Blog Home

JFrog & GitHub: Unifying the Software Supply Chain, One Step at a Time… and Our 2025 GitHub Technology Partner Award
October 28, 2025

Organizations increasingly demand platforms that not only accelerate software delivery but also provide trust, security, and traceability. At JFrog, the software supply chain is managed and secured by default, from commit to runtime. That’s why our deep integration with GitHub is central to how we help teams manage, monitor, and secure every step of software …

Read More

From Silos to Synergy: Unifying Your Security Tools for a Stronger More Resilient Software Supply Chain
October 01, 2025

In the race to secure today’s ever-expanding attack surface, many companies have made a  practice of using a mix of tools to monitor, assess, and remediate threats. This practice has resulted in a fragmented and chaotic landscape of security solutions across several teams, increasing complexity and forcing companies to have a reactive vs. proactive security …

Read More
Robotic frog standing upright with mechanical limbs on a green background;

Key Takeaways from Frogward Innovation Days in India
September 18, 2025

At JFrog India, we recently wrapped up Frogward Innovation Days—a week-long celebration in Bangalore where internal teams from engineering, IT, marketing, sales ops, and support came together to collaborate, experiment, and solve real-world challenges. Before diving into the highlights, it’s worth sharing what makes Frogward Innovation Days unique. This isn’t just a week of fun …

Read More

The AI/ML Regulatory Landscape and How to Stay Ahead
September 11, 2025

The entire world of technology is abuzz about AI/ML. It’s arguably the most disruptive technology to society since the smartphone. In fact, Gartner estimates that the number of companies using open-source AI directly will increase tenfold by 2027. While this rapid advance is fueling quantum leaps in innovation, it also ignites increasing scrutiny from regulatory …

Read More
A computer screen displays code with floating app icons, including Python and Chrome

Stop the Chaos: How to Centralize, Secure, and Control Developer Extensions
September 10, 2025

Picture this: A new developer joins your team, excited to start contributing. On day one, they spend hours installing and configuring their IDE, searching for the “right” extensions. Their setup ends up being completely different from everyone else’s. Sound familiar? Worse yet, what if that “productivity-boosting” extension or new MCP server they just installed also …

Read More
Robot with AI label connects to data blocks, security icons

Agentic Software Supply Chain Security: AI-Assisted Curation and Remediation
September 09, 2025

Software supply chains are the #1 attack vector for cybercriminals, and the challenge isn’t just finding vulnerabilities; it’s fixing them fast while ensuring security, compliance, and developer productivity. As supply chains grow in complexity, traditional tools aren’t enough; organizations need intelligent, autonomous assistance embedded directly into developer workflows. We are pleased to announce that JFrog …

Read More

How to Optimize DevSecOps Workflows Using JFrog
July 15, 2025

Embedding security within the Software Development Life Cycle (SDLC) is no longer just a best practice; it’s a full-on necessity. DevSecOps extends the DevOps model by making security a shared responsibility from the earliest stages of development. Today’s enterprises require this kind of integrated approach to streamline workflows from development to deployment. The JFrog Platform …

Read More
Cube levitates within a circular arrow loop containing GitHub and JFrog logos

JFrog and GitHub: Next-Level DevSecOps
September 10, 2025

Most DevSecOps pipelines have a gap: source code security and binary security are handled in separate silos. This creates blind spots, slows teams down, and increases risk. At swampUP 2025, we’re unveiling the next evolution of the JFrog and GitHub integration, a deeply integrated DevSecOps experience that unifies best-of-breed code and binary platforms. With JFrog …

Read More

The State of the Software Supply Chain 2025
April 01, 2025

Managing and securing the software supply chain is crucial for trusted releases, but as any tech organization knows, it also presents significant challenges. With over 15 years of experience and a dedicated security research team, we at JFrog understand these threats. In a rapidly evolving post-AI world, DevSecOps teams are struggling to keep pace with …

Read More
JFrog-and-Hugging-Face-join-forces_Thumbnail

JFrog and Hugging Face Join Forces to Expose Malicious ML Models
March 04, 2025

ML operations, data scientists, and developers currently face critical security challenges on multiple fronts. First, staying up to date with evolving attack techniques requires constant vigilance and security know-how, which can only be achieved by a dedicated security team. Second, existing ML model scanning engines suffer from a staggering rate of false positives. When a …

Read More

Popular Tags