Meet JFrog Xray

JFrog Xray is a universal software composition analysis (SCA) tool that natively integrates with Artifactory as part of the JFrog Platform, giving DevSecOps teams an easy way to proactively identify open source vulnerabilities and license compliance violations, before they manifest in production.

The JFrog Platform with Xray is available as a fully managed service on the cloud provider of your choice (AWS, Google Cloud Platform, or Azure), through SaaS plans sized for every level of organization from small business to global enterprise. With this flexibility, the JFrog Platform can enable your single-cloud, multi-cloud, or hybrid strategy.

• Deep recursive scanning examines all the underlying layers and dependencies of components, even those packaged in Docker images, and zip files
• Be confident with a comprehensive vulnerability database from multiple leading sources including the NVD, GitHub, Ubuntu, Debian, Red Hat, PHP, and data uncovered by the JFrog Security Research Team.
• Unprecedented visibility of your artifacts and dependencies enables Xray to provide an impact analysis of any issues discovered in your software