Blog Home
CERT-In-Guidelines-Blog_Thumbnail

JFrog Simplifies Compliance with Indiaโ€™s new CERT SBOM Guidelines
February 12, 2025

Overview The Indian Computer Emergency Response Team (CERT-In) is the national agency responsible for addressing cybersecurity incidents in India. Established in 2004 and operating under the Ministry of Electronics and Information Technology (MeitY), CERT-In is dedicated to enhancing the security of Indiaโ€™s digital infrastructure. The organization plays a vital role in preventing, detecting, and responding โ€ฆ

Read More
JFrog CTF 2023 cybersecurity competition

How Capture the Flag Raises Security Awareness and Enhances Enforcement
January 22, 2024

While many are familiar with championship sports teams like Manchester United, the New York Yankees and Montreal Canadiens, the real question is whether you have ever heard of perennial champions such as โ€œPlaid Parliament of Pwningโ€, โ€œMore Smoked Leet Chickenโ€ and โ€œDragon Sectorโ€. If not, then get ready to meet the leading teams in the โ€ฆ

Read More
dome over boxes to show security over software packages

N-Day Hijack: Analyzing the lifespan of package hijacking attacks
December 14, 2023

Software package hijacking has become a prominent concern for individuals, businesses, and the cybersecurity community at large. Weโ€™ve seen this new threat trend rise over the past couple of years, with the potential to severely impact the software supply chain by attackers exploiting software packages to execute malicious code. This blog post details a case โ€ฆ

Read More

Five Examples of Infection Methods Attackers Use to Spread Malicious Packages
October 31, 2022

Welcome to the second post in our series on Malicious Software Packages. This post focuses on the infection methods attackers use to spread malicious packages, and how the JFrog Security research team unveiled them. If you missed the first blog, here are some key takeaways: Third-party software packages contain vulnerabilities or malicious code delivered through โ€ฆ

Read More

Malicious Packages Are a Rising Threat in Software Supply Chain Attacks
October 24, 2022

Welcome to the first post in the malicious software packages series for the DevOps and DevSecOps community. This technical series will focus on various malicious packages and their effects on the software supply chain. Weโ€™ll dive deeper into malicious packages in each post, including  Defining software supply chain attacks and learning the critical role that malicious โ€ฆ

Read More

JFrogโ€™s Best DevSecOps Blogs of 2021
January 13, 2022

Always a concern for DevOps teams, security has now become a critical part of developing and releasing software โ€“ a reality reflected on the sharp increase in JFrog blogs about DevSecOps. In fact, we generated so many hard-hitting and instructive blogs about security and compliance in 2021 that we decided our DevSecOps coverage deserved its โ€ฆ

Read More

Popular Tags