Integrations / CoGuard

CoGuard Infrastructure Management

JFrog and CoGuard have joined forces to help organizations minimize their risk of injecting a misconfiguration at any layer of their infrastructure. Driven by the continuous adoption ofRead More >

infrastructure as code and the dependence of modern software on servers for both delivery and functionality, the integration ensures that the blind spots are minimized, and that the configuration of any possible application a customer would run is covered by automated scanning mechanisms.Read Less >

Start Free Book a Demo

CoGuard Evidence Integration Features

Uncover hidden misconfigurations across different stages and environments: CoGuard enables you to scan your JFrog artifacts, builds and packages for configuration files, contextualize them, and help you remediate them early in the lifecycle. You will be not only scanning for software specific misconfigurations, but also for issues causing malfunction in the interplay between the different software products you use. Finally, CoGuard helps you uncover hidden services within your containers or instances which you were not aware of. 

Accelerate changes in your infrastructure and tools: Infrastructure changes, compared to code changes, happen at a much slower pace in many organizations. The reason is the uncertainty of the impact. With the CoGuard integration, any issues caused by a configuration change will be captured, allowing your teams to deploy with confidence. CoGuard also allows its users to easily create custom policies, both for third party software and for the configuration of their proprietary software. In this way, violations against documented best practices are captured alongside of misconfigurations of third party dependencies.

Secure your environments – Cloud or On-Premise: With this integration, deployments on the cloud, as well as on premise can be scanned.  May it be containerized, facilitated through playbooks, or set up via the online cloud console: CoGuard can extract configurations and scan them for dangerous defaults and other errors, and supply it as evidence to the respective JFrog artifact.

Remediate easily: Our auto-remediation feature allows your developers to have fixes done automatically and presented to them for review. This saves time, and allows your team to focus more on your business goals.

Documentation
Availability
Learn More
  • Enterprise+
Related Product
  • JFrog Platform
  • JFrog AppTrust
  • JFrog Evidence Collection
Related Integration
GitHub Artifact Attestations
Sonar
ServiceNow
NightVision
Related Resources
Documentation

CoGuard CLI GitHub Documentation

Read

Frequently Asked Questions

JFrog was already scanning my IaC files through X-Ray. How does this integration extend the current capabilities?

While the current scanning capabilities capture CVEs and IaC misconfigurations, this extension allows to also detect misconfigurations for software commonly deployed in your infrastructure (Postgres, Kafka, Hadoop, Cassandra, MongoDB, Redis, and many more).

The adoption of IaC tools is not that far in our organization. Can we still benefit from this integration?

CoGuard can extract your current configurations from your cloud environment, and the CLI can even find configurations within your running servers and containers. This allows you to already have the visibility into your infrastructure security posture, while enabling you to move towards an automated, infrastructure as code environment.

How much extra time does the scan require in my CI/CD pipeline?

The average scan is done in 30s or less. Cloud snapshot extractions and scans depend on the number of different resources running on the cloud, but average out to take 20 minutes.

The initial examples are using GitHub Actions. Is there support for other CI/CD tooling?

The evidence uploads can be performed on any other common CI/CD platform, such as Jenkins, Bitbucket pipelines, CircleCI, etc. Our team is happy to help you get set up.

About CoGuard

CoGuard is a technology company that was founded with a key realization: despite the abundance of cybersecurity products, regular breaches still occur due to simple misconfigurations. Recognizing this flaw in the process and the inadequate consideration of all configurations in a given infrastructure, CoGuard set out to create a product to fix this shortcoming. They specialize in performing comprehensive checks on Cloud and on-premise infrastructure, meticulously detecting misconfigurations across all layers.
Learn More