JFrog Xray offers an end-to-end security scanning solution covering the full development lifecycle of your artifacts. This includes vulnerability analysis, security and license compliance, artifact flow control, distribution and more. When Xray finds a security or a licence issue, it will trigger a violation for it. One of the most common use cases during …
JFrog offers end-to-end Docker security covering the full lifecycle of your images to manage development, vulnerability analysis, license compliance, artifact flow control, and distribution. JFrog Xray has access to the wealth of metadata Artifactory stores. Combined with deep recursive scanning, it puts Xray in a unique position to analyze the relationships between the different layers in …
UPDATE: JFrog Mission Control and Insight is sunset and will not be supported as of EoQ2 ’25 release. More and more companies rely on software to provide value to their customers through product or service updates, websites, mobile apps and more. Whether large or small, these companies can be in any industry segment such as …
Bringing Kubernetes app security insights to developers This post is co-authored by Craig Peters of JFrog and Henrik Rosendahl of NeuVector and is also cross-posted on the NeuVector blog. Kubernetes, the container and orchestration tool favored by enterprises, provides great benefit in automating many aspects of application deployment at scale. But, like any emerging technology, …
My previous blog post talked about discovering vulnerabilities in your dependencies directly from within your IDE. However, sometimes this approach discourages the developer from doing their work and consequently reduces their productivity. Let’s take a look at how you can continue to detect vulnerabilities, as early on in the CI/CD process as possible, without interfering …
NOTE: This blog post refers to JFrog Xray v1.x. For information about the current release of Xray, please see this knowledge base article. JFrog first released Xray in July 2016, and the response was phenomenal. Customers were very excited about the ability to hook up their Artifactory repositories and have Xray automatically do a deep …
When was the last time you closed off a sprint, happily marking all user stories as DONE and uploaded the build to your staging environment only to find out the build was riddled with security vulnerabilities. Hmm…there’s a point for discussion in your sprint retrospective, and now it’s time to redo your sprint planning for …
Nobody wants to get sick, so we’ll wear jackets when it gets cold, take our vitamin C and avoid going out in the snow with wet hair. We all do different things to stay clear of nasty viruses and bacteria because we know that the loss in productivity and efforts we’ll have to make to …
