Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

Package Provenance: Know the origin

In an era where high-profile security incidents involving the software supply chain have become all too common, the need for robust tools and practices to secure the software we rely on has never been more evident. One crucial aspect of ensuring supply chain security is package provenance, which allows for the tracking of the origin and authenticity of software packages.

The JFrog Platform Delivered 393% ROI

I’m excited to share the findings of a Forrester Consulting Total Economic Impact™ (TEI) study, a recently commissioned study conducted by Forrester Consulting on behalf of JFrog, which examines the potential return on investment (ROI) that organizations may realize by deploying the JFrog Software Supply Chain Platform. Software has become the critical infrastructure of our daily lives.

Trusting your Software Supply Chain Security with DevOps Agility

At RSA 2023, JFrog spoke with security experts about their current challenges and focus areas. With increasing scrutiny on the vulnerability of open-source, and blindspots in their Software Supply Chain (SSC) it was no surprise to hear that SSC attacks have become a top concern. But with so many vulnerabilities to fix, the need for heavy manual efforts, and a plethora of complex AST security tools to navigate, security experts say that securing the SSC can feel like an overwhelming task.

Eliminate malicious code in your software supply chain

What is malicious code? What makes it dangerous? Learn how can you detect it and keep it out of your software supply chain. Everyone wants to believe that the code developed within a trusted software supply chain is legitimate. The unfortunate reality is that malicious coders have subtle ways to secretly embed code that exposes your business to risk. Malicious code can be challenging to recognize and can remain undetected within applications long before it causes damage. Learn to recognize the red flags.

Device Authority and Entrust Further Demonstrate Their Partnership Potential to Provide Security to the Supply Chain

Identified as leaders in IoT (Internet of Things) Device Identity Lifecycle Management by ABI Research, and leaders in IoT IAM according to Quadrant, Device Authority and Entrust have worked together to integrate Device Authority’s KeyScaler® IoT IAM (Identity and Access Management) platform with PKI (Public Key Infrastructure) services from Entrust, extending the existing collaboration for Hardware Security Module (HSM) services, to provide device trust, data trust and automation at IoT sca

Protecting the supply chain in 2023 - Interview with Feross Aboukhadijeh

CEO of socket shares his thoughts on why the supply chain is the biggest risk for 2023 and how we can secure it. This interview was part of an entire episode on The Security Repo podcast dedicated to the insights from the 2023 RSA conference.

From zero to breach in seconds: Why you need to focus on software supply chain security now

The RSA Conference 2023 addressed several key issues and trends in the cybersecurity industry. Generative AI was a key topic of discussion, with attendees, executives and policymakers seeing its potential in both offense and defense in the cybersecurity arms race.

How a software supply chain platform streamlines DevOps best practices

Today’s software developers are tasked with a lot more than just coding. To keep up with the fast-paced software-driven economy, they need to focus on automation, collaboration, security, distribution, data analysis, and agility to ensure quality builds and get releases to customers quickly and securely. DevOps and security professionals need a centralized system of records that provides visibility across the business.

Supply Chain Compromise: The Risks You Need to Know

Thinking about your own network isn’t enough to keep your business safe and profitable. As more buyers, sellers, and partners collaborate ever more closely across the world, supply chain IT risks are rising with no slowdown in sight. According to the Identity Theft Resource Center, supply chain attacks surpassed malware incidents by 40% in 2022.1 There’s never been more at risk for wide collections of companies that depend on each other.