Security Incident Management
JFrog’s cyber security incident response team constantly monitors our products, infrastructure operations and security solutions. JFrog’s security has established a comprehensive strategy and policies to promptly and efficiently respond, notify and remediate security incidents.
JFrog’s cyber incident response team (CIRT) continuously monitors our products’ logs, infrastructure operations and systems audit logs in our internal SIEM (Security Information and Event Management) to promptly and efficiently detect potential incidents. As part of this ongoing effort, the CIRT team investigates and respond to reports from their bug bounty program, vulnerability disclosure program, automated scanners, customer support portal and security email inbox.
To ensure prompt and efficient response time, our SOC (Security Operations Center) is staffed with highly qualified and experienced security experts, who work to fulfill our internal SLA policy.
Access to Data
JFrog’s CIRT has read-only access to JFrog systems, services and infrastructure to support any incident properly. This allows the team to quickly escalate incident responses, enrich relevant incident data, and quickly address and resolve issues.
JFrog’s CIRT follows clearly defined and detailed methods and playbooks to identify, contain, investigate, report and respond to every type of incident. As a result, it can quickly zero in on each incident, precisely define its scope, identify its root cause , methodically take remediation steps, and fix it promptly.
Once an incident is resolved and the investigation is completed, we perform a root cause analysis, and evaluate how well our cyber security incident response plan worked, to resolve the issue and identify improvements and actions that need to be made.
External Incident Response Experts
JFrog’s CIRT works with external incident response experts to assist us with emergency security incidents.
As part of our comprehensive vulnerability management process, JFrog’s CIRT:
- Runs continuous and automated vulnerability scans of all our assets.
- Prioritizes vulnerability fixes and releases patches quickly.