Welcome to the JFrog Blog

Latest:

The Software Extinction Event That Wasn’t

August 15, 2024 Jens Eckels, JFrog VP of Product Marketing

10 min read

Note: This blog post was previously published on DevOps.com Imagine if the world’s most pervasive programming language, used in the majority of organizations, services, websites and infrastructure today, was itself made to be malicious? Cybersecurity researchers from JFrog recently discovered a GitHub Personal Access Token in a public Docker container… due to the popularity of…

Read More

All Blogs

Accelerate Your Migration to JFrog SaaS with the AWS ISV Workload Migration ProgramAccelerate Your Migration to JFrog SaaS with the AWS ISV Workload Migration Program

Accelerate Your Migration to JFrog SaaS with the AWS ISV Workload Migration Program

August 14, 2024 Kate Kwiatkowski, Senior Director of Global Alliances | 5 min read

In the fast-paced, ever-evolving world of software development, the ability to seamlessly migrate and manage workloads on the cloud is a game changer. At JFrog, we’re committed to empowering organizations to achieve their DevOps, DevSecOps, and MLOps goals with speed, security, and efficiency. Migrating these workloads to the cloud offers numerous advantages, including increased scalability,…
Read More
CVE-2024-38428 Wget Vulnerability: All you need to knowCVE-2024-38428 Wget Vulnerability: All you need to know

CVE-2024-38428 Wget Vulnerability: All you need to know

August 12, 2024 Goni Golan, Junior Security Researcher, JFrog Security | 10 min read

On Sunday, June 2nd 2024, a fix commit was pushed for a vulnerability in GNU’s popular Wget tool. Two weeks later, the vulnerability was assigned the ID CVE-2024-38428 and later was classified as a critical vulnerability - with a CVSS score of 9.1.  In this blog, we take a dive deep into this threat by…
Read More
Mind the Gap: The Disconnect Between Execs & DevelopersMind the Gap: The Disconnect Between Execs & Developers

Mind the Gap: The Disconnect Between Execs & Developers

August 12, 2024 Paul Davis, Field CISO | 4 min read

Note: This blog post was previously published on Hackeroon We surveyed 1,200+ technology professionals from around the globe, including 300+ VP and C-level executives, on their AI/ML usage and software supply chain security efforts. Upon analysis, a surprising gap emerged between what executives believe is happening and what developers and engineers report is happening. Here’s…
Read More
JFrog & GitHub Integration: Q&A on Implementation and ImpactJFrog & GitHub Integration: Q&A on Implementation and Impact

JFrog & GitHub Integration: Q&A on Implementation and Impact

July 29, 2024 The JFrog Team | 6 min read

The software development industry reacted with excitement to the news about the partnership between JFrog and GitHub and its potential impact on software development operations as covered in our online JFrog - GitHub Integration Tour. As VP of DevSecOps Research at IDC, Jim Mercer, commented “This announcement from GitHub and JFrog… brings together two of…
Read More
Point Solutions vs Platform – Which is Best to Secure your Software Supply Chain?Point Solutions vs Platform – Which is Best to Secure your Software Supply Chain?

Point Solutions vs Platform – Which is Best to Secure your Software Supply Chain?

July 25, 2024 Shani Achwal, Senior Product Marketing Manager | 3 min read

According to Gartner, almost two-thirds of U.S. businesses were directly impacted by a software supply chain attack. So it's not a question of whether to secure your software supply chain, but rather what is the most effective and efficient way to provide end-to-end security during all phases of the software development lifecycle (SDLC).   The…
Read More
10 Reasons DevOps Pros Must Attend swampUP 202410 Reasons DevOps Pros Must Attend swampUP 2024

10 Reasons DevOps Pros Must Attend swampUP 2024

July 15, 2024 The JFrog Team | 2 min read

JFrog’s annual DevOps, Security and MLOps conference has become a renowned industry event. Here are 10 reasons why software development executives, managers and security professionals can’t afford to miss it! September 9-11 | Omni Resort | Austin, TX Learn from leading companies about their approach to DevOps and Security challenges with industry colleagues who have…
Read More
Navigating DORA Compliance: Software Development Requirements for Financial Services CompaniesNavigating DORA Compliance: Software Development Requirements for Financial Services Companies

Navigating DORA Compliance: Software Development Requirements for Financial Services Companies

July 10, 2024 Paul Garden, JFrog DevOps & Security Industry Solutions Danny Parizada, JFrog Senior Solution Engineer | 8 min read

Regulatory compliance is a common and critical part of today's rapidly evolving financial services landscape. One new regulation that EU financial institutions must adhere to is the Digital Operational Resilience Act (DORA), enacted to enhance the operational resilience of digital financial services. The BCI Supply Chain Resilience Report 2023 highlighted that 45.7% of organizations experienced…
Read More

Popular Tags

Try the JFrog Platform

In the cloud or self-hosted

Start Free

or Book a Demo