Evgeny Karasik with DevOpsSpeakeasy at swampUP San Diego 2022

October 4, 2022

< 1 min read

Evgeny Karasik, Sr. Product Manager at JFrog, discusses the most exciting announcements from the keynote speakers at swampUP including Swift package management support, contextual analysis for security, and Frogbot integration and Docker desktop extension.


Batel Zohar

Enterprise Solution Lead

Batel Zohar is a Developer Advocate for JFrog and has a background in DevOps support engineering, web development, and embedded software engineering. Prior to this, Batel served as an Enterprise Solutions Lead on a dedicated team that accompanies and assists large customers through the architectural implementation of the JFrog platform. She loves her dogs, plays guitar, and is a fan of Marvel’s movies.

Video Transcript




pop San Diego 2022 in person

amazing so good and I have a very

special guest a person that I personally

very very like our very own Evgeni

karasik uh part of the product team in

Jeff frog yep I don’t know the official

title like senior director or something

something product management blah blah

blah this basically if someone knows

about what’s going on in jfrog that

would be evgenic and um I wanted to ask

you about the Keynotes that we all heard

and watched this morning so there were

what was the most exciting announcement

for in your perspective

a personal for me the the Swift the pack

new package type that we are supporting

definitely was the the most exciting so

I have a question about that we do

do bake like peanuts everything they do

like exactly every day for breakfast we

have what 32 35 four five right I I lost

count so that’s just another one more

what’s what’s the big deal what’s so

special so first of all you know we

started to think about what kind of

community we support right we support

Java developers pretty well we support

the modern stack like go and so on but

the mobile development that’s something

that we are recently recognized that so

sort of special audience

and we started with supporting the Java

developers for the Android community and

now it’s coming into the iOS okay so

most challenging and excited and also

kind of uh special for us the

partnership because you know it’s not

the new but the iOS is pretty closed

ecosystem right so you actually need

Apple to do anything right so when most

people hate them by by the way because

because of that right but we are

managing the the good relationship with

the guys because eventually these are

the same developers right they’re

working for the company that have very

strict rules and the kind of ecosystem

but still even there they realize that

they need a package management system

they need the registry they need a

public register that everybody can

contribute they pour this their packages

to the Linux right now so eventually

they also exactly the same as any other

developer in our world and now there

becomes our particles as well and so I

get it the exciting part is not just the

support or our supporters which we know

how to do exactly but it’s actually this

is the company that backs

the back side of an

um I would say like a stumble

recognition that Jeff frog is the

platform to deploy your sweet fat that’s

precisely and that’s official and we are

the only ones yes we are first one and

you know you cannot be the first one

again right exactly and we are the only

one today okay which and as of today

that’s more important and yeah no I

obviously we welcome others and the

competition makes good for everyone but

for now if you need a package management

for Swift there is only one place

that’s enough all right so this okay now

I get it why are you so excited about it

what else the second one the contextual

analysis piece for the security

and it looks like you know very

technical maybe initially uh if you

thought there’s a lot of announcement

over there and nothing was providing a

more context for that but what we’re

hearing from the customers that there

are so many false positive in the

security world and nobody knows what

they’re doing by the way right so they I

see some high critical vulnerability the

immediately blocks the development the

humidity blocks the deployments and

they’re trying to immediately resolve

that right but it brings a lot of burden

on the development team as well because

there’s no context for the vulnerability

and everything needs to be fixed

everything needs to be fixed immediately

and people just giving up people just

saying you know it’s too much for me

yeah I don’t know how to handle this I

hear it it’s not only the problem of J

frog and the extra in particular right

all the Security Solutions the biggest

selling point for each and every one of

them we have a little bit less of false

positives right exactly but in the end

of the day

or just because you have so many right

right exactly okay so how

so the contextual analysis basically

allows you not just to recognize the CV

the vulnerability itself but also

analyzed how this vulnerable piece is

actually used in the code being specific

method has been called all specific baby

configuration is used and if you are not

using that explore exploded the part

basically you are not vulnerable right

and therefore you can say that okay we

need to solve it one day we need to get

rid of this component but this is not

something that I need to do today and

therefore we have this funnel that we

can build for the development team

saying that okay so instead of fixing

everything immediately go build the

funnel fix everything not just critical

but critical and applicable for your

code and fix anybody else after that

that’s um that’s pretty that’s a good

good Improvement right it’s good because

it actually


right you look at them and you can

you can decide whether it’s really a big

deal or you can deal with it later makes

it make sense uh anything else what else

got you excited hey I don’t know if you

if you if you catch that but the last

slide that we’re presented over there

was about the ecosystem that we support

right so we recently launched this frog


for the automatic code scanning and we

also partnered with Docker or Docker

desktop capabilities extension so for me

at least you know it’s very exciting to

see that the public company which runs I

don’t know more than thousand employees

already still very very focused on the

community very focused on developing

community and we don’t really uh

focusing only on our Enterprise

customers but we also support people

that just regular developers that

working in the open ecosystem being

Docker being adult tools and we continue

to invest in that and we continue to

provide them the tools that makes their

life a little bit easier absolutely and

we’re going to have an interview with

the album Moshe at the head go for it

Integrations team about frogbot

specifically and about the docker

desktop extension so stay tuned for more

about that is that evgeny always a

pleasure thank you very much it’s my

pleasure to be here cheers