AI has created a paradigm shift in software development. AI-native development teams – from small startups to enterprises like Goldman Sachs and Google – are adopting agentic development tools like Cursor and Copilot to increase the speed of code generation to a pace we’ve never seen before. But with all this new code comes a …
Organizations increasingly demand platforms that not only accelerate software delivery but also provide trust, security, and traceability. At JFrog, the software supply chain is managed and secured by default, from commit to runtime. That’s why our deep integration with GitHub is central to how we help teams manage, monitor, and secure every step of software …
In my previous blog, we demonstrated how the FrogML SDK streamlines the process of integrating custom-built or publicly sourced models from your IDE into JFrog Artifactory. Now that your models are securely stored, versioned, and managed, the natural next question arises: “Ok, so you have some models in JFrog Artifactory, now what?” This is where …
“…our entire dev flow basically stopped, no builds, no tests, no deployments…” This user quote, captured on Reddit, underscores the real-world consequence of cloud outages: when it happens, the world stops. As your organization scales, you often make strategic decisions to centralize your workloads, whether it’s meeting strict regulatory requirements that demand data locality, or …
JFrog Security Research recently discovered and disclosed multiple CVEs in oatpp-mcp – the Oat++ framework’s implementation of Anthropic’s Model Context Protocol (MCP) standard. Among these, CVE-2025-6515 stood out due to its potential threat of hijacking MCP session IDs. Within the context of MCP we’ve dubbed this new attack technique “Prompt Hijacking“. Your browser does not …
Following the resounding success of swampUP, the award-winning, annual DevOps, DevSecOps, and MLOps conference is heading to Europe! Set in the heart of Germany’s capital city of Berlin – a centrally-located, rapidly expanding tech hub – the inaugural swampUP Europe 2025 will detail the “quantum shift” in how software is built, secured, and scaled, with …
Software supply chains have grown more complex as software delivery accelerates across more teams, technologies and environments. While the pace of releases continues to increase, the ability to manage these releases has not accelerated correspondingly. Developers and development operations are now firmly in the spotlight, as new regulations demand clear, auditable proof that every stage …
Are you confident that you’re scanning for security vulnerabilities on all your software running in production? If this question makes you uncomfortable don’t worry. First, you’re not alone. Second – keep reading. Almost all security teams today face a massive challenge: they’re drowning in data but lack direction. They have an overwhelming amount of code …
Data migrations have long been a significant source of anxiety for businesses and IT teams alike. The thought of moving critical databases often conjures images of prolonged downtime, service interruptions, and the ever-present risk of data loss. Indeed, statistics show that “90% of businesses experience unexpected downtime during database migrations, leading to significant revenue loss …
Today’s software organizations can’t make tradeoffs between speed and trust – you need both to succeed. But juggling them is tough. Moving too fast can lead to security vulnerabilities and compliance issues, while moving too slow means your competitors beat you to market. This tension creates friction that slows down every release, a problem that …
