Leading Healthcare Company Accelerates SaaS Transformation with JFrog

OVERVIEW

A global healthcare technology and services leader operates at massive scale, with over 40,000 engineers, 2,000+ projects, and 50,000+ repositories delivering software worldwide across multiple cloud providers.

As a regulated enterprise in both the financial and healthcare industries, the organization must balance strict compliance and security requirements with the need for continuous innovation. To support its growing demands, the company embarked on a strategic transformation of its software supply chain, shifting to a SaaS-first DevSecOps model.

CHALLENGES

The development team had previously faced numerous challenges driven by scale, complexity, and regulatory demands. Their legacy self-hosted infrastructure required significant maintenance and resources, limiting agility and straining internal teams. The shift to SaaS was essential to reduce operational overhead and support their rapidly evolving development requirements.

Managing petabytes of data and supporting developers on every continent introduced critical performance and governance issues. With dozens of stakeholders across multiple business units, aligning on ownership and accountability for different components added another layer of complexity to the transformation effort. The firm had an expectation to become fully operational on SaaS with Microsoft Azure within six months, adding significant time pressure to meet this tight deadline.

SOLUTION

The team selected the JFrog Platform to serve as the foundation for its new SaaS-based DevSecOps model. The deployment included a phased rollout, with JFrog Professional Services working closely with cross-functional teams to support scale, compliance, and agility.

The following JFrog Products were deployed as part of the solution:

• JFrog Artifactory (SaaS): Central artifact repository deployed across multiple clouds and regions, serving as the system of record for all development artifacts.
• JFrog Xray: Powers real-time security scanning and compliance enforcement, used throughout onboarding, CI/CD pipelines, and production environments.
• JFrog Advanced Security: Introduced for contextual analysis, secrets scanning, and deeper vulnerability insights to prevent risks before deployment.
• JFrog Curation: Implemented to control and govern open-source component ingestion, ensuring only trusted packages enter production pipelines.
• Edge Nodes: Edge nodes strategically placed for global scale and resiliency, ensuring high performance for geographically distributed teams.
• Federated Repositories and Policy Management: Supports consistent governance across multiple Artifactory instances in a hybrid environment.
• OIDC Integration: Enables secure identity and access management aligned with the team’s enterprise systems, leveraging the JFrog-GitHub integration to ensure seamless and secure workflows from source control to artifact management.

The JFrog Platform has become the foundation for artifact management and secure software delivery at scale for the leading healthcare company. Key components include JFrog Xray and Advanced Security for deep vulnerability scanning, curated repositories to govern artifact flow, and a fully integrated identity management system via OIDC.

RESULTS

The software development operations and security teams realized significant benefits from the transformation including:

• Scalability Across Regions: Platform supports 40,000+ developers and over 100K repositories globally.
• Enhanced Security: Deep security integrations with Xray and Advanced Security support blocking packages with known vulnerabilities, secrets detection, and license compliance.
• Governance and Policy Control: Customized and federated policy management across business units and Artifactory instances.
• Performance and Resilience: Edge nodes enabling high availability and optimized access for distributed teams.
• Accelerated Delivery: On track to achieving SaaS go-live within the targeted six-month window.
• Cross-Functional Alignment: Close collaboration across JFrog’s Professional Services, Sales, R&D, and Product teams ensuring successful execution.

“In our industry, Security is non-negotiable. JFrog’s advanced scanning and curation capabilities give us the confidence that what goes into production is safe, compliant, and governed every step of the way. This wasn’t just a tooling shift – it was a strategic transformation. JFrog’s team worked side-by-side with ours to deliver a successful SaaS migration on an ambitious timeline. ” 

– Director of Development Operations

The JFrog Software Supply Chain Platform

The adoption of the JFrog Platform marked a critical milestone in the company’s move to a scalable, secure, and cloud-native software supply chain. With the full SaaS migration under way, the focus now shifts to growth tracking, load testing, and expanding adoption of JFrog Advanced Security and Curation features. As the transformation continues, JFrog remains a strategic partner in enabling the company’s vision for modern, compliant software delivery at speed and scale.

For more information please take an online tour, schedule a personalized demo or start a free trial at your convenience.

Products
The JFrog Platform, JFrog Artifactory, JFrog Xray, JFrog Advanced Security, JFrog Curation

Services
JFrog Professional Services

Partner
Azure

Additional Resources
White Paper:  The Definitive Guide to Securing the Software Supply Chain
Solution Sheet: JFrog AppTrust
Blog Post: Accelerate Your Migration to JFrog SaaS with the AWS Workload Migration