Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

jfrog

The Importance of Prioritizing Product Security

Sep 30, 2021 By Sarit Tager In JFrog

Achieving comprehensive security for the products delivered and deployed by organizations is becoming more difficult, due to a variety of factors. A key one is the growing volume, variety and complexity of software and connected devices in use. Another is the overwhelming risk of inherited software supply chain exposures. The result: Companies struggle every day to provide software with optimal security and protection against malicious activities, takeovers, data theft, and commercial sabotage.

Read Post

Getting Started with Snyk Inside Atlassian Bitbucket Cloud

Sep 29, 2021 By Snyk In Snyk
In this video, Marco Morales at Snyk shows first time users how to get started with the Atlassian Bitbucket Cloud integration with Snyk. Snyk lets you test your open code software dependencies and container images. With the new Snyk and Bitbucket Cloud integration, you can see details of security issues right within Bitbucket. Once you enable it, Snyk automatically checks your code and its dependencies and alerts you to vulnerabilities that are present so you can fix them before you deploy.
View Video
jfrog

A Peek at JFrog's Iron Bank Accreditation for Xray and Artifactory

Sep 23, 2021 By Sudhindra Rao In JFrog

JFrog Artifactory and JFrog Xray recently underwent a rigorous hardening process to earn accreditation for inclusion in the U.S. Department of Defense’s Iron Bank, a centralized repository of digitally-signed and hardened container images. In this blog post, we’re pulling back the curtain on the process, in order to share our insights and lessons learned with our customers and with the DevOps community at large.

Read Post

What's New in Software Supply Chain Security

Sep 15, 2021 By JFrog In JFrog
With new software supply chain attacks reaching the spotlight at an accelerating pace, security research uncovering novel attack methods, and new mandates and guidelines starting to come into effect -- it can be hard to stay on top of the latest developments and their implications. Catch this session as we break down the recent news related to software supply chain security and what you can do to meet new requirements and protect your software from such attacks.
View Video

Risk Mitigation Strategies for Tcp/IP Vulnerabilities in OT

Sep 4, 2021 By JFrog In JFrog
JFrog in collaboration with Forescout Research Labs recently released the fourth study from Project Memoria - the industry’s most comprehensive study of TCP/IP vulnerabilities. INFRA:HALT covers 14 vulnerabilities affecting the popular closed source TCP/IP stack NicheStack. These vulnerabilities can cause Denial of Service or Remote Code Execution, allowing attackers to take targeted OT and ICS devices offline or take control of them.
View Video
jfrog

It's Time to Get Hip to the SBOM

Aug 24, 2021 By Bill Manning In JFrog

The DevOps, IT security and IT governance communities will remember 2021 as the year when the Software Bill of Materials , or SBOM, graduated from a “nice to have” to a “must have.” Around for years, the SBOM has now become a critical DevSecOps piece, which everyone must thoroughly understand and incorporate into their SDLC (Software Development Lifecycle).

Read Post
jfrog

How to protect your secrets with Spectral and JFrog Pipelines

Aug 17, 2021 By Batel Zohar In JFrog

Thousands of secrets leak daily on public git repositories, including over two million corporate secrets in 2020 alone. This can happen to anyone! For example, in January 2021, an Amazon cloud engineer accidentally committed almost a gigabyte worth of sensitive data that included their own personal documents, as well as passwords and cryptographic keys to various AWS environments on his personal GitHub repository.

Read Post

Appknox - Highest rated mobile application security solution

Aug 3, 2021 By Appknox In Appknox
Launching a mobile enterprise application is no easy feat and one minor security breach can undo all your hard work in no time. With the right security platform, you can detect and fix security vulnerabilities without losing sleep. Say hello to Appknox, a plug-and-play security solution that secures your mobile enterprise applications in less than 60 minutes. Rated the highest in security products in Gartner and being a high performer on G2crowd for SAST, we set ourselves apart from our competition by allowing you to integrate your SDLC with all project management and CI-CD toolchain.
View Video
jfrog

Bring Xray Out of the Box with Dependency and Binary Scanning

Jul 30, 2021 By Paul Garden In JFrog

Shifting left security means you, the developer, catching and fixing vulnerabilities and license violations early in the SDLC. That’s why Xray scans binaries pushed to Artifactory by your builds, and alerts you when there are issues with your dependencies. But catching them earlier, even before checking in code, can be important for developers shifting left.

Read Post
jfrog

JFrog detects malicious PyPI packages stealing credit cards and injecting code

Jul 29, 2021 By Andrey Polkovnichenko, Omer Kaspi and Shachar Menashe In JFrog

Software package repositories are becoming a popular target for supply chain attacks. Recently, there has been news about malware attacks on popular repositories like npm, PyPI, and RubyGems. Developers are blindly trusting repositories and installing packages from these sources, assuming they are secure.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.