Streamer

Improve Cloud Visibility with JFrog’s SaaS Log Streamer

February 5, 2024 drewt | 5 min read

The beauty of deploying SaaS-based applications is that you don’t have to worry about building the infrastructure, hiring engineers to maintain it, staying on top of upgrades or worry about application security. Indeed, these are some of the main benefits you get by using a SaaS offering. However, the world of software is full of…
Read More
Empowering DevSecOps: JFrog’s Enterprise-Ready Platform for Federal NIST SP 800-218 Compliance

Empowering DevSecOps: JFrog’s Enterprise-Ready Platform for Federal NIST SP 800-218 Compliance

January 31, 2024 adia | 5 min read

As an integrator or government agency providing mission-critical software, the question to ask yourself is “Is my software development environment NIST SP 800-218 compliant?”. Compliance with NIST SP 800-218 and the SSDF (Secure Software Development Framework) is mandatory, and it’s time to ensure your software supply chain is compliant. Learn more about JFrog's DevSecOps solutions…
Read More
*nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 2 of 2

*nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 2 of 2

January 24, 2024 adia | 15 min read

The JFrog Security research team has recently discovered two security vulnerabilities in X.Org libX11, the widely popular graphics library - CVE-2023-43786 and CVE-2023-43787 (with a high NVD severity CVSS 7.8). These vulnerabilities cause a denial-of-service and remote code execution. X11’s latest versions contain fixes for these vulnerabilities. The team constantly monitors open-source projects to find…
Read More
How Capture the Flag Raises Security Awareness and Enhances Enforcement

How Capture the Flag Raises Security Awareness and Enhances Enforcement

January 22, 2024 drewt | 7 min read

While many are familiar with championship sports teams like Manchester United, the New York Yankees and Montreal Canadiens, the real question is whether you have ever heard of perennial champions such as "Plaid Parliament of Pwning", "More Smoked Leet Chicken" and "Dragon Sector". If not, then get ready to meet the leading teams in the…
Read More
*nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 1 of 2

*nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 1 of 2

January 17, 2024 adia | 14 min read

The JFrog Security research team has recently discovered two security vulnerabilities in X.Org libX11, the widely popular graphics library - CVE-2023-43786 and CVE-2023-43787 (with a high NVD severity CVSS 7.8). These vulnerabilities cause a denial-of-service and remote code execution. X11’s latest versions contain fixes for these vulnerabilities. The team constantly monitors open-source projects to find…
Read More
Top JFrog Security Research Blogs of the Year

Top JFrog Security Research Blogs of the Year

January 12, 2024 drewt | 9 min read

With over 29,000 CVEs and 5.5 billion malware attacks recorded in the past year, it's no wonder that software supply chain security is a top priority for enterprise developers on a global scale. That is also why JFrog Security Research has been instrumental in identifying and analyzing the biggest threats and devising methods to protect…
Read More
Evolving ML Model Versioning

Evolving ML Model Versioning

January 11, 2024 zoer | 9 min read

TL;DR: JFrog’s ML Model Management capabilities, which help bridge the gap between AI/ML model development and DevSecOps, are now Generally Available and come with a new approach to versioning models that benefit Data Scientists and DevOps Engineers alike.  Model versioning can be a frustrating process with many considerations when taking models from Data Science to…
Read More
2023 Best of JFrog Software Supply Chain Blogs

2023 Best of JFrog Software Supply Chain Blogs

January 11, 2024 zoer | 7 min read

2023 was a big year. There were many interesting challenges and exciting developments within our industry, like the continued evolution of AI/ML, the discovery and remediation of widespread CVEs, and major leaps forward in the realm of end-to-end software supply chain security. In that spirit, we want to recap the news and articles that you…
Read More
What is JFrog Security?

What is JFrog Security?

January 8, 2024 zoer | 8 min read

The security of the software supply chain is rapidly becoming a paramount concern for organizations — and for good reason. With the increasing number of published Common Vulnerabilities and Exposures (CVEs), developers face the challenge of delivering software faster than ever before. However, in their quest for speed, many dev and security teams have resorted…
Read More

Popular Tags