Operations | Monitoring | ITSM | DevOps | Cloud

August 2021

The Fast & The Foolproof: Automation & Observability For DevOps

Aug 30, 2021 By JFrog In JFrog
When software teams are charged with delivering higher quality software, faster - how do you effectively enable collaboration and observability while eliminating risk and manual processes? In this webinar, Ali Sardar from JFrog and Rob Jahn from Dynatrace will address how to overcome these challenges and unlock speed, observability, and automation across your DevOps lifecycle. In addition to best practices shared by our speakers, you will also see both products in action - meeting the critical needs of development and operations teams.
View Video
jfrog

Scanning Dependencies in your sources using JFrog CLI and Xray

Aug 26, 2021 By Robi Nino In JFrog
Security vulnerabilities and license violations should be found as early as possible and the earlier in the SDLC , the better. As part of the “ Shift Left ” vision, JFrog CLI and Xray now allow scanning dependencies directly from sources , on-demand, using a simple command line. This functionality allows benefiting from the same JFrog Xray vulnerability and license scanning capabilities, even before deployment to JFrog Artifactory.
Read Post
jfrog

The More the Merrier: Multi-Arch Docker Manifests with Buildx and Artifactory

Aug 25, 2021 By Barak Hacham and Gianni Truzzi In JFrog
The cloud native promise to be able to “build once, deploy anywhere” is nearly fulfilled. With containerization and Docker , we can build our applications and services for any environment, and set configuration at runtime. Well,… almost. Operating systems and apps still need to be compiled to execute on specific architecture types. Your software that’s been compiled for an AMD64 processor can’t run on an ARM-based machine, nor can one built for Linux run on Windows.
Read Post
jfrog

It's Time to Get Hip to the SBOM

Aug 24, 2021 By Bill Manning In JFrog
The DevOps, IT security and IT governance communities will remember 2021 as the year when the Software Bill of Materials , or SBOM, graduated from a “nice to have” to a “must have.” Around for years, the SBOM has now become a critical DevSecOps piece, which everyone must thoroughly understand and incorporate into their SDLC (Software Development Lifecycle).
Read Post

Monitoring Your Software Supply Chain On Kubernetes With Datadog And JFrog

Aug 20, 2021 By JFrog In JFrog
You have mission-critical applications, JFrog and DataDog collaborated for a unified solution. Together, we ensure the dependable operation of your JFrog Platform by tracking usage data of Artifactory and Xray through Datadog’s modern SaaS-based log monitoring tool. We will show you how to boost efficiency of your DevOps pipeline to keep your software releases running seamlessly and securely.
View Video
jfrog

A Year of Supply Chain Attacks: How to Protect Your SDLC

Aug 20, 2021 By Juan Perez In JFrog
One of the most worrisome trends in cybersecurity today is the skyrocketing incidence of supply chain attacks, such as the ones that hit SolarWinds last year and Kaseya more recently. Because they focus on compromising software development and delivery, supply chain attacks have forced developers and DevOps teams to scramble for solutions. Unfortunately, supply chain attacks are particularly challenging to prevent, detect and remediate, and, because of their stealthy nature, are often devastating.
Read Post
jfrog

Simplifying App Deployments for Developers - A Short History from Timesharing to Serverless

Aug 19, 2021 By Brian Cox In JFrog
I have been in the IT industry for a few decades now and have helped launch waves of technology in the constant pursuit of making computing easier, cheaper and with greater uptime. This all started well before my entry into the IT industry and will continue to well past the time I retire. However, it is always good to understand where we have been and look how far we have come to understand how we can continue to make it even better.
Read Post
jfrog

How to protect your secrets with Spectral and JFrog Pipelines

Aug 17, 2021 By Batel Zohar In JFrog
Thousands of secrets leak daily on public git repositories, including over two million corporate secrets in 2020 alone. This can happen to anyone! For example, in January 2021, an Amazon cloud engineer accidentally committed almost a gigabyte worth of sensitive data that included their own personal documents, as well as passwords and cryptographic keys to various AWS environments on his personal GitHub repository.
Read Post

DevOps 101: Introduction to CI/CD

Aug 11, 2021 By JFrog In JFrog
When you’re new to an industry, you encounter § a lot of new concepts. We tend to use a lot of jargon, the documentation may be written for someone more experienced in mind or rely on contextual knowledge of the rest of the space, and it often doesn’t explain the “why” for the tool. This can make it really difficult to get your feet underneath you in an unfamiliar landscape, especially for junior engineers.
View Video
jfrog

No Internet? No Problem. Use Artifactory with an Air Gap - Part I

Aug 11, 2021 By Batel Zohar and Tal Yitzhak In JFrog
Virtually all development organizations need access to remote public resources such as Maven Central, NuGet Gallery, npmjs.org, Docker Hub etc., to download dependencies needed for a build. One of the big benefits of using Artifactory is its remote repositories which proxy these remote resources and cache artifacts that are downloaded.
Read Post
jfrog

How to set up a Private, Remote and Virtual npm Registry

Aug 10, 2021 By Batel Zohar In JFrog
The simplest way to manage and organize your Node dependencies is with an npm repository. You need reliable, secure, consistent and efficient access to your dependencies that are shared across your team, in a central location. Including a place to set up multiple registries, that work transparently with the npm client. With the JFrog free cloud subscription, including JFrog Artifactory, Xray and Pipelines, you can set up a free local, remote and virtual npm registry in minutes.
Read Post
jfrog

Navigating the Artifact Jungle, Where Development Meets Delivery

Aug 9, 2021 By Gianni Truzzi In JFrog
As developers, we spend most of our time thinking about code: how to design it, write it, debug it, integrate it. Our thoughts are of our source files, our attention is on the repositories and branches that populate our version control system. That’s our job, that’s our world. But to become DevOps professionals, we must think about what happens to take our code to the clusters where it runs. DevOps means taking our applications from development to delivery.
Read Post
jfrog

A Policy Change To Prevent Abuse on JFrog Cloud

Aug 5, 2021 By Aviv Shukron In JFrog
As of August 5, 2021, JFrog will require newly created free JFrog cloud subscription users to provide valid credit or debit card information in order to activate Pipelines CI/CD. In the months since offering Pipelines CI/CD as part of a free JFrog cloud subscription, we have unfortunately experienced a rapid growth in abuse of the free compute resources from some accounts.
Read Post
jfrog

INFRA:HALT 14 New Security Vulnerabilities Found in NicheStack

Aug 4, 2021 By Asaf Karas, Shachar Menashe and Denys Vozniuk In JFrog
NicheStack is a TCP/IP network stack commonly used in millions of Operational Technology (OT) devices around the world, including in critical infrastructure such as manufacturing plants, power generation/transmission/distribution, water treatment, and more. JFrog’s security research team (formerly Vdoo), together with Forescout Research Labs, recently discovered 14 new security vulnerabilities affecting the NicheStack TCP/IP stack.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.