JFrog Unveils World’s First DevOps-Centric Security Solution to Control the Entire Software Supply Chain
JFrog Ltd (NASDAQ: FROG) has launched JFrog Advanced Security, a pioneering DevSecOps solution designed to enhance software supply chain security. This tool integrates with JFrog's Artifactory and Xray to provide comprehensive security coverage from development to production. With cybercrime costs projected to reach
- Launch of JFrog Advanced Security enhances overall platform security coverage.
- Addresses critical vulnerabilities in open source code, responding to escalating cybersecurity threats.
- Aims to unify developer and security team efforts, improving collaboration and efficiency.
- None.
JFrog Advanced Security Unifies Developer, Security, and Operations Teams with Enterprise-wide Automation and Control of the Software Delivery Flow
JFrog Unveils World’s First DevOps-Centric Security Solution to Control the Entire Software Supply Chain (Graphic: Business Wire)
Research indicates cybercrimes cost the global economy
“The depth of security and remediation solutions vendors provide is limited by the data they own, protect, and analyze. JFrog functions as a single source of record for companies’ binaries at the heart of our customers’ software supply chain. This means JFrog is uniquely positioned to provide security solutions from the inside out, with comprehensive and holistic solutions,” said
Security teams will do whatever it takes to secure the business, while developers want to create quality software vs. spending all day fixing vulnerabilities. Both sides are investing in fortifying the business, but collaboration between the two teams and a clear picture of software package dependencies can be hindered by disparate systems, varying or redundant information and inconsistent reporting.
"Many of today’s enterprise software security solutions fall short because they only focus on source code and what happens before that software is in production," said
By creating an intelligent bridge between developers, security, and operations teams, fueled by a highly-skilled security research team, JFrog Advanced Security is designed to be a single source of truth for guiding critical vulnerability exposure (CVE) detection, assessment, and remediation strategies using:
- Exposed Secrets Detection: Uncover “secrets” such as passwords, access tokens and private keys that have been leaked or left exposed in any container stored in JFrog Artifactory to prevent the accidental leak of API keys, internal tokens, or credentials that can put enterprises at risk.
- Container Contextual Analysis: This industry-first technology provides the ability to scan containers for the presence of malicious packages or use of vulnerable open-source code inside enterprise applications early in the development process. Container Contextual Analysis can also detail which open source vulnerabilities are actually exploitable in the context of a company’s own code, allowing developers to disregard or de-prioritize non-applicable incidents, which helps sharpen focus and remediation efforts.
- Insecure use of Libraries and Services: Helps developers to quickly identify whether common open-source software libraries and services are used or configured insecurely, leaving their enterprises susceptible to attack.
- Vulnerable Infrastructure-as-Code (IaC): Customers can inspect IaC files stored in their JFrog Artifactory instance to ensure cloud infrastructure deployments are not misconfigured – making them exploitable.
- Single Scalable Architecture: The JFrog Platform provides both a legend of artifacts within an organization, augmented by JFrog Advanced Security features for comprehensive control and safeguarding of an entire software portfolio across on prem, cloud, multi-cloud and hybrid deployments extending out to the edge at any scale.
- Native Integration with Artifactory: JFrog Artifactory is the core of the JFrog Platform, functioning as a universal binary repository, allowing companies to securely control and manage update flows across the software supply chain at scale.
"As the volume and sophistication of cyberattacks continues to escalate, organizations are challenged to constantly monitor threats and work cross-functionally to resolve them, while using a myriad of disjointed point solutions which can slow them down," said
To learn more about JFrog Advanced Security read this blog, visit https://jfrog.com/advanced-security, or join us for an informative product overview webinar, “Announcing JFrog Advanced Security” on
Like this story? Tweet this: .@jfrog unveils world's first #devOps-centric #security solution for enterprise-wide visibility and control of the software supply chain. Learn more https://bit.ly/3CDiLSi #devsecops #developers #swampUP 2022
About JFrog
Cautionary Note About Forward-Looking Statements
This press release contains “forward-looking” statements, as that term is defined under the
These forward-looking statements are based on our current assumptions, expectations and beliefs and are subject to substantial risks, uncertainties, assumptions and changes in circumstances that may cause JFrog’s actual results, performance or achievements to differ materially from those expressed or implied in any forward-looking statement. There are a significant number of factors that could cause actual results, performance or achievements, to differ materially from statements made in this press release, including but not limited to risks detailed in our filings with the
1 "Resilience Requires a Modern Path to Board-Level Cyber, Privacy and Data Risk Governance,”
View source version on businesswire.com: https://www.businesswire.com/news/home/20221018005481/en/
Media Contact:
Investor Contact:
Source:
FAQ
What is JFrog Advanced Security?
How does JFrog Advanced Security enhance cybersecurity?
What are the expected benefits of JFrog Advanced Security?
What is the significance of the launch date for JFrog Advanced Security?