NVIDIA 
Cursor 
GitHub 
Docker 
Maven 
Financial Services 
Public Sector 
Technology 
Healthcare 
Gaming 
Automotive 
Enterprise 
Your teams request thousands of open-source packages, AI models, MCP servers, and IDE extensions every day. Without automated governance at the point of request, malicious and noncompliant third-party components enter your software supply chain undetected, creating security exposure, compliance gaps, and downstream broken builds.
JFrog Curation is powered by the JFrog Catalog, which continuously enriches intelligence across 12 million+ components, with support from JFrog’s dedicated security research team.
Learn how to:
- Block Threats at the point of request: Automatically prevent malicious, vulnerable, and non-compliant third-party components from entering your environment. No manual intervention required.
- Keep Developers in Flow: When a component is blocked, Curation automatically serves the next compliant version so builds never break, and developers never wait.
- Use one policy across every team and site: Set policies once and enforce them automatically across all repositories, teams, and locations, with a full audit trail for compliance.
Gain centralized visibility and control across your entire organization: Track and govern every third-party component your teams request in real time. Open-source packages, AI models, MCP servers, and IDE extensions, all in one place, all under one policy.
