JFrog Press Room

Resource center for analyst and press inquiries,
company information, and community media.

JFrog Wins U.S. Defense Department Security Certification

PRESS RELEASE, September 20, 2021

Sunnyvale, Calif., September 20, 2021JFrog Ltd. (“JFrog”) (NASDAQ: FROG), the Liquid Software company, creators of the DevOps Platform, today announced its JFrog Artifactory and JFrog Xray solutions are now accredited in Iron Bank and available via Platform One. With this achievement, JFrog reinforces its commitment to providing a scalable, secure, development to edge DevOps and DevSecOps solution for its public sector customers and those in highly regulated industries such as finance, healthcare, energy, and transportation.

Under the DoD’s Platform One initiative, developers can now access a central binary repository of secure, Iron Bank-certified resources that have been hardened to the DoD’s specifications. This container registry has Continuous Authority to Operate (cATO), allowing developers to easily push validated code into production more quickly.

“Rapid software development is an imperative for all our customers, which includes the U.S. military, but it should never come at the expense of security,” said Lou Doerr, Head of U.S. Commercial Unit, Oteemo. “Knowing JFrog’s Platform is Iron Bank-certified makes it easy to recommend them for use by public and private organizations needing software delivery solutions that bake-in security from inception.”

According to the Internet Crime Report, the FBI received nearly 2,500 ransomware complaints in 2020, up 20% from 2019, costing citizens nearly $29.1 million. Platform One aims to ensure all government entities can work with a collection of approved, hardened, cloud-native DevSecOps solutions along with collaboration tools, cybersecurity tools, open-source code, artifact repositories, and development tools. JFrog Artifactory provides a single, reliable source of truth for binary packages that follow the DevOps lifecycle from development to deployment at the edge. JFrog Xray works with JFrog Artifactory to enable multi-layer analysis of each binary or container image and flags any security vulnerabilities or compliance compromises to ensure software quality.

“We understand software needs to be hardened and trusted in order for the Federal government to rely on JFrog for their mission critical applications,” said Shlomi Ben Haim, Co-founder and CEO, JFrog.  “Our vision is to enable all organizations to ‘shift left’ to bake security into every stage of development and seamlessly deploy updates across geographies, from ground to cloud, to any device throughout the software supply chain with ease and peace of mind.”

Iron Bank is the DoD Centralized Artifacts Repository (DCAR) of digitally signed, binary container images including both Free and Open-Source software (FOSS) and Commercial off-the-shelf (COTS). All artifacts are hardened according to the Container Hardening Guide, which allows software built in the system to be automatically authorized for use, a security process that usually takes months. Containers accredited in Iron Bank have DoD-wide reciprocity across classifications. Over 800 certified containers are available today including those offered by JFrog partners such as AWS, Docker, Microsoft Azure, Oracle, RedHat, and VMWare.

To learn more about JFrog Artifactory, JFrog Xray, and the entire platform of DevOps and DevSecOps solutions for public sector environments, register for “Aligning to the DoD Enterprise DevSecOps Reference Design,” on October 26, 2021 at 11:00 AM PT, read this blog or visit jfrog.com.


About JFrog

JFrog is on a mission to be the company powering all of the world’s software updates, driven by a “Liquid Software” vision to allow the seamless, secure flow of binaries from developers to the edge. The company’s end-to-end DevOps platform – the JFrog Platform – provides the tools and visibility required by modern organizations to solve today’s challenges across critical pieces of the DevOps cycle. JFrog’s hybrid, universal, multi-cloud DevOps platform is available as both self-managed and SaaS services on AWS, Microsoft Azure, and Google Cloud. JFrog is trusted by millions of users and thousands of customers, including a majority of the Fortune 100 companies that depend on JFrog solutions to manage their mission-critical software delivery pipelines. Learn more at jfrog.com.

Forward Looking Statements 

This press release contains “forward-looking” statements as that term is defined under the U.S. federal securities laws, including but not limited to statements regarding our ability to provide a scalable, secure, development to edge DevOps and DevSecOps solution for our public sector customers and those in highly-regulated industries such as finance, healthcare, energy, and transportation. These forward-looking statements are based on our current assumptions, expectations and beliefs and are subject to substantial risks, uncertainties, assumptions and changes in circumstances that may cause our actual results, performance or achievements to differ materially from those expressed or implied in any forward-looking statement.

There are a significant number of factors that could cause actual performance to differ materially from statements made in this press release, including but not limited to: risks associated with managing our rapid growth; risk of a security breach; risk of interruptions or performance problems associated with our products and platform capabilities; our ability to adapt and respond to rapidly changing technology or customer needs; our ability to compete in the markets in which we participate; general market, political, economic, and business conditions; and the duration and impact of the COVID-19 pandemic. Our actual performance could differ materially from those stated or implied in forward-looking statements due to a number of factors, including but not limited to, risks detailed in our filings with the Securities and Exchange Commission (the “SEC”), including in our Annual Report on Form 10-K for the year ended December 31, 2020, our Quarterly Report on Form 10-Q for the quarter ended June 30, 2021, and other filings and reports that we may file from time to time with the SEC. Forward-looking statements represent our beliefs and assumptions only as of the date of this press release. We disclaim any obligation to update forward-looking statements.

  • The JFrog name, logo mark and all JFrog product names are registered trademarks or trademarks of JFrog Ltd.
  • Other company names and product / service names mentioned in this press release are registered trademarks or trademarks of each company.

Media Contact:


Investor Contact: 

JoAnn Horne