Your agents are only as trustworthy as what they consume, build, and ship. JFrog governs every AI model, agent skill, MCP server, AI-generated code, and assembled artifact in a single source of truth.
Secure your entire agentic software supply chain so you can ship trusted software at your new speed.
The LiteLLM supply chain compromise of March 24, 2026, is not an isolated incident. It is the latest and perhaps most dangerous chapter in an evolving attacker playbook that JFrog Security Research has been tracking for years. The target has shifted from developers to the AI agents that developers now rely on to build software. …
Security policies exist to protect your software supply chain. So why do they keep breaking your builds? This is the unspoken frustration inside most DevOps and security teams today. Supply chain attacks drove 30% of external breaches in 2025 . So your security team did the right thing. They added policies to flag packages that …
For today’s leading enterprise computing environments, the concept of “centralized headquarters” is a relic. Today, R&D happens on different continents, spanning cloud, on-prem and hybrid environments, while stretching across multiple regulatory jurisdictions. But here is the hard truth: Most global organizations are still managing their binaries using legacy mirroring or “blind” infrastructure-level syncing. They treat …
Imagine your lead Software Engineer walks into your office and says, “Good news! I just deployed that critical update to production. I wrote the code on my personal laptop, didn’t run it through CI/CD, skipped the security scan, and just copied the files directly to the server with a USB drive.” You would fire them. …
Software delivery is no longer a back-office function; it’s the heartbeat of the modern enterprise. While a 99.9% uptime SLA for essential software delivery services works for many, the acceleration of software velocity has made the “three-nines” benchmark a possible liability. For high performing software organizations, and those delivering critical services, nine hours of annual …
We are delighted to share the exciting news that JFrog has earned the “Deployed on AWS” badge in AWS Marketplace, marking yet another milestone in our journey of innovation and collaboration with Amazon Web Services (AWS). This achievement underscores our commitment to providing cutting-edge solutions that leverage AWS’s robust infrastructure to enhance the user experience …
Managing and securing the software supply chain is crucial for trusted releases, but as any tech organization knows, it also presents significant challenges. With over 15 years of experience and a dedicated security research team, we at JFrog understand these threats. In a rapidly evolving post-AI world, DevSecOps teams are struggling to keep pace with …
The speed of today’s software development lifecycle is only getting faster. However, the complexity of today’s pipelines make it hard to track and manage the processes software releases must go through. With increasing regulatory pressures, ensuring and proving your software has gone through the necessary quality controls is no longer nice to have – it …
As we delve deeper into the era of software reliance, the 2024 JFrog Software Supply Chain report emerges as required reading for developers and DevOps professionals who are at the frontline of today’s technological innovations. DevOps and development themes from the 2024 report The report combines Artifactory data, analysis from the JFrog Security Research team, …
Developers simply want to write code without interruption, while operations wish to build as fast as possible and deploy without restrictions. On the other hand, security professionals want to protect every step of the software supply chain from any potential security threats and vulnerabilities. In software development, every piece of code can potentially introduce vulnerabilities …
NVIDIA 
Cursor 
GitHub 
Docker 
Maven 
Financial Services 
Public Sector 
Technology 
Healthcare 
Gaming 
Automotive 
Enterprise 
