Welcome to the JFrog Blog

Latest from Xray :

Ensure your models flow with the JFrog plugin for MLflow

April 25, 2024 Yonatan Arbel, Developer Advocate

6 min read

Just a few years back, developing AI/ML (Machine Learning) models was a secluded endeavor, primarily undertaken by small teams of developers and data scientists away from public scrutiny. However, with the surge in GenAI/LLMs, open-source models, and ML development tools, there's been a significant democratization of model creation, with more developers and organizations engaging in…

Read More
Release with Trust or Die. <br>Key swampUP 2023 Announcements

Release with Trust or Die.
Key swampUP 2023 Announcements

September 14, 2023 adia | 7 min read

Every year, JFrog brings the DevOps community and some of the world’s leading corporations together for the annual swampUP conference, aimed at providing real solutions to developers and development teams in practical ways to prepare us all for what’s coming next. Since the inception of swampUP - and truthfully since the creation of Artifactory -…
Read More
Get Ready for Next. <br>Put DevOps, DevSecOps, and AI to Work.

Get Ready for Next.
Put DevOps, DevSecOps, and AI to Work.

September 13, 2023 adia | 5 min read

Our community has always had a “next.” There was the dawn of the computer age, when “next” meant that processing didn’t take up an entire room. There was the “next” of personal computing. Next came laptops, the internet, microservices, cloud-native, cybersecurity, automation and more. The thing that is next is always right around the corner…
Read More
Bridging the gap between AI/ML model development and DevSecOps

Bridging the gap between AI/ML model development and DevSecOps

September 13, 2023 zoer | 7 min read

AI and machine learning (ML) have hit the mainstream as the tools people use everyday – from making restaurant reservations to shopping online – are all powered by machine learning. In fact, according to Morgan Stanley, 56% of CIOs say that recent innovations in AI are having a direct impact on investment priorities. It’s no…
Read More
Announcing JFrog SAST: Build Trust and Release Code With Confidence

Announcing JFrog SAST: Build Trust and Release Code With Confidence

September 13, 2023 adia | 6 min read

Today’s software applications power almost every aspect of our lives, and ensuring the security of these applications is paramount. Threat actors can cause devastating consequences for companies, leading to financial losses, reputational damage, and legal repercussions. Companies building commercial or in-house applications must adopt robust security measures throughout their software development lifecycle to avoid releasing…
Read More
Announcing JFrog Curation: Defend Your Software Supply Chain by Curating Open-Source Packages Entering Your Organization

Announcing JFrog Curation: Defend Your Software Supply Chain by Curating Open-Source Packages Entering Your Organization

September 13, 2023 adia | 8 min read

UPDATE: Following the announcement at swampUP 2023, JFrog Curation now features a web user interface for its Catalog database service. This enables JFrog customers to search and explore over 4 million open-source packages for their up-to-date metadata including its versions, install command, dependencies, vulnerabilities (including any transitive ones), license types, OpenSSF aggregate score, and any…
Read More
Take control of your Security: How to use Build-Info in your VCS to track vulnerable versions

Take control of your Security: How to use Build-Info in your VCS to track vulnerable versions

August 29, 2023 adia | 5 min read

Tracking vulnerabilities and compliance requirements is essential for maintaining application security in any software project. However, this process can be time-consuming and complicated, especially as new issues are identified. Fortunately, the JFrog build-info provides a comprehensive solution by recording key information about your project's build. With build-info, you can easily track vulnerable versions of your…
Read More
Shifting Left of Left: Secure Enterprise Data with JFrog Curation

Shifting Left of Left: Secure Enterprise Data with JFrog Curation

August 17, 2023 zoer | 4 min read

In 2022, nearly 1,700 entities across the globe fell victim to software supply chain attacks, impacting over 10 million people. Nearly each of these attacks included some element of faulty or nefarious open-source code. Software developers commonly rely on open-source components to speed up the development process, but as we can see, this practice has…
Read More
swampUP Sneak Peek

swampUP Sneak Peek

August 10, 2023 adia | 3 min read

TL;DR: Register for swampUP today to learn from the best DevOps and DevSecOps leaders. Summer is almost over and you know what that means… swampUP 2023 is right around the corner! If you’re like us your attention span is torn between getting your last bit of fun in the sun while at the same time…
Read More
Spring WebFlux – CVE-2023-34034 – Write-Up and Proof-of-Concept

Spring WebFlux – CVE-2023-34034 – Write-Up and Proof-of-Concept

August 8, 2023 adia | 7 min read

Spring Security's newly released versions contain a fix for a broken access control vulnerability - CVE-2023-34034 - which was given a critical NVD severity (CVSS 9.8) and a high severity by Spring’s maintainers. Given the severe potential impact of the vulnerability on Spring WebFlux applications (that use Spring Security for authentication and access control), its…
Read More

Popular Tags