JFrog

4 Operational Risks to Not Leave to Chance

Sep 1, 2022 By JFrog Team In JFrog

Not all of the recognizable risks in your software supply chain can be identified by their known vulnerabilities recorded as CVEs. A component that is outdated or inactive may present risks to your application that no one has had cause to investigate. Yet these components could still harbor threats.

Read Post

JFrog

Read more about 4 Operational Risks to Not Leave to Chance

#DevOpsSpeakeasy at #KubeCon EU 2022 with Denis Rosa of Couchbase

Aug 31, 2022 By JFrog In JFrog

Denis Rosa, Developer Advocate Manager at Couchbase, talks about the challenge of external dependencies with continuous integration and delivery

View Video

JFrog

Read more about #DevOpsSpeakeasy at #KubeCon EU 2022 with Denis Rosa of Couchbase

Using Containers Responsibly

Aug 31, 2022 By JFrog In JFrog

Tools to package your applications and services into container images are abound. They’re easier to use and integrate into your CI/CD pipelines now more than ever. We can appreciate these advancements in the form of time savings and decreasing complexity when deploying to a cloud native environment, but we cannot completely ignore the details involved in these technologies. It’s tempting to take simplicity for granted, but sometimes we do this at the expense of keeping our software safe and secure!

View Video

JFrog

Read more about Using Containers Responsibly

FROGBOT : Securing your git repository! What is new!

Aug 30, 2022 By JFrog In JFrog

GitHub Security Alerts! Support for Yarn 2... Frogbot scans every pull request created for security vulnerabilities with JFrog Xray and in version 2.3.2 it even opens pull requests for upgrading vulnerable dependencies to a version with a fix! With Frogbot installed, you can make sure that new pull requests don’t add new security vulnerabilities to your code base alongside them. If they do, the creator of the pull request has the opportunity to change the code before it is merged.

View Video

JFrog

Read more about FROGBOT : Securing your git repository! What is new!

#DevOpsSpeakeasy at #KubeCon EU 2022 with Michael Irwin of Docker

Aug 30, 2022 By JFrog In JFrog

In this interview, Mike Irwin, Engineer Manager at Docker, discusses the release of Docker Desktop for Linux and Docker Extensions, as well as his thoughts on DevSecOps.

View Video

JFrog

Read more about #DevOpsSpeakeasy at #KubeCon EU 2022 with Michael Irwin of Docker

CVE-2021-38297 - Analysis of a Go Web Assembly vulnerability

Aug 30, 2022 By Uriya Yavnieli In JFrog

The JFrog Security Research team continuously monitors reported vulnerabilities in open-source software (OSS) to help our customers and the wider community be aware of potential software supply chain security threats and their impact. In doing so, we often notice important trends and key learnings worth highlighting.

Read Post

JFrog

Read more about CVE-2021-38297 - Analysis of a Go Web Assembly vulnerability

#DevOpsSpeakeasy at #KubeCon EU 2022 with James Strong on Supply Chain Security

Aug 29, 2022 By JFrog In JFrog

James Strong, lead solution architect at Chainguard, discusses the challenges of securing software supply chains and recommendations for developers

View Video

JFrog

Read more about #DevOpsSpeakeasy at #KubeCon EU 2022 with James Strong on Supply Chain Security

SATisfying our way into remote code execution in the OPC UA industrial stack

Aug 25, 2022 By Or Peles, Omer Kaspi and Uriya Yavnieli In JFrog

The JFrog Security team recently competed in the Pwn2Own Miami 2022 hacking competition which focuses on Industrial Control Systems (ICS) security. One of our research targets for the competition was the Unified Automation C++-based OPC UA Server SDK. Other than the vulnerabilities we disclosed as part of the pwn2own competition, we managed to find and disclose eight additional vulnerabilities to the vendor. These vulnerabilities were fixed in the SDK in version 1.7.7.

Read Post

JFrog

Read more about SATisfying our way into remote code execution in the OPC UA industrial stack

A new generation of OTA updates for Linux devices with Jfrog Connect

Aug 24, 2022 By JFrog In JFrog

Discover how you can update, control, monitor and secure remote Linux & IoT devices, at scale, with the click of a button.

View Video

JFrog

Read more about A new generation of OTA updates for Linux devices with Jfrog Connect

Software Supply Chain Super Heroes: Binary Management Plus Security

Aug 16, 2022 By Sean Pratt and Paul Garden In JFrog

Go to any DevOps or security conference today and you’re likely to see “Secure your Software Supply Chain” blazoned across most booths in some form or another. And that’s for good reason. Recent data shows that supply chain attacks have more than doubled in 2021, a trend that is likely to continue. Leading companies are actively rethinking their approach to how to develop and release software.

Read Post

JFrog

Read more about Software Supply Chain Super Heroes: Binary Management Plus Security

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

JFrog

4 Operational Risks to Not Leave to Chance

#DevOpsSpeakeasy at #KubeCon EU 2022 with Denis Rosa of Couchbase

Using Containers Responsibly

FROGBOT : Securing your git repository! What is new!

#DevOpsSpeakeasy at #KubeCon EU 2022 with Michael Irwin of Docker

CVE-2021-38297 - Analysis of a Go Web Assembly vulnerability

#DevOpsSpeakeasy at #KubeCon EU 2022 with James Strong on Supply Chain Security

SATisfying our way into remote code execution in the OPC UA industrial stack

A new generation of OTA updates for Linux devices with Jfrog Connect

Software Supply Chain Super Heroes: Binary Management Plus Security

Monthly Archive

Follow Us