Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Videos

Navigating Chaos: JFrog Security Essentials and Advanced Security

We examine fundamental shifts and changes to software development approaches and how we secure developers, the code they write, and the products they build. Learn how your development teams can prioritize critical vulnerable exposure (CVE) remediation, maintain granular, centralized, and complete control of the development process, and maintain a single source of truth from code to device.

DevOps Speakeasy with Brett Smith

We caught up with Brett Smith, Software Architect at SAS. In his session, Supply Chain Robots, Electric Sheep, and SLSA Brett discusses creating automation, shifting left, attack vectors, attestation, verification, zero trust, and how the SLSA specification helps implement solutions for each. Most importantly, security must apply throughout a pipeline. The talk will lead to a larger discussion about the challenges of securing the supply chain, supporting EO 14028 and ISO27001, and improving the security posture of your pipelines.

DevOps Speakeasy with Tracy Ragan

This episode of DevOps Speakeasy features Tracy Ragan, CEO of DeployHub and CDF board member. Ragan joins us to discuss how to secure your DevOps pipeline with new security tools. There has been a security awakening among IT teams around the world. This awakening has resulted in the release of new open source tools that you can use today. From hardening the build process to gathering actionable supply chain intelligence. Her session will review the new generation of open source security tools to incorporate into your security strategy.

Introducing JFrog Curation

JFrog Curation is an automated DevSecOps solution designed to thoroughly vet and block malicious open source or third-party software packages and their respective dependencies before entering an organization’s software development environment. With JFrog Curation enterprise companies can: Find out more about what's under the hood with JFrog Curation in this informative webinar.

Trusting your Software Supply Chain Security with DevOps Agility

At RSA 2023, JFrog spoke with security experts about their current challenges and focus areas. With increasing scrutiny on the vulnerability of open-source, and blindspots in their Software Supply Chain (SSC) it was no surprise to hear that SSC attacks have become a top concern. But with so many vulnerabilities to fix, the need for heavy manual efforts, and a plethora of complex AST security tools to navigate, security experts say that securing the SSC can feel like an overwhelming task.

Curating Open source Libraries on JFrog Platform, part II.

Software supply chain security has been the most widely discussed topic for anyone who is writing applications utilizing the majority of open-source or third-party libraries. This webinar will showcase JFrog Platform's abilities to curate and compose workflows to help isolate libraries that have vulnerabilities and promote libraries to repositories that can be safely used. This webinar will also demonstrate self-service curation workflows.