Welcome to the JFrog Blog

Latest from Xray :

GitHub and JFrog Partner To Unify Code and Binaries for DevSecOps

May 29, 2024 Thomas Dohmke, GitHub CEO Shlomi Ben Haim, JFrog CEO and Co-Founder

5 min read

Note: This post is co-authored by JFrog and GitHub and has also been published on the GitHub blog As the volume of code continues to grow exponentially, software developers, DevOps engineers, operations teams, security specialists, and everyone else who touches code are increasingly spending their time in the weeds of securing, delivering, and scaling software.…

Read More
Automatically Assess and Remediate the SolarWinds Hack

Automatically Assess and Remediate the SolarWinds Hack

April 14, 2021 Frank Zhu | 9 min read

With software supply chain attacks on the rise, are you wondering how you can recover quickly from the recent SolarWinds breach at your company? Months after its discovery, the devastating SolarWinds hack remains a top concern for business, government and IT leaders. This destructive supply chain attack put the spotlight on software development security --…
Read More
Scaling Software Supply Chains Securely

Scaling Software Supply Chains Securely

March 31, 2021 Mark Milinkovich | 6 min read

Software supply chains are mission-critical for digital businesses, and as global conditions accelerate the growth in contactless interactions and transactions, many organizations are reviewing how to solve the challenge of scaling the volume and velocity of their software development and release processes to meet the digital demand.  The latest JFrog Platform release delivers a rich…
Read More
What’s New with JFrog Artifactory and Xray

What’s New with JFrog Artifactory and Xray

March 9, 2021 Paul Garden | 7 min read

TL;DR Get the latest on self-hosted Docker rate limits, cutting through violation noise and new package type support. Without doubt, 2020 has been one of the most challenging years for everyone in recent history, but especially for those in the world of DevOps. JFrog has strived to continue developing and innovating at the same pace,…
Read More
Microservices Asynchronous Communication and Messaging | JFrog Xray

Microservices Asynchronous Communication and Messaging | JFrog Xray

February 25, 2021 Snir Ben Ami | 5 min read

Microservices have changed the way we build applications. Software design has moved from large monolithic applications (which are not really adaptable to changes and improvements) to a collection of small, independent processes infrastructure which is far more suited to adapt to changes in today’s agile world. How Do Microservices Communicate? Microservices are decoupled from each…
Read More
We’re Bringing Cloud DevOps to Government Clouds on AWS and Azure

We’re Bringing Cloud DevOps to Government Clouds on AWS and Azure

March 2, 2021 Steven Foster and Steven Miller | 4 min read

Helping software producers achieve compliance with regulatory requirements has been a huge part of our focus at JFrog. That’s why many in the most regulated industries such as banking, finance, manufacturing, and retail are our customers for DevOps. We’re excited to announce that JFrog DevOps Platform solutions - JFrog Artifactory and JFrog Xray - are…
Read More
GitHub vs JFrog: Who Can do the Job for DevOps?

GitHub vs JFrog: Who Can do the Job for DevOps?

February 17, 2021 Gianni Truzzi | 12 min read

When you choose a product, you're hiring it to do a job. You’ve put out the“Help Wanted” sign for DevOps, and choosing between two well-qualified prospects is high stakes. The hire you make can ensure the enterprise swiftly rises -- or sinks. With JFrog and GitHub, you have two of the best candidates. Now judge…
Read More
Automate DAST in DevSecOps With JFrog and NeuraLegion

Automate DAST in DevSecOps With JFrog and NeuraLegion

February 17, 2021 Oliver Moradov, VP of NeuraLegion | 9 min read

NeuraLegion’s VP Oliver Moradov takes us through how you can use JFrog and NeuraLegion to automate AppSec testing in your pipelines. The days of long release cycles are well and truly behind us -- it is simply not feasible in our agile development world, with developers delivering software and more features at an unprecedented scale…
Read More
7 Tips to Evaluate and Choose the Right DevSecOps Solution

7 Tips to Evaluate and Choose the Right DevSecOps Solution

February 17, 2021 Paul Garden | 6 min read

Demand for DevSecOps products has been growing strongly, as more companies realize the importance of integrating security into their DevOps pipelines. However, IT and DevOps pros who dive into the DevSecOps market looking for options quickly realize that the number of DevSecOps tools and frameworks is vast and confusing. This overabundance of choices often leaves…
Read More
Python wheel-jacking in supply chain attacks

Python wheel-jacking in supply chain attacks

February 16, 2021 Shachar Menashe and Tamir Bahar | 9 min read

Recently, a novel supply chain attack was published by security researcher Alex Birsan, detailing how dependency confusion (or "namesquatting") in package managers can be misused in order to execute malicious code on production and development systems. Background - dependency confusion & Birsan's attack In short, most package managers such as pip and npm do not…
Read More

Popular Tags