Operations | Monitoring | ITSM | DevOps | Cloud

We are delighted to share the exciting news that JFrog has earned the “Deployed on AWS” badge in AWS Marketplace, marking yet another milestone in our journey of innovation and collaboration with Amazon Web Services (AWS). This achievement underscores our commitment to providing cutting-edge solutions that leverage AWS’s robust infrastructure to enhance the user experience and drive efficiency.

Attestations, or as we like to call them, evidence, are a critical piece to proving software supply chain integrity and security. However, without the right tools and processes, reviewing and verifying attestations can be time-consuming. At JFrog, we’re deeply committed to empowering developers, DevOps, and Security teams to make these complex workstreams as simple as possible.

Good news! You no longer have to be a DevOps or JFrog expert to harness the power of the JFrog Software Supply Chain Platform. With the introduction of JFrog’s MCP Server, we’re making the JFrog Platform accessible to your favorite large language models (LLMs). Now, every developer can take advantage of the detailed security and package information available in JFrog, such as vulnerability data from the JFrog Catalog, without needing to context-switch.

If there’s one thing we’ve learned from years of working with innovators across industries, it’s this: Progress happens when people come together—not just to showcase, but to share, ask questions, challenge one another, push both themselves and the industry to the next level, and co-create.

The JFrog Security Research team has recently discovered and disclosed CVE-2025-6514 – a critical (CVSS 9.6) security vulnerability in the mcp-remote project – a popular tool used by Model Context Protocol clients. The vulnerability allows attackers to trigger arbitrary OS command execution on the machine running mcp-remote when it initiates a connection to an untrusted MCP server, posing a significant risk to users – a full system compromise.

Swift is the default and preferred language for developing applications within the Apple ecosystem. The Swift Package Manager (SwiftPM) has become the de-facto dependency manager for Swift, enabling developers to share and reuse code effortlessly. While its elegance lies in its simplicity, there’s a common concern about integrating SwiftPM into robust, enterprise-grade development workflows. This is where JFrog Artifactory shines.

Sovereign AI ensures control over AI/ML data, models, and infrastructure, which is now essential for enterprises, regulated industries, and national interests. JFrog and NVIDIA have collaborated to deliver a secure, scalable solution for sovereign AI. NVIDIA provides the accelerated computing and AI software while JFrog ensures trusted DevSecOps and MLOps practices across the entire AI lifecycle, from model development and security scanning to deployment at the edge and in air-gapped environments.

Open-source package repositories like the Python Package Index (PyPI) play a crucial role in software development. However, these platforms are also potential targets for malicious actors attempting to exploit application software vulnerabilities. The JFrog Security Research team regularly monitors open source software repositories using advanced automated tools, in order to detect malicious packages.

The internal DevOps team at JFrog needed to provision cloud resources, create environments, and manage infrastructure for our developers. Unfortunately, it involved wasting a significant amount of time on repetitive tasks, that was slowing down the pace of innovation and taking away our developers’ focus from building new features and industry leading products.

As Software as a Service (SaaS) solutions evolve, organizations face increasing pressure to ensure uninterrupted service delivery. One of the most significant threats to SaaS Service delivery and operational continuity is the presence of known and unknown Single Points of Failure (SPOFs). As a SaaS organization, the team at JFrog deeply understands the risks of SPOFs and works hard to avoid them.