From the Frog's mouth

All Blogs

Security

DevOps

AI/ML

IoT

Cloud

Industries

Integrations & Partners

News & Community

Out with the Old – Keeping Your Software Secure by Managing Dependencies

August 19, 2024 Yonatan Arbel, JFrog Developer Advocate | 7 min read

During 2023, the U.S. witnessed a record high in supply chain cyber-attacks, affecting 2,769 organizations. This figure represents the largest number recorded since 2017, marking an approximate 58% annual increase in impacted entities. If there ever was a doubt, now it’s crystal clear that YOUR SOFTWARE SUPPLY CHAIN IS A TARGET. Developers, DevOps and Security…

The Software Extinction Event That Wasn’t

August 15, 2024 Jens Eckels, JFrog VP of Product Marketing | 10 min read

Note: This blog post was previously published on DevOps.com Imagine if the world’s most pervasive programming language, used in the majority of organizations, services, websites and infrastructure today, was itself made to be malicious? Cybersecurity researchers from JFrog recently discovered a GitHub Personal Access Token in a public Docker container… due to the popularity of…

Accelerate Your Migration to JFrog SaaS with the AWS ISV Workload Migration Program

August 14, 2024 Kate Kwiatkowski, Senior Director of Global Alliances | 5 min read

In the fast-paced, ever-evolving world of software development, the ability to seamlessly migrate and manage workloads on the cloud is a game changer. At JFrog, we’re committed to empowering organizations to achieve their DevOps, DevSecOps, and MLOps goals with speed, security, and efficiency. Migrating these workloads to the cloud offers numerous advantages, including increased scalability,…

CVE-2024-38428 Wget Vulnerability: All you need to know

August 12, 2024 Goni Golan, Junior Security Researcher, JFrog Security | 10 min read

On Sunday, June 2nd 2024, a fix commit was pushed for a vulnerability in GNU’s popular Wget tool. Two weeks later, the vulnerability was assigned the ID CVE-2024-38428 and later was classified as a critical vulnerability - with a CVSS score of 9.1. In this blog, we take a dive deep into this threat by…

Mind the Gap: The Disconnect Between Execs & Developers

August 12, 2024 Paul Davis, Field CISO | 4 min read

Note: This blog post was previously published on Hackeroon We surveyed 1,200+ technology professionals from around the globe, including 300+ VP and C-level executives, on their AI/ML usage and software supply chain security efforts. Upon analysis, a surprising gap emerged between what executives believe is happening and what developers and engineers report is happening. Here’s…

JFrog & GitHub Integration: Q&A on Implementation and Impact

July 29, 2024 The JFrog Team | 6 min read

The software development industry reacted with excitement to the news about the partnership between JFrog and GitHub and its potential impact on software development operations as covered in our online JFrog - GitHub Integration Tour. As VP of DevSecOps Research at IDC, Jim Mercer, commented “This announcement from GitHub and JFrog… brings together two of…

Point Solutions vs Platform – Which is Best to Secure your Software Supply Chain?

July 25, 2024 Shani Achwal, Senior Product Marketing Manager | 3 min read

According to Gartner, almost two-thirds of U.S. businesses were directly impacted by a software supply chain attack. So it's not a question of whether to secure your software supply chain, but rather what is the most effective and efficient way to provide end-to-end security during all phases of the software development lifecycle (SDLC). The…

Meet JFrog’s Newest Board Member, Luis Felipe Visoso

July 23, 2024 Micheline Nijmeh, JFrog Chief Marketing Officer | 7 min read

We are honored to welcome Luis Felipe Visoso, current CFO of Unity Software Inc., to JFrog’s Board of Directors. With decades of financial leadership from Palo Alto Networks, AWS, Cisco, and Procter & Gamble, Luis brings invaluable global insights in cybersecurity, cloud, and enterprise software. We sat down with Luis to learn more about what…

Manage Ansible Collections with JFrog Artifactory

July 23, 2024 Sean Pratt, JFrog Senior Product Marketing Manager | 4 min read

If you work with virtual machines or install and configure software on EC2 or leverage dynamic runtimes, chances are you’re also using Ansible. In fact, JFrog has supported installation via Ansible for some time. If they’re not using Red Hat, the way most organizations have managed their Ansible Collections – including Roles – is by…

Expanding Artifactory’s Hugging Face Support with Datasets

July 16, 2024 Sean Pratt, JFrog Senior Product Marketing Manager | 3 min read

When working with ML models, it’s fair to say that a model is only as good as the data it was trained on. Training and testing models on quality datasets of an appropriate size is essential for model performance. Because of the intricate link between a model and the data it was trained on, it’s…

Welcome to the JFrog Blog

Latest:

From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms