Note: The below post showcases the JFrog Platform Free Tier, which is currently limited for new sign-ups. In the meantime, we invite you to explore a fully-functional free trial. The JFrog Free subscription is a SaaS cloud offering of the JFrog DevOps Platform that provides software developers, DevOps Engineers, System Administrators and students a sandbox …
When your organization becomes bigger, managing the users and groups lifecycle becomes a significant challenge. Your company grows rapidly, hiring new employees, and giving them access to more and more applications that your organization uses. This means that there are many employee-related actions that need to be taken when an employee changes their team, role, …
A few months ago, I was asked if I wanted to develop an open-source Terraform provider. Eleanor Saitta, principal at Systems Structure Ltd, had a client who was setting up JFrog Xray across their Github repositories but didn’t want to configure each repository by hand. As an SRE who enjoys working on projects that automate …
The simplest way to ensure the safety of all the open source (OSS) components used by your teams and sites, is with a software composition analysis (SCA) tool. You need an automated and reliable way to manage and keep track of your open source usage. With JFrog Xray, you can set up vulnerability and license …
TL;DR Once my new projects are almost ready to share with the team and I can build and test them locally, I’ll need a CI automation tool to test and deploy each release. As a Principal Consultant at Declarative Systems, I’ve been recommending JFrog Artifactory to clients looking to bullet-proof their deployments since 2016. After …
NeuraLegion’s VP Oliver Moradov takes us through how you can use JFrog and NeuraLegion to automate AppSec testing in your pipelines. The days of long release cycles are well and truly behind us — it is simply not feasible in our agile development world, with developers delivering software and more features at an unprecedented scale …
Recently, a novel supply chain attack was published by security researcher Alex Birsan, detailing how dependency confusion (or “namesquatting“) in package managers can be misused in order to execute malicious code on production and development systems. Background – dependency confusion & Birsan’s attack In short, most package managers such as pip and npm do not …
When securing your software development against open-source vulnerabilities, the earlier action occurs — by the right person — the safer you and your enterprise will be. Many IT departments rely on the PagerDuty incident response platform to improve visibility and agility across the organization. The enterprise-quality incident management system provides reliable notifications, automatic escalations, on-call …
The path between two clouds ought to be a speedy two-way street. That’s the DevOps pipeline principle behind the JFrog Artifactory App for Jira, which forges a traceable link between your issues in Jira Cloud and your builds in Artifactory on the JFrog DevOps Platform for cloud. Bringing Issue Tracking to your DevOps Pipeline Once …
This blog post was update on March 28, 2022 JFrog CLI is a useful client that provides a simple interface that works smoothly with JFrog Artifactory and Jfrog Xray. The simplified CLI commands enable you to create readable automation scripts that are easy to maintain, efficient and reliable. From version 1.14.0, JFrog CLI has extended its …
