Supported Technologies

JFrog Security User Guide
ft:sourceType
Ftml

SAST, CVEs Contextual Analysis, and Secrets Detection

Info

*Supported inside a Docker image.

Programming LanguageSource code SAST (1st party code)Source code CVEs Contextual AnalysisBinary CVEs Contextual AnalysisSecrets Detection
Go*
Java*
Maven and Gradle repositories
Kotlin*
JavaScript*
TypeScript*
C# .NET*
Python*
C/C++*
Rust*
Docker
Terraform
(See Infrastructure as code below)

Misconfigurations

  • Infrastructure as code (IaC)
    1. Terraform modules - Supported in JFrog IDE Plugins and JFrog CLI
    2. Terraform plan files - Supported in JFrog CLI
    3. Terraform state files - Supported in JFrog Artifactory (Terraform BE Repository)
  • Applications and Services misconfigurations:
    1. Supported in JFrog Artifactory for Container images