Welcome to the JFrog Blog

Latest from Xray :

GitHub and JFrog Partner To Unify Code and Binaries for DevSecOps

May 29, 2024 Thomas Dohmke, GitHub CEO Shlomi Ben Haim, JFrog CEO and Co-Founder

5 min read

Note: This post is co-authored by JFrog and GitHub and has also been published on the GitHub blog As the volume of code continues to grow exponentially, software developers, DevOps engineers, operations teams, security specialists, and everyone else who touches code are increasingly spending their time in the weeds of securing, delivering, and scaling software.…

Read More
Stay Alert to Security With Xray and PagerDuty

Stay Alert to Security With Xray and PagerDuty

February 2, 2021 Mahitha Byreddy | 5 min read

When securing your software development against open-source vulnerabilities, the earlier action occurs -- by the right person -- the safer you and your enterprise will be. Many IT departments rely on the PagerDuty incident response platform to improve visibility and agility across the organization. The enterprise-quality incident management system provides reliable notifications, automatic escalations, on-call…
Read More
Our Groundbreaking Partnership with Docker Is a Boon for DevOps Teams

Our Groundbreaking Partnership with Docker Is a Boon for DevOps Teams

January 26, 2021 Stephen Chin | 6 min read

  UPDATE 3/25/2025: Docker Hub usage limits have changed since the publishing of this blog. For the most recent limits please visit Docker's help docs. The partnership between Docker and JFrog allows JFrog Cloud subscribers to avoid Docker Hub's top limit (pulls per hour) for downloads from the public Docker Hub registry for unauthenticated users.  …
Read More
SDLC Security: It’s Personal for JFrog

SDLC Security: It’s Personal for JFrog

December 23, 2020 Juan Perez | 7 min read

The SolarWinds hack, which has affected high-profile Fortune 500 companies and large U.S. federal government agencies, has put the spotlight on software development security -- a critical issue for the DevOps community and for JFrog. At a fundamental level, if the code released via CI/CD pipelines is unsafe, all other DevOps benefits are for naught.…
Read More
A Few Minutes More: Add Xray DevSecOps to Artifactory Enterprise on Azure

A Few Minutes More: Add Xray DevSecOps to Artifactory Enterprise on Azure

October 15, 2020 Daniel Miakotkin | 7 min read

Editor’s Note (2024): Please refer to the current JFrog Software Supply Chain Platform listing on Azure Marketplace to get started with JFrog on Microsoft Azure.   In a prior blog post, we explained how to install or update Artifactory through the Azure Marketplace in the amount of time it takes for your coffee order to arrive on…
Read More
Major Vulnerabilities Discovered in Qualcomm QCMAP

Major Vulnerabilities Discovered in Qualcomm QCMAP

October 14, 2020 Ori Hollander and Asaf Karas | 14 min read

In a recent supply chain security assessment, we analyzed multiple networking devices for security vulnerabilities and exposures. During the analysis we discovered and have responsibly disclosed four major vulnerabilities in Qualcomm’s QCMAP (Qualcomm Mobile Access Point) architecture that these devices were based on. An attacker that exploits the discovered vulnerabilities can gain remote root access…
Read More
Best Practices for Onboarding JFrog Xray

Best Practices for Onboarding JFrog Xray

August 4, 2020 Eran Blumenthal | 5 min read

Note: A version of this blog post is also published on dev.to Introducing, adding, or replacing a new SCA (Software Composition Analysis) tool such as JFrog Xray into your SDLC, if not handled correctly, can be very disruptive to the SDLC and organization. This blog post provides recommended best practices for onboarding JFrog Xray; in…
Read More
Track JFrog Platform Performance with Datadog Analytics

Track JFrog Platform Performance with Datadog Analytics

July 20, 2020 Mahitha Byreddy | 6 min read

Faithful operation of your JFrog Platform can be best assured by tracking usage data of Artifactory and Xray. With insights gained through real-time observability and log analytics, you can boost the efficiency of your DevOps pipeline and keep your software releases running joyfully. Datadog is a SaaS-based data analytics platform that is a popularly used…
Read More
Unified JFrog Platform Monitoring With Prometheus and Grafana

Unified JFrog Platform Monitoring With Prometheus and Grafana

July 13, 2020 Jeff Fry | 5 min read

Running the JFrog DevOps Platform on Kubernetes in your enterprise can mean serving millions of artifacts to developers and customers each day. But operating at top performance requires being able to answer some vital questions. Like what is the most requested artifact? What is the most popular repo? Who are your heaviest users? For security,…
Read More
Stretch Your Reach with Unified JFrog Data and Elastic

Stretch Your Reach with Unified JFrog Data and Elastic

July 6, 2020 Mahitha Byreddy | 7 min read

  DevOps teams rely on Artifactory as the bread and butter tool of universal binary repo managers, but observing its operations can be challenging. With multiple high availability nodes and unification with Xray as the JFrog DevOps Platform, that operations data is spread out across logs for each service in the JFrog Platform deployment. Operations…
Read More

Popular Tags