JFrog Artifactory for EKS Anywhere Demo
See how easy it is to provision JFrog Artifactory for EKS Anywhere from the AWS marketplace into your own on-prem clusters.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
November 2021
With AWS EKS Anywhere, DevOps with Artifactory Can Be Everywhere
With all the focus on public cloud infrastructures, it’s easy to believe that there is no room for on-premises deployments of infrastructure. However, on-prem deployments are not likely to completely go away because often it’s just the right thing to do.
Embrace your Updates
As developers, we’re passionate about creating and delivering high-quality software to our end-users and customers. Simply knowing that our software was shipped, deployed, and is being used is a great achievement. And it looks like we did a good job. Everything around us in our lives depends on high-quality software. Software needs to run for us to get water, energy, electricity, transportation, food, etc. Developers have a huge responsibility to keep this software updated and running efficiently.
Python Malware Imitates Signed PyPI Traffic in Novel Exfiltration Technique
The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to report vulnerable and malicious packages to repository maintainers. Earlier this year we disclosed several malicious packages targeting developers’ private data that were downloaded approximately 30K times. Today, we will share details about 11 new malware packages that we’ve recently discovered and disclosed to the PyPI maintainers (who promptly removed them).
TensorFlow Python Code Injection: More eval() Woes
JFrog security research team (formerly Vdoo) has recently disclosed a code injection issue in one of the utilities shipped with Tensorflow, a popular Machine Learning platform that’s widely used in the industry. The issue has been assigned to CVE-2021-41228. This disclosure is hot on the heels of our previous, similar disclosure in Yamale which you can read about in our previous blog post.
Unboxing BusyBox - 14 new vulnerabilities uncovered by Claroty and JFrog
Embedded devices with limited memory and storage resources are likely to leverage a tool such as BusyBox, which is marketed as the Swiss Army Knife of embedded Linux. BusyBox is a software suite of many useful Unix utilities, known as applets, that are packaged as a single executable file. Within BusyBox you can find a full-fledged shell, a DHCP client/server, and small utilities such as cp, ls, grep, and others.
Embrace your updates - creating a world of daily software releases without fear!
Imagine a world where we would all enjoy updating the software we use. A world where software producers could be excited about releasing every day without fear. This is the future of 'liquid software', when updates, like water, run freely to all corners of the world. In this session, JFrog co-founder and chief data scientist Fred Simon will share his vision of achieving trusted continuous updates in the DevOps world, in which software is constant. He will show us why continuous software updates are critical for our modern world.
Announcing the JFrog Slack App for Artifactory and Xray Cloud
Imagine a world where every team member could directly contribute to software together. We’re living in that world now. With more than 10 million daily active users, Slack is one of the most ‘lived in’ collaboration tools used by software development teams around the world.
Migrate and Modernize: How to Upgrade Your DevOps as You Move to the Cloud
Understand how to transform your IT with AWS infrastructure and JFrog DevOps. Join our webinar to learn how JFrog and AWS can help you transform your DevOps and infrastructure to a more nimble and secure environment. In this webinar, you will gain insight on the strategies and best practices to overcome the challenges of legacy infrastructure and older application build and deployment approaches. In this webinar you will discover.