JFrog Trust

Thousands of companies rely on JFrog solutions to securely manage their DevOps lifecycle. JFrog's top priority is earning their trust and protecting their data. We go above and beyond industry standards to protect JFrog's platform with the most advanced security and compliance solutions.

JFROG compliance

At JFrog, the privacy, security and integrity of your data is a top priority. We comply with major data-protection industry standards and government regulations.

Learn More

Product Security

JFrog places the utmost importance in the security of our product development lifecycle. JFrog's security teams protect your data using the most stringent security technologies and practices for software development. In particular, we embed security natively throughout our SDLC and “shift left” to detect security issues at the very early stages of the product development process.

Learn More

Cloud Security

JFrog SaaS solution is hosted on Amazon AWS, Microsoft Azure, and Google Cloud. We are committed to your privacy and security, with world-class infrastructure and enterprise features to keep your mission-critical JFrog Saas solution safe.

Learn More

Data Security

JFrog collects, stores and transmits your data with the most stringent and advanced security practices, and with the most modern security technology. JFrog has adopted strict data privacy best practices and data protection technologies, and complies with its internal policies, with industry standards, and with government regulations.

Learn More

Security Incident management

JFrog’s cyber security incident response team constantly monitors our products, infrastructure operations and security solutions. JFrog’s security has established a comprehensive strategy and policies to promptly and efficiently respond, notify  and remediate security incidents.

Learn More

Report A Vulnerability

The security and quality of our code is a top priority for JFrog. If you find a vulnerability or any other type of security issue in one of our products, please report it to us immediately. Security researchers may be able to participate in a bug bounty program and earn rewards for their findings.

Learn More

JFrog Security Advisories Board

JFrog takes the privacy and security of its customers very seriously and always strives to provide prompt notification and remediation of any vulnerabilities discovered on JFrog products. As a CVE Numbering Authority (CNA) , JFrog assigns CVE identification numbers to newly discovered security vulnerabilities.

Learn More

The JFrog Trust webpage contains forward-looking statements which involve uncertainties when providing estimated release dates and descriptions for commercial features. All information regarding forward-looking statements involves known and unknown risks, uncertainties, and is subject to change.

Powering the Software
that Powers the World

It’s our Liquid Software vision to automatically deliver software
packages seamlessly and securely from any source to any device.