JFrog and Carahsoft Partner to Better Secure the Public Sector’s Software Supply Chain
- None.
- None.
Insights
The partnership between JFrog and Carahsoft represents a significant step in enhancing the security posture of U.S. Government software systems. The integration of JFrog's DevSecOps capabilities into government workflows aligns with the Secure Software Development Framework (SSDF) recommended by the National Institute of Standards and Technology (NIST). This collaboration is set to automate and streamline the implementation of security measures throughout the software development lifecycle (SDLC), which is crucial given the increasing number and severity of cyber threats.
The adoption of automated DevSecOps workflows can significantly reduce the risk of software supply chain attacks, which Gartner predicts will affect 45 percent of organizations by 2025. By incorporating security at the earliest stages of development, government agencies can mitigate vulnerabilities and comply with regulatory requirements more efficiently. This proactive approach to cybersecurity can prevent costly and disruptive breaches, which is particularly important for public sector organizations responsible for sensitive data and critical infrastructure.
The strategic partnership between JFrog and Carahsoft has implications for the digital transformation initiatives within U.S. Government agencies. The availability of JFrog's platform through Carahsoft’s reseller partners and procurement contracts like NASA SEWP V and ITES-SW2 facilitates easier access to cutting-edge software supply chain solutions for government entities. This access is pivotal for agencies aiming to modernize their IT infrastructure and deliver secure digital services to citizens at an accelerated pace.
By leveraging JFrog's platform, government organizations can enhance their operational efficiency and software delivery speed without compromising security. In the long term, this can lead to more agile and responsive public services, fostering trust and satisfaction among citizens. Moreover, the emphasis on compliance ensures that software releases adhere to stringent government standards, which is essential for maintaining the integrity and security of public sector IT systems.
The announcement of the partnership between JFrog and Carahsoft is likely to be viewed favorably by investors and stakeholders within the cybersecurity and government IT sectors. JFrog's expansion into the public sector through a reputable distributor like Carahsoft can open up new revenue streams and solidify its position in the competitive software supply chain security market.
Investors should note the potential for increased demand for JFrog's solutions, driven by the growing necessity for secure software development practices in government organizations. The partnership's alignment with federal procurement contracts could streamline sales processes and enhance market penetration. While the immediate financial impact may not be fully quantifiable, the strategic nature of the partnership suggests a positive outlook for JFrog's growth and financial performance in the public sector over the medium to long term.
Government Organizations are Now Able to Accelerate the Delivery of Trusted Software from End to End Using the Secure Software Development Framework (SSDF)
New partnership empowers
“With the number and severity of security threats on the rise, plus increasing regulatory requirements, government organizations must ensure their software is compliant and secure, while also meeting their IT transformation goals,” said Shlomi Ziv, SVP of
Government agencies, like all organizations, want to release trusted software fast and on schedule to enable public servants to provide citizens with modern applications and digital services. The Secure Software Development Framework (SSDF) integrates secure development practices into the software development lifecycle, reducing vulnerabilities, mitigating potential impacts of known and unknown vulnerabilities and preventing future recurrences by addressing root causes.
Gartner predicts that 45 percent of organizations worldwide will experience a software supply chain attack by 2025 (a three-fold increase from 2021). Plus, a report by the SANS Institute showed there is a 70 percent chance a cybersecurity incident will be caused by an organization’s suppliers.
“Supply chain attacks in recent years have highlighted the importance of integrating security into each phase of software development,” said Natalie Gregory, Vice President of Open Source Solutions at Carahsoft. “JFrog’s platform provides agencies with unparalleled security, agility and peace of mind for their software supply chain. We’re excited to make these capabilities available to the Public Sector through our reseller partner network and supply Government agencies with the tools needed to enhance their security.”
Compliance with NIST SP 800-218 and the SSDF is mandatory for government organizations. The JFrog Software Supply Chain Platform is designed to assure customers that their environment complies with NIST 800-218 guidelines in accordance with the Office of Management and Budget (OMB) M-22-16 memorandum. All JFrog solutions are created using the SSDF, which is consistent with both the White House Executive Order (EO) 14028 and the White House Memorandum on Improving the Cybersecurity of National Security, Department of Defense (DoD) and Intelligence Community Systems in the NSM-8. The JFrog Platform supports on-premise, hybrid, cloud, multi-cloud or air-gapped environments and can be hosted on Amazon Web Services, Microsoft Azure or the Google Cloud Platform.
The JFrog Software Supply Chain Platform is available through Carahsoft's SEWP V contracts NNG15SC03B and NNG15SC27B, ITES-SW2 Contract W52P1J-20-D-0042 for Federal and the DoD, and the Massachusetts Higher Education Consortium (MHEC) and NJSBA contracts for Educational institutions. For more information, contact the Carahsoft team at (877) 742-8468 or JFrog@carahsoft.com, visit https://www.carahsoft.com/jfrog.
Like this story? Tweet this: .@jfrog partners with @Carahsoft to help #publicsector organizations deliver trusted software faster. #DevSecOps #DevOps #softwaresupplychain #security #developers
About JFrog
JFrog Ltd. (Nasdaq: FROG) is on a mission to create a world of software delivered without friction from developer to device. Driven by a “Liquid Software” vision, the JFrog Software Supply Chain Platform is a single system of record that powers organizations to build, manage, and distribute software quickly and securely, ensuring it is available, traceable, and tamper-proof. The integrated security features also help identify, protect, and remediate against threats and vulnerabilities. JFrog’s hybrid, universal, multi-cloud platform is available as both self-hosted and SaaS services across major cloud service providers. Millions of users and 7K+ customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely embrace digital transformation. Once you leap forward, you won’t go back! Learn more at jfrog.com and follow us on Twitter: @jfrog.
About Carahsoft
Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Open Source, DevSecOps, Cybersecurity, Artificial Intelligence and Machine Learning, MultiCloud, Customer Experience and Engagement, Big Data and more. Working with resellers, systems integrators, and consultants, our sales and marketing teams provide industry-leading IT products, services and training through hundreds of contract vehicles. Visit us at www.carahsoft.com.
Cautionary Note About Forward-Looking Statements
This press release contains “forward-looking” statements, as that term is defined under the
These forward-looking statements are based on our current assumptions, expectations and beliefs and are subject to substantial risks, uncertainties, assumptions and changes in circumstances that may cause JFrog’s actual results, performance or achievements to differ materially from those expressed or implied in any forward-looking statement. There are a significant number of factors that could cause actual results, performance or achievements, to differ materially from statements made in this press release, including but not limited to risks detailed in our filings with the Securities and Exchange Commission, including in our annual report on Form 10-K for the year ended December 31, 2023, our quarterly reports on Form 10-Q, and other filings and reports that we may file from time to time with the Securities and Exchange Commission. Forward-looking statements represent our beliefs and assumptions only as of the date of this press release. We disclaim any obligation to update forward-looking statements.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240220801804/en/
Mary Lange
(703) 230-7434
PR@carahsoft.com
Siobhan Lyons, JFrog
pr@jfrog.com
Source: JFrog Ltd.
FAQ
What is the ticker symbol for JFrog Ltd.?
What does the partnership between JFrog and Carahsoft aim to achieve?
What are the benefits of the Secure Software Development Framework (SSDF) mentioned in the press release?