Developers

JFrog Security User Guide

ft:sourceType
Ftml

The Developers section includes documentation for the JFrog Security CLI and integrations, providing developers and administrators with the tools to automate security workflows and enhance the development experience. The guides offer comprehensive instructions and best practices to help secure your software development lifecycle using:

  • JFrog Security CLI
  • Code Security within Your IDEs
  • Scanning Source Code Repositories with Frogbot

Source vs. State: How Scans Differ

The developers' tools scans work directly on the source files, such as Terraform configurations, representing the intended infrastructure setup. In contrast, platform scans analyze the state files—JSON files that capture the actual deployed state of your infrastructure. This means the developers' tools provide insights based on the code you write, while the platform reflects the real-world implementation.

System Requirements

The system requirements for enabling security scans using the JFrog Security CLI, IDE plugins, and Frogbot are:

Operating SystemSupported VersionsMinimum Required Version
RHEL8 and above8
CentOS9 and above9
Ubuntu18.04, 20.04, 22.0418.04

Air-Gapped Environments

Air-gapped environments are physically isolated systems disconnected from unsecured networks, used to protect sensitive data from cyber threats, malware, and remote hacking.