Melissa speaks with Fatih about Open Source, Continuous Delivery Foundation and Special Interest Groups.

Peter speaks with Matthew about the future of DevOps tooling

Maria Ashby (@makincashby) shares her story of being a new Developer Advocate and her first public speaking engagement.

SBOMs provide essential visibility into all the components that make up a piece of software and detail how it was put together. With an SBOM in hand it’s possible to determine if software contains existing security and compliance issues or is impacted by newly discovered vulnerabilities. The SBOM is imperative due to the White House’s cybersecurity executive order from May 2021 requiring them for all government software purchases and many private organizations following suit.

Software Supply Chain Security Virtual Meetup Open-source vulnerabilities are in many applications. While finding them is critical, even more, critical is remediating them as fast as possible. Securing your software supply chain is absolutely critical as attackers are getting more sophisticated in their ability to infect software at all stages of the development lifecycle, as seen with Log4j and Solarwinds.

Frogbot scans every pull request created for security vulnerabilities with JFrog Xray and in version 2 it even opens pull requests for upgrading vulnerable dependencies to a version with a fix!. With Frogbot installed, you can make sure that new pull requests don’t add new security vulnerabilities to your code base alongside them. If they do, the creator of the pull request has the opportunity to change the code before it is merged.

Transitioning to a new DevOps technology can be a daunting task, especially when it potentially impacts a solution being used by millions of developers around the globe. JFrog’s own DevOps team recently adopted Terraform in support of the JFrog SaaS offering and in the process helped guide creation of Artifactory’s support for Terraform modules, provider, and state files.

Docker Bangalore & JFrog Bangalore celebrate Docker's 9th Birthday

Catch this session to see exactly what does “shift left” security mean? More importantly, how does this strategy affect a developer’s workflow? In this workshop we walk attendees through the steps of setting up an end-to-end DevSecOps solution to automate your build artifact storage, vulnerability detection, testing, and deployment. Lastly, attendees learn how to take advantage of JFrog’s IDE integration and JFrog XRay to increase your confidence in the security of your application, all within a freely available DevSecOps environment!