Permissions and Authentication
JFrog has defined access roles for each system and service based on least privilege principle.
Access to all our applications is possible only via Single Sign-on (SSO) and 2-factor authentication (2FA) with strong password policies.
JFrog requires that its employees use a password manager to ensure that they use unique and complex passwords, and store them in a secure vault.
JFrog uses a zero trust solution to securely connect our employees, devices, and apps over JFrog’s internal network. Our zero trust solution provides Web and URL filtering, sandboxing, cloud firewall, CASB and DLP.
JFrog engineers connect to our production resources using an advanced 2FA and just-in-time access solution, which allows us to employ the principle of least privilege and conduct a full audit.
JFrog laptops are equipped with encryption technology that’s turned on by default, in compliance with our policy, along with advanced anti-malware software.
JFrog uses email protection solutions designed to prevent malware, zero-day attacks, phishing, BEC (business email compromise), spam and N-days.