Welcome to the JFrog Blog

Latest from JFrog Platform :

Gain Clarity on Cloud Usage with Enhanced Monitoring from MyJFrog

November 20, 2024 The JFrog Team

5 min read

We can all agree that visibility into resource usage is crucial for optimizing performance and managing costs to drive your business — especially in today’s cloud-driven world. MyJFrog is a comprehensive management portal for overseeing JFrog cloud platform instances and subscriptions. It provides a centralized control tower to manage and monitor subscriptions, resources, and usage.…

Read More
Improve Cloud Visibility with JFrog’s SaaS Log Streamer

Improve Cloud Visibility with JFrog’s SaaS Log Streamer

February 5, 2024 drewt | 5 min read

Updated November 27, 2024: JFrog’s SaaS Log Streamer now supports log streaming to Datadog, Dataset, Dynatrace, Elastic, Grafana Loki, New Relic, and Splunk. This log streaming service is available to customers on JFrog Cloud Enterprise+ subscriptions. The beauty of deploying SaaS-based applications is that you don’t have to worry about building the infrastructure, hiring engineers…
Read More
Empowering DevSecOps: JFrog’s Enterprise-Ready Platform for Federal NIST SP 800-218 Compliance

Empowering DevSecOps: JFrog’s Enterprise-Ready Platform for Federal NIST SP 800-218 Compliance

January 31, 2024 adia | 5 min read

As an integrator or government agency providing mission-critical software, the question to ask yourself is “Is my software development environment NIST SP 800-218 compliant?”. Compliance with NIST SP 800-218 and the SSDF (Secure Software Development Framework) is mandatory, and it’s time to ensure your software supply chain is compliant. Learn more about JFrog's DevSecOps solutions…
Read More
*nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 2 of 2

*nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 2 of 2

January 24, 2024 adia | 15 min read

The JFrog Security research team has recently discovered two security vulnerabilities in X.Org libX11, the widely popular graphics library - CVE-2023-43786 and CVE-2023-43787 (with a high NVD severity CVSS 7.8). These vulnerabilities cause a denial-of-service and remote code execution. X11’s latest versions contain fixes for these vulnerabilities. The team constantly monitors open-source projects to find…
Read More
How Capture the Flag Raises Security Awareness and Enhances Enforcement

How Capture the Flag Raises Security Awareness and Enhances Enforcement

January 22, 2024 drewt | 7 min read

While many are familiar with championship sports teams like Manchester United, the New York Yankees and Montreal Canadiens, the real question is whether you have ever heard of perennial champions such as "Plaid Parliament of Pwning", "More Smoked Leet Chicken" and "Dragon Sector". If not, then get ready to meet the leading teams in the…
Read More
*nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 1 of 2

*nix libX11: Uncovering and exploiting a 35-year-old vulnerability – Part 1 of 2

January 17, 2024 adia | 14 min read

The JFrog Security research team has recently discovered two security vulnerabilities in X.Org libX11, the widely popular graphics library - CVE-2023-43786 and CVE-2023-43787 (with a high NVD severity CVSS 7.8). These vulnerabilities cause a denial-of-service and remote code execution. X11’s latest versions contain fixes for these vulnerabilities. The team constantly monitors open-source projects to find…
Read More
Top JFrog Security Research Blogs of the Year

Top JFrog Security Research Blogs of the Year

January 12, 2024 drewt | 9 min read

With over 29,000 CVEs and 5.5 billion malware attacks recorded in the past year, it's no wonder that software supply chain security is a top priority for enterprise developers on a global scale. That is also why JFrog Security Research has been instrumental in identifying and analyzing the biggest threats and devising methods to protect…
Read More
What is JFrog Security?

What is JFrog Security?

January 8, 2024 zoer | 8 min read

The security of the software supply chain is rapidly becoming a paramount concern for organizations — and for good reason. With the increasing number of published Common Vulnerabilities and Exposures (CVEs), developers face the challenge of delivering software faster than ever before. However, in their quest for speed, many dev and security teams have resorted…
Read More
Navigating AI’s New Horizons: Empowering AI Model Development, Security and Compliance

Navigating AI’s New Horizons: Empowering AI Model Development, Security and Compliance

December 14, 2023 drewt | 6 min read

The Wake-Up Call The rapid rise of artificial intelligence, more specifically, generative AI systems such as OpenAI’s ChatGPT, has simultaneously spurred intense development and concern over the past year. On the 30th of October, President Joe Biden signed an Executive Order that urges new federal standards for AI development, safety, security, and trustworthiness that also…
Read More
2023 Best of JFrog Software Supply Chain Blogs

2023 Best of JFrog Software Supply Chain Blogs

January 11, 2024 zoer | 7 min read

2023 was a big year. There were many interesting challenges and exciting developments within our industry, like the continued evolution of AI/ML, the discovery and remediation of widespread CVEs, and major leaps forward in the realm of end-to-end software supply chain security. In that spirit, we want to recap the news and articles that you…
Read More
Proactive Vulnerability Management is a <i>No Brainer</i> for Security, but…

Proactive Vulnerability Management is a No Brainer for Security, but…

January 4, 2024 drewt | 6 min read

In December 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) identified exploits against vulnerable public-facing applications as the most common initial attack vector for cybercriminals, followed by attacks on external remote services such as VPNs. According to a study by CrowdStrike, exploit activity targeting cloud apps and assets grew 95% from 2021 to 2022,…
Read More

Popular Tags