Welcome to the JFrog Blog

Latest from JFrog Platform :

JFrog Security research discovers coordinated attacks on Docker Hub that planted millions of malicious repositories

April 30, 2024 Andrey Polkovnichenko, JFrog Security Researcher Brian Moussalli, JFrog Malware Research Team Leader Shachar Menashe, JFrog Senior Director Security Research

19 min read

As key parts of the software ecosystem, and as partners, JFrog and Docker are working together to strengthen the software ecosystem. Part of this effort by JFrog's security research team involves continuous monitoring of open-source software registries in order to proactively identify and address potential malware and vulnerability threats. In former publications, we have discussed…

Read More
Evolving ML Model Versioning

Evolving ML Model Versioning

January 11, 2024 zoer | 9 min read

TL;DR: JFrog’s ML Model Management capabilities, which help bridge the gap between AI/ML model development and DevSecOps, are now Generally Available and come with a new approach to versioning models that benefit Data Scientists and DevOps Engineers alike.  Model versioning can be a frustrating process with many considerations when taking models from Data Science to…
Read More
2023 Best of JFrog Software Supply Chain Blogs

2023 Best of JFrog Software Supply Chain Blogs

January 11, 2024 zoer | 7 min read

2023 was a big year. There were many interesting challenges and exciting developments within our industry, like the continued evolution of AI/ML, the discovery and remediation of widespread CVEs, and major leaps forward in the realm of end-to-end software supply chain security. In that spirit, we want to recap the news and articles that you…
Read More
What is JFrog Security?

What is JFrog Security?

January 8, 2024 zoer | 8 min read

The security of the software supply chain is rapidly becoming a paramount concern for organizations — and for good reason. With the increasing number of published Common Vulnerabilities and Exposures (CVEs), developers face the challenge of delivering software faster than ever before. However, in their quest for speed, many dev and security teams have resorted…
Read More
Proactive Vulnerability Management is a <i>No Brainer</i> for Security, but…

Proactive Vulnerability Management is a No Brainer for Security, but…

January 4, 2024 drewt | 6 min read

In December 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) identified exploits against vulnerable public-facing applications as the most common initial attack vector for cybercriminals, followed by attacks on external remote services such as VPNs. According to a study by CrowdStrike, exploit activity targeting cloud apps and assets grew 95% from 2021 to 2022,…
Read More
Empowering Kubernetes Security: JFrog’s Seamless Integration with AWS AssumeRole

Empowering Kubernetes Security: JFrog’s Seamless Integration with AWS AssumeRole

December 15, 2023 drewt | 4 min read

Security Use Cases for AWS AssumeRole In the fast-paced environment of cloud-native apps, security and seamless connections are a priority. Many DevOps and SecOps professionals use Kubernetes native features to handle their container security, keeping a tight grip on access and secrets to improve security posture. The integration between AWS AssumeRole and JFrog Access in…
Read More
Navigating AI’s New Horizons: Empowering AI Model Development, Security and Compliance

Navigating AI’s New Horizons: Empowering AI Model Development, Security and Compliance

December 14, 2023 drewt | 6 min read

The Wake-Up Call The rapid rise of artificial intelligence, more specifically, generative AI systems such as OpenAI’s ChatGPT, has simultaneously spurred intense development and concern over the past year. On the 30th of October, President Joe Biden signed an Executive Order that urges new federal standards for AI development, safety, security, and trustworthiness that also…
Read More
Self-Hosted or SaaS, JFrog Has You Covered

Self-Hosted or SaaS, JFrog Has You Covered

January 2, 2024 Rakesh Krishna, JFrog Solution Engineer | 7 min read

Freedom of choice can make choosing harder. Since a JFrog cloud (SaaS) account provides the same functionality as a self-hosted JFrog Software Supply Chain Platform how will you decide which is right for you?  Choice without tradeoffs is one of the key ways JFrog enables you to be cloud-nimble, and run the mission-critical heart of…
Read More
JFrog Log Analytics with Datadog just got better!

JFrog Log Analytics with Datadog just got better!

November 30, 2023 zoer | 5 min read

The software supply chain today runs differently than it did just five years ago. The number of available tools, languages, and packages used have exploded. Further, the growing mix of OSS packages puts organizations at risk of outdated software, untracked dependencies, and non-compliant licenses. To add to the chaos, teams are now increasingly distributed and…
Read More
How to Combine Speed and Trust in Enterprise Software Development

How to Combine Speed and Trust in Enterprise Software Development

November 23, 2023 drewt | 4 min read

Software development begins with code, which is then integrated, compiled, tested, and in the end distributed to users. This is often the secret sauce of innovation that organizations must protect to keep their competitive edge. With the software application development market growing at almost 30% per year and the average project taking just 4-6 months…
Read More
Cloud Integrations: JFrog Achieves AWS PrivateLink Service Ready Validation

Cloud Integrations: JFrog Achieves AWS PrivateLink Service Ready Validation

November 20, 2023 Kate Kwiatkowski, Sr. Director, Global AWS Alliance, JFrog | 4 min read

At JFrog, we talk about being universal and too integrated to fail. In addition to more than 30 technologies and package types supported natively, this also means supporting our customers in their hybrid and cloud infrastructure. One such key integration capability for customers leveraging Amazon Web Services (AWS) is AWS PrivateLink. AWS PrivateLink provides private…
Read More

Popular Tags