What measures does JFrog take to ensure Artifactory is secure?

We can state that we are SOC II compliant.
As part of being SOC II compliant our development processes and methodologies were audited to verify we are properly addressing security concerns.
In addition Artifactory is periodically being tested for security issues by 3rd party companies including penetrations tests and a bug bounty program focusing on security issues. As part of those tests, the product is checked to address items on the OWASP top 10, including XSS, CSRF, Injection, usage of components with known vulnerabilities.
All items discovered by those tests are being addressed and fixed according to their severity.