JFrog Salle de presse

Centre de ressources pour les analystes et les demandes de presse,
informations sur la société et réseaux de la communauté.

JFrog’s Solution for Open Source Security, JFrog Xray, Achieves Red Hat Vulnerability Scanner Certification

PRESS RELEASE, May 11, 2021

Certification Ensures Vulnerability Risk Assessments for JFrog Customers are More Accurate and Consistent.


JFrog Xray Solution for Open Source Security Achieves Red Hat Vulnerability Scanner Certification

SUNNYVALE, Calif., May 11, 2021JFrog Ltd. (“JFrog”) (NASDAQ: FROG), the liquid software company, has achieved the Red Hat Vulnerability Scanner Certification for JFrog Xray. JFrog Xray, part of the JFrog DevOps Platform, provides continuous scanning for open source security vulnerabilities and license compliance.

The new certification, launched in February 2021, validates how security software partners use Red Hat security-related data for Red Hat products and packages. With the certification, organizations using the JFrog DevOps Platform can experience improved assurance that the security vulnerability and license compliance data identified by JFrog Xray is accurate and consistent and that their risk assessment is reliable and based on trusted, certified sources. This is critical in order to enable enterprises to adopt DevSecOps practices at scale, and introduce security and compliance measures early in the delivery process.

To achieve the certification, JFrog Xray has adopted Red Hat OVAL v2 security data streams and has worked closely with Red Hat to achieve scanning accuracy for Red Hat published images including Red Hat base images.

“JFrog is proud to be a certified Red Hat Vulnerability Scanner Partner,” said Dror Bereznitsky, Chief Product Officer, JFrog”. “Accurately detecting and mitigating security vulnerabilities threatening enterprises’ code bases as early in the DevOps process as possible is absolutely critical. We are proud to continue our close collaboration with Red Hat to help ensure both JFrog and Red Hat users alike benefit from a comprehensive DevSecOps solution across their entire delivery pipeline.

“JFrog Xray provides a robust, trusted security solution for open source packages,” said Lars Herrmann, vice president, Partner Ecosystems, Product & Technologies, Red Hat. “The Red Hat Vulnerability Scanner Certification further solidifies JFrog’s commitment to providing the DevOps community with enterprise-grade DevSecOps capabilities, enabling organizations to deliver high-quality, trustworthy and more secure software, anywhere.”

In addition to the Red Hat Vulnerability Scanner Certification for Xray, JFrog has also achieved:

  • Red Hat Container Certification for JFrog Artifactory, the industry’s universal package manager and container registry.
  • Red Hat OpenShift Operator Certification for both JFrog Artifactory and JFrog Xray to enhance customer installation and automation.

Users of JFrog Xray automatically benefit from the new certification on all hybrid instances of the JFrog DevOps Platform, as well as on all cloud SaaS subscriptions – including the free subscription – offered on the major public clouds.


About JFrog

JFrog is on a “Liquid Software” mission to enable the flow of software updates seamlessly and securely from the developer’s keystrokes to production. JFrog’s end-to-end, Universal, Hybrid DevOps Platform provides the tools and visibility required by modern software development organizations to fully embrace the power of DevOps. JFrog’s Platform is available as open-source, self-managed, and SaaS services (with free tier) on AWS, Microsoft Azure, and Google Cloud. JFrog is trusted by millions of developers and thousands of customers, including the majority of the Fortune 100 companies that depend on JFrog solutions to manage their DevOps pipelines. Learn more at jfrog.com.

Media Contact:

BOCA Communications
Jenn Zimmer

Cautionary Note About Forward-Looking Statements

Certain statements in this press release, including but not limited to statements regarding the expected benefits, performance and capabilities of JFrog Xray and the JFrog DevOps Platform, as well as the implications of achieving the Red Hat Vulnerability Scanner Certification, are forward-looking statements that are subject to risks and uncertainties. These risks and uncertainties, which could cause the forward-looking statements to differ materially, include, without limitation: our ability to maintain the security and availability of our software, risk of a security breach, risk of interruptions or performance problems associated with our products and platform capabilities, our ability to adapt and respond to rapidly changing technology or customer needs, and other risks detailed in our filings with the Securities and Exchange Commission, including in our Annual Report on Form 10-K for the year ended December 31, 2020, our Quarterly Report on Form 10-Q for the quarter ended March 31, 2021, and other filings and reports that we may file from time to time with the Securities and Exchange Commission.


Red Hat, the Red Hat logo and OpenShift are trademarks or registered trademarks of Red Hat, Inc. or its subsidiaries in the U.S. and other countries.