Welcome to the JFrog Blog

Latest from Xray :

GitHub and JFrog Partner To Unify Code and Binaries for DevSecOps

May 29, 2024 Thomas Dohmke, GitHub CEO Shlomi Ben Haim, JFrog CEO and Co-Founder

5 min read

Note: This post is co-authored by JFrog and GitHub and has also been published on the GitHub blog As the volume of code continues to grow exponentially, software developers, DevOps engineers, operations teams, security specialists, and everyone else who touches code are increasingly spending their time in the weeds of securing, delivering, and scaling software.…

Read More
4 Ways Xray and Artifactory Complete DevSecOps

4 Ways Xray and Artifactory Complete DevSecOps

July 30, 2019 Paul Garden | 5 min read

Being universal is a huge part of what makes JFrog Artifactory so effective. Whether you use Jenkins, CircleCI, or Bitbucket to automate your CI/CD pipeline, Artifactory works with those and more. Whether you prefer to store your artifacts in an on-premises filestore or in the cloud, Artifactory will manage them. Which cloud? Artifactory is content…
Read More
Automotive DevOps: Rules of the Road Ahead

Automotive DevOps: Rules of the Road Ahead

June 20, 2019 Kit Merker | 6 min read

With software powering all the devices that enable the things we do everyday, software engineers are now the mechanics that keep our modern times running. More and more, we trust the software they create with our lives. As JFrog works to fulfill its vision of continuous updates and liquid software, we’ve paid a lot of…
Read More
Shift Your IDE Left With Xray Plugins

Shift Your IDE Left With Xray Plugins

May 28, 2019 Yahav Itzhak and Alexei Vainshtein | 5 min read

"Forewarned is forearmed,” cautions the old proverb, and that truth coined in the 16th century is even more apt for DevSecOps in the 21st. The earlier you know about vulnerabilities, the better you can avoid making them part of your software. That’s the same principle behind a “Shift Left” DevSecOps strategy. Rather than waiting for…
Read More
How JFrog Makes Anthos DevOps Bloom

How JFrog Makes Anthos DevOps Bloom

April 15, 2019 Mark Galpin | 7 min read

It must be spring, because Google has sprouted flowers, and JFrog is helping with the bouquet. At this year’s GCP Next, Google announced the rollout of Anthos (the Greek word for “flowers”), a powerful service to build and manage a modern hybrid cloud. With Anthos (formerly Cloud Services Platform), your choices in a computing platform…
Read More
Pipes for JFrog, a Fitting Match for BitBucket Pipelines

Pipes for JFrog, a Fitting Match for BitBucket Pipelines

February 28, 2019 Jainish Shah | 4 min read

Many users of Atlassian Bitbucket already choose JFrog Artifactory as their artifact repository with Xray as their DevSecOps tool to bring certainty and trust to the binaries in their software delivery pipelines. With Atlassian’s launch of Pipes for Bitbucket Pipelines, it’s easy for developers to manage their software releases from code through testing and release.…
Read More
Xray and VulnDB: Security at the Speed of DevOps Automation

Xray and VulnDB: Security at the Speed of DevOps Automation

February 25, 2019 Samantha Sayar | 4 min read

Update February 2024: JFrog no longer utilizes the VulnDB database. We have a comprehensive database from multiple leading sources including the NVD, GitHub, Ubuntu, Debian, Red Hat, PHP, and vulnerability data uncovered by the JFrog Security Research Team. JFrog Xray: A Powerful DevSecOps Solution JFrog Xray was originally announced at our annual JFrog user event,…
Read More
Get Critical Insights About Security Vulnerabilities Directly in Visual Studio

Get Critical Insights About Security Vulnerabilities Directly in Visual Studio

December 17, 2018 Alexei Vainshtein | < 1 min read

The JFrog Visual Studio extension was created to allow the developers an easy integration with JFrog tools from within their Visual Studio environment. The extension provides you with critical insights about the licenses and security vulnerabilities JFrog Xray identifies in the NuGet packages used in your projects. With this extension, developers using Visual Studio can…
Read More
JFrog Xray Drills Deep Down into Your Docker Images

JFrog Xray Drills Deep Down into Your Docker Images

November 7, 2018 Ori Yitzhaki | 3 min read

JFrog offers end-to-end Docker security covering the full lifecycle of your images to manage development, vulnerability analysis, license compliance, artifact flow control, and distribution. JFrog Xray has access to the wealth of metadata Artifactory stores. Combined with deep recursive scanning, it puts Xray in a unique position to analyze the relationships between the different layers in…
Read More
Get Your License Compliance Reports with a Click of a Button

Get Your License Compliance Reports with a Click of a Button

September 5, 2018 Elad Yaakov | 4 min read

When releasing software, one of the key aspects you need is ensuring that you’re compliant and safe from any legal risks. Our previous blog post on DevOps and Compliance described how compliance can be a seamless part of the DevOps workflow in your organization. This blog post will address the way your company is enforcing…
Read More
Delivering Shift-Left Security with NeuVector and JFrog Xray

Delivering Shift-Left Security with NeuVector and JFrog Xray

August 1, 2018 Elaad Yaacov | 5 min read

Bringing Kubernetes app security insights to developers This post is co-authored by Craig Peters of JFrog and Henrik Rosendahl of NeuVector and is also cross-posted on the NeuVector blog. Kubernetes, the container and orchestration tool favored by enterprises, provides great benefit in automating many aspects of application deployment at scale. But, like any emerging technology,…
Read More

Popular Tags