Team Up on DevSecOps with JFrog Platform App for Microsoft Teams

The JFrog DevOps Platform is your mission-critical tool for your software development pipelines. The results of key binary management events in JFrog Artifactory, JFrog Xray, and JFrog istribution can reveal whether or not your software pipelines are on-track to deliver production-quality releases. 

The new JFrog Platform app for Microsoft Teams brings real-time visibility and awareness of what’s happening in your JFrog-powered software pipelines to your entire team through the Microsoft collaboration tool many software development teams rely on. 

Whether it’s tracking security and license compliance issues, or monitoring builds and Docker image promotion, the JFrog Platform app for Microsoft Teams enables the transparency you need to speed up software development while keeping your applications safe. Developers, security managers, and production managers can better collaborate on delivering quality releases, responding in real-time to DevSecOps events as they occur.

Use Cases for Developers

For developers, the JFrog app delivers notifications through Teams that help you track and identify potential problems. You want to keep track of events you’re interested in such as a detected security vulnerability,  an uploaded Docker image, or promotion of a build.  

For example, when a teammate updates a new Docker image and you can be notified in Teams that it’s available. After your own build is made, you can be notified when it’s been successfully promoted. If the system is not working as you intended, you can be notified right away. This helps your team keep track of your development efforts in real-time. From the developer perspective, it helps you monitor what’s happening in the JFrog Platform and bring peace of mind to the development and release perspective. 

What Kinds of Notifications Can I Enable?

Build Notifications

The JFrog app for Microsoft Teams delivers notifications and actionable UI cards to one or more team channels for Artifactory repository actions you wish to make visible, such as artifact, artifact properties, Docker tag, or build events. Notifications can be paused, deleted, or invoke the JFrog Platform for more details from within the channel.

Example 1: Docker Tags in Teams

Security and Collaboration in Real-time

The JFrog app can send vulnerability and license compliance notifications to one or more team channels based on policies setup in JFrog Xray. The interactive notification enables recipients to take action, creating ignore rules, displaying details or invoking the JFrog Platform.

Example 2: Xray Security Card in Teams

Imagine that you have an app running in production and a new zero-day vulnerability has been found in a popular software package that’s part of your app. Well, you need to inform a few different people – your development team that built the app, the SREs that are managing your instance of Artifactory, the DevSecOps teams that need to be alerted of the CVE information, and your Chief Information Security Office team who will liaison with your organization’s compliance, communication, and mitigation officers. All of these steps are much easier to do in the Teams collaboration tool rather than expecting all of these organization members to login to the JFrog Platform. 

More Actions

Lastly, there are few actions you can take within the cards themselves. For example, if you want to ignore specific violations or you want to check a new artifact for Xray information, those buttons exist within Teams. You can also download an Artifact directly from a notification card, open a link directly into the platform, or promote a build.

For more information, you can also refer to the JFrog user documentation or visit our Microsoft Teams integration page. 

The integration works with any cloud-based version of the JFrog Platform with Artifactory 7.27 and above. Don’t have the JFrog Platform? Start for free!