Welcome to the JFrog Blog

Latest from Xray :

How to Connect the JFrog Platform to Your GitHub Environment to Create a Seamless Integration

May 30, 2024 Batel Zohar, JFrog Developer Advocate Carmit Hershman, JFrog Senior Software Architect, CTO Office

8 min read

The latest JFrog collaboration with GitHub enables you to easily combine your favorite solutions for source code and binaries in a seamless integration. This means you now have a unified comprehensive and secure end-to-end experience that supports your software projects. This integration covers everything from curating open source packages, coding, CI, release management, deployment and…

Read More
How I Leaped Forward My Jenkins Build with JFrog Pipelines

How I Leaped Forward My Jenkins Build with JFrog Pipelines

February 1, 2021 Tal Yitzhak | 9 min read

Jenkins is the most popular open source CI tool on the market today. Being an early entry into the marketplace, Jenkins popularized CI. Like other CI tools Jenkins empowers developers to automatically build, integrate, and test code as soon as they commit it to the source repository. This allows developers to catch bugs quickly and…
Read More
Our Groundbreaking Partnership with Docker Is a Boon for DevOps Teams

Our Groundbreaking Partnership with Docker Is a Boon for DevOps Teams

January 26, 2021 Stephen Chin | 5 min read

Today we’re announcing a big move that will yield substantial, concrete benefits for our customers and for the entire DevOps community: A groundbreaking partnership with Docker that exempts Cloud users of the JFrog DevOps Platform from image-pull rate limits on Docker Hub. This agreement further boosts JFrog’s vibrant ecosystem of integration partners, built on the…
Read More
Simply the Best: JFrog’s Top DevOps Articles from 2020

Simply the Best: JFrog’s Top DevOps Articles from 2020

January 7, 2021 Juan Perez | 6 min read

In 2020, JFrog’s experts published a treasure trove of content -- blogs, articles, infographics, and more -- to share insights and advice with our customers and the DevOps community at large. In case you missed them -- or want to re-read them -- here’s a list of the most popular ones. They range from a…
Read More
The Year DevOps Leaped to the Center

The Year DevOps Leaped to the Center

January 11, 2021 Shlomi Ben Haim, CEO | 8 min read

At the beginning of 2020, none of us could have imagined what we would be talking and thinking about at the end of the year.  At JFrog, we began by talking about unifying everything in the DevOps lifecycle. Of course very quickly, the message of unity and togetherness would soon become even bigger than we…
Read More
SDLC Security: It’s Personal for JFrog

SDLC Security: It’s Personal for JFrog

December 23, 2020 Juan Perez | 7 min read

The SolarWinds hack, which has affected high-profile Fortune 500 companies and large U.S. federal government agencies, has put the spotlight on software development security -- a critical issue for the DevOps community and for JFrog. At a fundamental level, if the code released via CI/CD pipelines is unsafe, all other DevOps benefits are for naught.…
Read More
CVE-2020-25860 – Significant Vulnerability Discovered in RAUC Embedded Firmware Update Framework

CVE-2020-25860 – Significant Vulnerability Discovered in RAUC Embedded Firmware Update Framework

December 21, 2020 Shachar Menashe and Uriya Yavniely | 10 min read

JFrog’s security research team (formerly Vdoo) are constantly researching leading embedded devices and their supply chain. As part of this research, we discovered CVE-2020-25860, a potentially critical vulnerability with CVSSv3 8.8 score in a Robust Auto-Update Controller (RAUC), an open-source framework for firmware updates. JFrog has responsibly disclosed this vulnerability and have worked closely with…
Read More
Install JFrog Platform on Kubernetes in Under 20 Minutes

Install JFrog Platform on Kubernetes in Under 20 Minutes

December 21, 2020 John Peterson | 9 min read

We get it, installing Artifactory and the JFrog DevOps Platform on Kubernetes can be daunting. As easy as we’ve sought to make it with our official JFrog installation Helm charts, there are a lot of decisions to be made. That’s meant to give you the widest possible choice for how to best fit your JFrog…
Read More
A Few Minutes More: Add Xray DevSecOps to Artifactory Enterprise on Azure

A Few Minutes More: Add Xray DevSecOps to Artifactory Enterprise on Azure

October 15, 2020 Daniel Miakotkin | 7 min read

Editor’s Note (2024): Please refer to the current JFrog Software Supply Chain Platform listing on Azure Marketplace to get started with JFrog on Microsoft Azure.   In a prior blog post, we explained how to install or update Artifactory through the Azure Marketplace in the amount of time it takes for your coffee order to arrive on…
Read More
Major Vulnerabilities Discovered in Qualcomm QCMAP

Major Vulnerabilities Discovered in Qualcomm QCMAP

October 14, 2020 Ori Hollander and Asaf Karas | 14 min read

In a recent supply chain security assessment, we analyzed multiple networking devices for security vulnerabilities and exposures. During the analysis we discovered and have responsibly disclosed four major vulnerabilities in Qualcomm’s QCMAP (Qualcomm Mobile Access Point) architecture that these devices were based on. An attacker that exploits the discovered vulnerabilities can gain remote root access…
Read More

Popular Tags