|
By Eldad Assis
A new CVE drops into a package you depend on. With the JFrog power for Kiro installed, your next move is a single prompt in your IDE, not a tab switch to the JFrog UI and thirty minutes of hand-rolled REST calls. This is what governed agentic development looks like in practice.
|
By Sunny Rao
Last June, we hosted the first EveryOps Day in Sydney – born from the convergence of DevOps, DevSecOps, and AI/MLOps we were witnessing across every industry in APAC. A year later, with AI’s proliferation across software delivery and security, we took EveryOps Day to Mumbai on May 15, then embarked on the EveryOps Tour: a series of invitation-only executive events across Canberra, Sydney, and Melbourne.
|
By Segev Sharabi
Picture two realities for the same compliance control reaching production. Reality One: Your AppSec team writes a new rule. An engineer uses Claude Code or Cursor to generate the OPA (Open Policy Agent) Rego policy in minutes. They deploy it. It blocks a legitimate release on a missing context variable, and the on-call engineer routes around the gate to ship the code. The AI gave them fast code — but not code they could trust.
In a landscape where executive teams demand immediate AI integration, engineering and security leaders find themselves navigating a complex operational balancing act. To explore how organizations can accelerate delivery pipelines without introducing fatal security risks, JFrog recently hosted a virtual panel discussion titled “Agentic Software Delivery in 2026.
|
By Yonatan Arbel
AI coding agents are changing the pace of software development. With tools like Claude Code, developers can move from idea to implementation faster than ever, generating code, exploring unfamiliar repositories, refactoring services, and turning plain-language intent into working software. That speed is powerful. But speed without governance = risk. It also creates a new challenge: how can you govern what an AI agent builds, suggests, and pulls in from the internet?
|
By Or Cohen Naznin
NVIDIA NIM (NVIDIA Inference Microservices) packages production-ready AI models into optimized containers for enterprise deployment. Your developers need them. Your coding agents pull them. And until now, they pulled them directly from NVIDIA’s NGC registry, bypassing the supply chain controls you’ve spent years building. JFrog AI Catalog now brings NVIDIA NIM models under the same governance as every other artifact in your organization, with no separate registry and no governance gap.
|
By Runy Rapaport
JFrog is one of the first Software Supply Chain Management and Security Platforms to provide MCP functionality, which we have now opened up to anyone interested in trying Claude and Cursor in their own development environment. Doing a free trial is one of the best ways to see how JFrog integrates with your developers, operations and security.
|
By Ohad Shalev
It’s Monday morning. Your coding agents ran all weekend. Your security dashboard shows the exact same numbers it did Friday afternoon. Same models, the same approved Model Context Protocol (MCP) servers, the same AI assets you are familiar with. Reassuring. Then, suddenly, you get a notification: a production deploy failed an audit. The build references a model nobody on your team registered.
|
By Sean Pratt
Imagine this: your security team has done everything right. All development teams are using a centrally managed artifact repository with scanning in place. Your engineering organization has clear policies about where packages can come from. You feel good about your software supply chain posture. Then an incident review surfaces something nobody planned for: a compromised npm package entered your environment.
Security teams are under more pressure than ever, and most of them believe they’re keeping up. That confidence, it turns out, may be the most consequential finding in the JFrog 2026 Software Supply Chain Security State of the Union.
|
By JFrog
Is there an unlocked window in your code? A software vulnerability is more than just a "bug". It's a security gap that can lead to data breaches, system crashes, and lost customer trust. In this episode of EveryOps in 1 Minute, we break down: The definition of a software. Why they happen (from coding slips to complex architecture). Real-world examples like Log4j. How to "shift left" to catch flaws before they reach production.
|
By JFrog
In today's complex business world, staying organized and secure is more important than ever. This video breaks down GRC (Governance, Risk, and Compliance)—an integrated approach that helps organizations manage their goals, threats, and regulatory requirements in one unified way.
|
By JFrog
How do AI models go from a cool idea to a reliable app feature? One answer:. It's the "#DevOps for" that helps teams build, deploy, and monitor models without breaking things.
|
By JFrog
In software, speed is great, but safety is critical. How do you get both? That's the "Sec" in. It’s why has gained popularity: moving from the end of the line to the very beginning. Instead of a final check, it becomes a "shared responsibility" for Dev, Sec, and Ops teams at every stage of software development and delivery.
|
By JFrog
Only secure, verified, compliant software should reach production. Full stop. With increasing pressure on modern development teams to deliver across security and compliance requirements, a fully-secured, attestable pipeline demands complete visibility and control across the entire release lifecycle in a single solution.
|
By JFrog
Only secure, verified, compliant software should reach production. Full stop. With increasing pressure on modern development teams to deliver across security and compliance requirements, a fully-secured, attestable pipeline demands complete visibility and control across the entire release lifecycle in a single solution.
|
By JFrog
How can you ensure your software supply chain is resilient and prepared for the challenges ahead? In this exclusive session, we’ll reflect on key lessons from 2024 and showcase how JFrog is leading the way in securing DevOps pipelines for 2025 and beyond. Join us for an engaging conversation with industry experts as we uncover real-world insights, explore actionable strategies, and demonstrate innovations designed to safeguard your software delivery lifecycle in an evolving threat landscape.
|
By JFrog
DSSE, or Dead Simple Signing Envelope, is a standard JSON format for signing arbitrary data, widely accepted for attesting software supply chain security, particularly for SLSA provenance and attestations verification.
