Welcome to the JFrog Blog

Latest:

Unlock the Power of Agents with JFrog’s Skills and MCP Tools

April 21, 2026 Lavanya Chockalingam, JFrog Senior Product Marketing Manager, Platform

5 min read

Agents are writing code, suggesting dependencies, and reviewing PRs, without any knowledge about your trusted package sources, security posture, or governance policies. When agents operate without supply chain context, they introduce risk, create rework, and weaken the guardrails DevSecOps teams rely on to ship with confidence. JFrog is changing that. Today, we’re launching an official…

Read More

All Blogs

You Can’t Trust What You Can’t Trace

You Can’t Trust What You Can’t Trace

April 15, 2026 Rami Pinku, Senior Product Manager, JFrog ML | 8 min read

Picture this: Your security team finishes an AI vendor evaluation. The offering looks ironclad, with content filtering, output guardrails, and a stellar red-teaming report. Everyone leaves the meeting satisfied, and another governance box is checked. Six months later, a production incident hits. An AI agent, powered by a model your team "vetted," starts executing unauthorized…
Read More
Recap: Women in DevSecOps Fireside Chat — Leveraging AI in Software Delivery

Recap: Women in DevSecOps Fireside Chat — Leveraging AI in Software Delivery

April 9, 2026 The JFrog Team | 4 min read

In celebration of International Women's Month and the 2026 theme #GiveToGain, JFrog hosted a virtual fireside chat on March 19, 2026: Women in DevSecOps: Leveraging AI in the Software Delivery Lifecycle. Moderated by Shubha Gururaja Rao, Director of Solution Engineering at JFrog, the panel brought together two trailblazing technical leaders — Christine Tran, Head of…
Read More
AzureML and JFrog: Securing the Model Lifecycle

AzureML and JFrog: Securing the Model Lifecycle

March 14, 2026 Aviv Kabesa, Microsoft Cloud Solutions Architect Shira Ben-Dor, JFrog Senior Product Manager Achinoam Katsoff-Sitton, JFrog Product Marketing Manager, DevOps | 6 min read

Azure Machine Learning (AzureML) is a powerhouse for model experimentation and high-scale compute. However, for most organizations, the challenge isn’t building models; it’s the complex journey from a notebook to a secure, governed, and production-ready application. When models and dependencies reside in unmanaged silos, you lose the traceability required for production. This fragmentation creates Shadow…
Read More
AI Models Won’t Pick Sides in the Security War. Governance and Policy Will.

AI Models Won’t Pick Sides in the Security War. Governance and Policy Will.

April 3, 2026 Shlomi Ben Haim, CEO & Co-founder, JFrog | 7 min read

Two significant software supply chain cybersecurity attacks, seven days apart, with one hundred and eighty million weekly downloads between them. The chaos from development teams to the boardroom is real. And the pace is only going to get faster. Much, much faster... On March 24, the LiteLLM Python package, the proxy through which millions of…
Read More
Governance That Ships: Embedding Policy as Code Into Your System of Record

Governance That Ships: Embedding Policy as Code Into Your System of Record

April 3, 2026 Paul Davis, Field CISO Roy Goldenberg, JFrog Product Marketing Manager | 6 min read

Proving compliance is a necessity, but in a world of tightening regulations, the path to compliance is currently paved with spreadsheets, screenshots, and manual attestations. We call this the "Audit Tax", the millions of dollars and thousands of people hours spent not just integrating security, but on proving you are handling security. With the advent…
Read More
9 New Innovations. One Trust Layer.

9 New Innovations. One Trust Layer.

March 18, 2026 The JFrog Team | 11 min read

The software supply chain is no longer just about shipping code, it is about managing intelligence and risk. As DevOps, DevSecOps, DevGovOps and AI/ML practices converge into a single AI-driven and increasingly agentic delivery pipeline, the demands on development and security teams have reached a new level. The platform that once managed packages and artifacts…
Read More
From Agentic Risk to Agentic Confidence: The JFrog MCP Registry is GA

From Agentic Risk to Agentic Confidence: The JFrog MCP Registry is GA

March 18, 2026 Ran Romano, JFrog VP of P&E | 6 min read

In an AI-native world where Model Context Protocol (MCP) is the universal standard for AI connectivity, the security and governance stakes have never been higher. AI’s ability to take autonomous action through MCPs means that a single breach of an MCP server can grant attackers control over mission-critical enterprise systems, putting enterprises in an immediate…
Read More
Survive the AI Code Blizzard: Introducing Snippet Detection

Survive the AI Code Blizzard: Introducing Snippet Detection

March 18, 2026 Dafna Zahger Bernanka, JFrog Director of Product Marketing, Security | 4 min read

In 2026, software development speed is an AI-solved problem. Yet, as AI-generated code volumes surge, organizations face a new kind of risk visibility gap. Developers are increasingly copying third-party snippets into their codebases—from both AI prompts and open-source software components—creating large security and compliance blind spots that lead to significant risks. While proven software composition…
Read More
Agent Skills are the New Packages of AI: It’s Time to Manage Them Securely

Agent Skills are the New Packages of AI: It’s Time to Manage Them Securely

March 16, 2026 Yonatan Arbel, JFrog Developer Advocacy Lead | 10 min read

Let’s talk about agent skills. As the AI agent ecosystem matures, we’re seeing a major shift in how users equip agents to run automated workflows. While robust protocols such as MCP exist to handle complex system integrations and authentication, skills have emerged as the go-to, low-friction way to shape an agent’s day-to-day behavior. Skills are…
Read More

Popular Tags