You may have seen that we recently released a new version of JFrog Xray, along with releases of Mission Control and Artifactory. But one thing we’re super excited about is that this release train showcases that Xray is, for the first time, available in a pure cloud, SaaS model. Now you get to enjoy all the benefits of Xray without needing to provision a single bit of your own infrastructure to do it. That means, for the first time, there’s a cloud recursive scanning tool integrated with a universal binary repository (JFrog Artifactory), creating a comprehensive, end-to-end, cloud DevSecOps solution.
So, you want to “shift left”
The growing shift-left movement is evolving out of the emerging DevSecOps, which, as the name indicates, is the merging of not just Dev and Ops, but also merging security concerns earlier into the development and delivery process. As vulnerabilities and threats grow alongside the pervasiveness of containers (what’s in all those Docker registries, anyway?), it’s increasingly important to have the integrity of software established up front and throughout the delivery pipeline.
Does Xray really help with DevSecOps?
We at JFrog know it does, but you don’t have to take our word for it. Since 2016, JFrog customers have avoided thousands of unique, undiscovered vulnerabilities in their software packages – like PIP, Maven, Nuget, RubyGems, Debian, and others – thanks to Xray scans. That’s a lot of avoided mess. Xray backs this up with industry-leading accuracy, saving countless hours in manpower wasted needlessly chasing down those pesky false positives. That time savings alone is worth its weight in gold. Even further, Xray is bringing compliance and legal teams into the DevSecOps process, helping them avoid unexpected pitfalls – especially related to OSS licenses and requirements.
Who cares if it’s in the cloud?
Well, lots of people do. Some companies – or at minimum initiatives within companies – are moving to a cloud-first and cloud-only model. Most companies have a hybrid or multi-cloud DevOps strategy. Whether your group is 100% cloud across the board, or just for a certain project, you need the supportive DevSecOps tools to accomplish your goals across your pipeline(s). That means, of course, that the tools need to be in the cloud or on-premise interchangeably as well.
Is Xray only for the Cloud?
Certainly not. We recognize there’s a hybrid world out there. Xray is available both on-premise and in the cloud, fully integrated with Artifactory. There is no difference in functionality between the two delivery models, so you get all the features, no matter where you consume them.
What if I’m already a JFrog Cloud customer?
It’s simple – just upgrade Xray in the Artifactory Cloud instance you already have. If you’re an existing on-premise customer of JFrog, but you want to move to the cloud (or at least check it out for yourself), you can take if for a test drive.
Give Xray in the Cloud a try – it’s a no-risk way to see what the fuss is about. It comes bundled with Artifactory for the best experience.
Join us for an informational webinar on Xray on November 28!