|
By JFrog
Some of the largest financial services organizations in the world - including the top 5 banks in the US - all use JFrog to deliver applications faster, and more securely. Working closely with these top banks, trading and insurance companies has taught us a thing or two about getting DevSecOps right in these highly regulated, complex environments.
|
By JFrog
How can you ensure your software supply chain is resilient and ready for the challenges of tomorrow? In this exclusive session, we delved into the practical lessons of 2024 and showcased how JFrog is leading the charge in securing DevOps pipelines. In this engaging conversation between industry experts, we uncovered real-world insights, explored actionable strategies, and demonstrated innovations that safeguard your software delivery lifecycle.
|
By JFrog
Cloud DevOps tools offer greater flexibility, rapid deployment, cloud automation, reduced IT costs, and low upfront costs with subscription pricing. Setting up your environment with Artifactory on the cloud on your choice provides unlimited scalability allowing you to grow according to your needs and is easily achieved by using cloud storage providers (Amazon AWS, Google GCP or Microsoft Azure) in your environment with Artifactory.
|
By JFrog
Software businesses of every industry and all sizes, from small startups to large enterprises, are looking for ways to accelerate their software development process in the race to innovate and deliver their offerings to their customers ahead of their competition.
|
By JFrog
Today, we live in a very connected world, where our devices, homes and cars all communicate with each other, and every company with a product or service has the need to develop software. It is one of the primary mediums by which they strive to provide better products, services and solutions, and has become paramount to a company's success. To continuously improve their software, companies must have sound DevOps or DevSecOps practices in place.
|
By JFrog
In today's enterprises, software is your company's everyday face, whether through the desktop, the cloud, or a mobile device, to all parts of the globe. Cars are computers on wheels. Thermostats are data terminals. Banks live in your phone. In this new world, software updates serve customer's demands. Each one you deliver is your opportunity to renew - or, if botched, destroy - their trust. How can you make every update top-notch at top speed?
|
By JFrog
Over the last several years, software development has evolved from deploying products periodically to building them on an ongoing basis using CI servers. A company's end product may be built on a daily or even hourly basis. This means that DevOps must support the continual flow of code from the individual developer's machine to the organization's production environment.
|
By JFrog
Two numbers are shaking the foundations of business. What do these two figures mean to your business? They mean that, odds are your competitive landscape is irrevocably changed - already. To start, expectations for delivery speed for new products, services, and everything are faster. The new table stakes in the DevOps world have raised the bar on collaboration, cross-organizational visibility, efficiency, even company culture. Another thing these two simple stats mean is that most businesses are already there, or heading there now.
- June 2026 (9)
- May 2026 (3)
- April 2026 (8)
- March 2026 (12)
- February 2026 (9)
- January 2026 (4)
- December 2025 (6)
- November 2025 (4)
- October 2025 (10)
- September 2025 (12)
- August 2025 (3)
- July 2025 (5)
- May 2025 (1)
- April 2025 (3)
- March 2025 (4)
- February 2025 (3)
- January 2025 (4)
- December 2024 (2)
- November 2024 (4)
- October 2024 (5)
- September 2024 (5)
- August 2024 (6)
- July 2024 (3)
- June 2024 (2)
- May 2024 (8)
- April 2024 (2)
- March 2024 (4)
- February 2024 (5)
- January 2024 (9)
- December 2023 (10)
- November 2023 (7)
- October 2023 (5)
- September 2023 (12)
- August 2023 (5)
- July 2023 (3)
- June 2023 (6)
- May 2023 (5)
- April 2023 (6)
- March 2023 (6)
- February 2023 (5)
- January 2023 (2)
- December 2022 (3)
- November 2022 (8)
- October 2022 (9)
- September 2022 (6)
- August 2022 (11)
- July 2022 (4)
- June 2022 (8)
- May 2022 (15)
- April 2022 (7)
- March 2022 (9)
- February 2022 (10)
- January 2022 (3)
- December 2021 (17)
- November 2021 (3)
- October 2021 (6)
- September 2021 (7)
- August 2021 (4)
- July 2021 (5)
- June 2021 (8)
- May 2021 (4)
- April 2021 (1)
- March 2021 (2)
- February 2021 (5)
- December 2020 (2)
- November 2020 (1)
- October 2020 (4)
- September 2020 (1)
- July 2020 (4)
- June 2020 (1)
- May 2020 (4)
- April 2020 (4)
- March 2020 (1)
- February 2020 (2)
- January 2020 (6)
- December 2019 (2)
- November 2019 (2)
JFrog products seamlessly integrate with practically any development environment on Earth, from legacy code to the most recent containers and micro-services.
JFrog's end-to-end platform provides a fully automated pipeline for distributing trusted software releases. Connecting all developers, DevOps engineers and product owners to end devices, the JFrog Platform ensures software flows quickly and free from interruption.
End-to-End Universal DevOps Platform:
- JFrog Artifactory: The undisputed software repository leader for integrated, universal artifact management at enterprise scale.
- JFrog Container Registry: The world’s most flexible, hybrid container registry, with enterprise-grade resiliency backed by JFrog Artifactory.
- JFrog XRay: Universal security vulnerability & compliance analysis, natively integrated with Artifactory for continuous governance across the DevOps pipeline.
- JFrog Pipelines: Universally orchestrate software releases and master the entire CI/CD pipeline from code to production.
- JFrog Distribution: Secure and validate your software releases, allowing trusted, optimized software distribution on a global scale.
- JFrog Mission Control: A single access point providing a centralized dashboard to oversee your DevOps pipeline.
Universal Artifact Management for DevOps Acceleration.