Welcome to the JFrog Blog

Latest:

9 New Innovations. One Trust Layer.

March 18, 2026 The JFrog Team

11 min read

The software supply chain is no longer just about shipping code, it is about managing intelligence and risk. As DevOps, DevSecOps, DevGovOps and AI/ML practices converge into a single AI-driven and increasingly agentic delivery pipeline, the demands on development and security teams have reached a new level. The platform that once managed packages and artifacts…

Read More

All Blogs

Friction between DevOps and Security – Here’s Why it Can’t be Ignored

Friction between DevOps and Security – Here’s Why it Can’t be Ignored

April 3, 2024 Sean Wright, Head of Application Security, Featurespace Paul Davis, Field CISO | 5 min read

Note: This post is co-authored by JFrog and Sean Wright and has also been published on Sean Wright's blog. DevOps engineers and Security professionals are passionate about their responsibilities, with the first mostly dedicated to ensuring the fast release and the latter responsible for the security of their company's software applications. They have many common…
Read More
The State of Software Supply Chain Security in 2024

The State of Software Supply Chain Security in 2024

March 27, 2024 Sean Pratt, Senior Manager, JFrog | 4 min read

In today's fast-paced software development landscape, managing and securing the software supply chain is crucial for delivering reliable and trusted software releases. With that in mind, it’s important to assess whether your organization is set up to handle the continuous expansion of the open-source ecosystem and an ever-growing array of tools to incorporate into your…
Read More
CVE-2024-3094 XZ Backdoor: All you need to know

CVE-2024-3094 XZ Backdoor: All you need to know

March 31, 2024 Shachar Menashe, JFrog VP Security Research Jonathan Sar Shalom, JFrog Director of Threat Research Brian Moussalli, JFrog Malware Research Team Leader | 14 min read

Update April 1st - Updated "What is the malicious payload of CVE-2024-3094?" due to newly released OSS tools Update April 7th - Updated "What is the malicious payload of CVE-2024-3094?" due to more published payload research   On March 29th, it was reported that malicious code enabling unauthorized remote SSH access has been detected within…
Read More
Live Panel Recap: Women in DevOps

Live Panel Recap: Women in DevOps

April 22, 2024 Melissa McKay, JFrog Developer Advocate | 8 min read

In celebration of International Women’s Day, I had the pleasure of speaking with two incredible female leaders in the software industry on our live panel session, “Women in DevOps: Moments of Leadership and Tech Evolution.” During the conversation with Jyostna Seelam, Senior Manager at Capital One, and Tracy Ragan, CEO of DeployHub, we discussed the…
Read More
Software Ate the World, but Digital Transformation Can Give You Indigestion

Software Ate the World, but Digital Transformation Can Give You Indigestion

March 14, 2024 Paul Garden, JFrog Partner and Industry Solutions | 7 min read

In today's digitally-driven world, organizations rely heavily on software applications to streamline services, provide operations, engage customers, and drive innovation through digital transformation. Software has also become the lynchpin for securing an entire business’ services and keeping them up and running. Yet, this omnipresent force comes with its own set of challenges. The importance of…
Read More
Integrating JFrog Artifactory with Amazon SageMaker

Integrating JFrog Artifactory with Amazon SageMaker

January 17, 2024 Melissa McKay, JFrog Developer Advocate | 15 min read

Today,  we’re excited to announce a new integration with Amazon SageMaker! SageMaker helps companies build, train, and deploy machine learning (ML) models for any use case with fully managed infrastructure, tools, and workflows. By leveraging JFrog Artifactory and Amazon SageMaker together, ML models can be delivered alongside all other software development components in a modern…
Read More
How a DevOps Company Does DevOps

How a DevOps Company Does DevOps

March 6, 2024 Noam Zilberman, JFrog Sr. Director of Engineering Productivity/DevX | 6 min read

At JFrog, we believe in practicing what we preach by "drinking our own champagne." This means that we not only develop and deliver market-leading products but also utilize our own solutions in our development processes. When it comes to managing development environments, we aim to implement the best-in-class approaches. By adopting these top-tier practices, we…
Read More

Popular Tags