JFrog introduces Xray 2.0, the security and artifact analysis tool, offering zero DevOps cycle downtime and production ready multilayer analysis for complete CI/CD security
to bring high-availability to the continuous security and open source license compliance market at RSA Conference 2018. JFrog Xray provides DevOps engineers and developers with trust in their software releases. Giving application development and release processes early visibility into potential problems, Xray enables organizations to trust their pipeline from development to deployment and production with confidence. With the powerful integration with JFrog Artifactory, Xray is the only HA tool available in the DevOps domain that analyzes images and artifacts to ensure fast, reliable and secure software releases.
“Developers are incorporating an ever-growing number of artifacts from external and internal sources into their CI/CD pipeline to release faster” says Dror Bereznitsky, VP of Product at JFrog. “While expediting delivery, this introduces the risk of software being out of compliance or out of date. JFrog Xray multilayer analysis detects dependencies across all software packages to enable full impact analysis and secure releases.”
JFrog Xray allows integration and automation with an organization’s CI/CD pipeline. With multilayer analysis of containers and software artifacts for vulnerabilities, license compliance, and quality assurance, Xray provides radical transparency and deep impact analysis. Xray 2.0 continuously governs and audits all artifacts consumed and produced in the continuous delivery pipeline, offering a highly available security checkpoint that aligns with Artifactory HA solution and helps deploy artifacts to production with full resiliency. With high availability, DevOps teams can easily upgrade and perform maintenance activities with no disruption to their CI/CD pipeline.
Unlike any other binary analysis product, JFrog Xray breaks down artifacts according to their specific packaging. Xray scans each package type, knows how to unpack it and what every underlying layer contains. Each unpacked component is examined individually to uncover potential vulnerabilities and policy violations, mapped out and merged into Xray’s universal component graph that represents the entire organization’s software structure. This allows developers to get maximum visibility into software dependencies and truly understand the impact of every issue found. Xray provides continuous protection by scanning components on a regular basis, even though they may have already been found clean and are now exposed to newly discovered vulnerabilities.
Visit JFrog at RSA 2018 Booth 136 in Moscone South to see a demo of Xray 2.0.
Join the JFrog team at swampUP, JFrog’s annual user conference that will provide demos, training and sessions showcasing Xray 2.0. swampUP will be held in Napa Valley, on May 16th-18th, 2018. Tickets are now available online at https://swampup.jfrog.com.
About JFrog “The database of DevOps”:
With more than 4,000 customers and over 2 billion downloads per month on its universal binaries hub, JFrog is the leading universal solution for the management and distribution of software binaries. JFrog’s four products, JFrog Artifactory, the Universal Artifact Repository; JFrog Bintray, the Universal Distribution Platform; JFrog Mission Control, for Universal DevOps Flow Management; and JFrog Xray, Universal Component Analyzer, are used by Dev and DevOps engineers worldwide and are available as open-source, on-premise, and SaaS cloud solutions. Customers include some of the world’s top brands, such as Amazon, Google, Facebook, Uber, Netflix, Twitter, Adobe, VMware, Slack, and Spotify. The company is privately held and operated from California, Seattle, Israel, India, Spain, China, and France. More information can be found at jfrog.com.