Welcome to the JFrog Blog

Latest:

Three Architectural Principles for Mythos & GPT-Cyber Readiness

May 11, 2026 Nir Peleg, JFrog Global Field CISO

11 min read

Since Anthropic announced Project Glasswing and the capabilities of Claude Mythos Preview, and OpenAI announced  GPT-Cyber - my calendar has looked the same every day: Back-to-back calls with CISOs, AppSec leads, and security architects. And every call starts with the same question: "What do we need to do to prepare?" It's the right question. But…

Read More

All Blogs

Accelerating AI Agent Development on Google Cloud with JFrog MCP Registry

Accelerating AI Agent Development on Google Cloud with JFrog MCP Registry

April 28, 2026 Guy Eshet, JFrog Senior Manager, Product Management | 5 min read

Developers building agentic AI on Google Cloud have powerful infrastructure at their fingertips: Gemini 3 for reasoning, Google’s Agent Development Kit (ADK) for orchestration, and a rapidly expanding ecosystem of Model Context Protocol (MCP) servers that connect agents to data and tools. So why are so many teams still waiting weeks to ship their first…
Read More
Building a Governed AI Model Supply Chain: Integrating AWS SageMaker and the JFrog Platform

Building a Governed AI Model Supply Chain: Integrating AWS SageMaker and the JFrog Platform

April 22, 2026 Grig Duta, JFrog Solution Engineer Rami Pinku, Senior Product Manager, JFrog ML | 9 min read

Amazon SageMaker accelerates the process of training and deploying machine learning models. However, as AI adoption scales from individual experiments to enterprise-wide production, the focus of leading Fortune 500 software development operations and security teams must shift from pure velocity to governance. The question is no longer just "Can we ship this model?" but "How…
Read More
You Can’t Trust What You Can’t Trace

You Can’t Trust What You Can’t Trace

April 15, 2026 Rami Pinku, Senior Product Manager, JFrog ML | 8 min read

Picture this: Your security team finishes an AI vendor evaluation. The offering looks ironclad, with content filtering, output guardrails, and a stellar red-teaming report. Everyone leaves the meeting satisfied, and another governance box is checked. Six months later, a production incident hits. An AI agent, powered by a model your team "vetted," starts executing unauthorized…
Read More
Recap: Women in DevSecOps Fireside Chat — Leveraging AI in Software Delivery

Recap: Women in DevSecOps Fireside Chat — Leveraging AI in Software Delivery

April 9, 2026 The JFrog Team | 4 min read

In celebration of International Women's Month and the 2026 theme #GiveToGain, JFrog hosted a virtual fireside chat on March 19, 2026: Women in DevSecOps: Leveraging AI in the Software Delivery Lifecycle. Moderated by Shubha Gururaja Rao, Director of Solution Engineering at JFrog, the panel brought together two trailblazing technical leaders — Christine Tran, Head of…
Read More
Navigating DORA Compliance: Software Development Requirements for Financial Services Companies

Navigating DORA Compliance: Software Development Requirements for Financial Services Companies

April 6, 2026 Paul Garden, JFrog Partner and Industry Solutions Danny Parizada, JFrog Senior Solution Engineer | 13 min read

Note: This blog was originally published in July 2024 and updated on an annual basis. It was most recently updated in April 2026. Regulatory compliance is a common and critical part of today's rapidly evolving financial services landscape. One new regulation that EU financial institutions must adhere to is the Digital Operational Resilience Act (DORA),…
Read More
AI Models Won’t Pick Sides in the Security War. Governance and Policy Will.

AI Models Won’t Pick Sides in the Security War. Governance and Policy Will.

April 3, 2026 Shlomi Ben Haim, CEO & Co-founder, JFrog | 7 min read

Two significant software supply chain cybersecurity attacks, seven days apart, with one hundred and eighty million weekly downloads between them. The chaos from development teams to the boardroom is real. And the pace is only going to get faster. Much, much faster... On March 24, the LiteLLM Python package, the proxy through which millions of…
Read More
Governance That Ships: Embedding Policy as Code Into Your System of Record

Governance That Ships: Embedding Policy as Code Into Your System of Record

April 3, 2026 Paul Davis, Field CISO Roy Goldenberg, JFrog Product Marketing Manager | 6 min read

Proving compliance is a necessity, but in a world of tightening regulations, the path to compliance is currently paved with spreadsheets, screenshots, and manual attestations. We call this the "Audit Tax", the millions of dollars and thousands of people hours spent not just integrating security, but on proving you are handling security. With the advent…
Read More
Stop Policies From Breaking Your Builds

Stop Policies From Breaking Your Builds

March 25, 2026 Jacqueline Basil, JFrog Product Marketing Manager, Security Manish Mehra, JFrog Product Manager | 4 min read

Security policies exist to protect your software supply chain. So why do they keep breaking your builds? This is the unspoken frustration inside most DevOps and security teams today. Supply chain attacks drove 30% of external breaches in 2025 . So your security team did the right thing. They added policies to flag packages that…
Read More

Popular Tags