The Vulnerability Conundrum: Improving the Disclosure Process

The vulnerability disclosure process involves reporting security flaws in software or hardware, and can be complex. Cooperation between the organization responsible for the software or hardware, and the security researcher who discovers the vulnerability can be complicated.  In this blog we’ll look at the vulnerability disclosure process, the parties involved and how they can collaborate …

JFrog Xray + Splunk + SIEM: Towards Implementing a Complete DevSecOps Strategy

Making security an intrinsic part of a DevOps pipeline is a “must-have” for organizations looking to secure their applications earlier in the development process.  The combination of JFrog Artifactory and JFrog Xray enables organizations to build security into all phases of their software development lifecycle, so they can proactively detect and mitigate open source software …