Operations | Monitoring | ITSM | DevOps | Cloud

JFrog

jfrog

How to set up a Private, Remote and Virtual npm Registry

Aug 10, 2021 By Batel Zohar In JFrog
The simplest way to manage and organize your Node dependencies is with an npm repository. You need reliable, secure, consistent and efficient access to your dependencies that are shared across your team, in a central location. Including a place to set up multiple registries, that work transparently with the npm client. With the JFrog free cloud subscription, including JFrog Artifactory, Xray and Pipelines, you can set up a free local, remote and virtual npm registry in minutes.
Read Post
jfrog

Navigating the Artifact Jungle, Where Development Meets Delivery

Aug 9, 2021 By Gianni Truzzi In JFrog
As developers, we spend most of our time thinking about code: how to design it, write it, debug it, integrate it. Our thoughts are of our source files, our attention is on the repositories and branches that populate our version control system. That’s our job, that’s our world. But to become DevOps professionals, we must think about what happens to take our code to the clusters where it runs. DevOps means taking our applications from development to delivery.
Read Post
jfrog

A Policy Change To Prevent Abuse on JFrog Cloud

Aug 5, 2021 By Aviv Shukron In JFrog
As of August 5, 2021, JFrog will require newly created free JFrog cloud subscription users to provide valid credit or debit card information in order to activate Pipelines CI/CD. In the months since offering Pipelines CI/CD as part of a free JFrog cloud subscription, we have unfortunately experienced a rapid growth in abuse of the free compute resources from some accounts.
Read Post
jfrog

INFRA:HALT 14 New Security Vulnerabilities Found in NicheStack

Aug 4, 2021 By Asaf Karas, Shachar Menashe and Denys Vozniuk In JFrog
NicheStack is a TCP/IP network stack commonly used in millions of Operational Technology (OT) devices around the world, including in critical infrastructure such as manufacturing plants, power generation/transmission/distribution, water treatment, and more. JFrog’s security research team (formerly Vdoo), together with Forescout Research Labs, recently discovered 14 new security vulnerabilities affecting the NicheStack TCP/IP stack.
Read Post
jfrog

Bring Xray Out of the Box with Dependency and Binary Scanning

Jul 30, 2021 By Paul Garden In JFrog
Shifting left security means you, the developer, catching and fixing vulnerabilities and license violations early in the SDLC. That’s why Xray scans binaries pushed to Artifactory by your builds, and alerts you when there are issues with your dependencies. But catching them earlier, even before checking in code, can be important for developers shifting left.
Read Post
jfrog

How to Use Cargo Repositories in Artifactory

Jul 29, 2021 By Gianni Truzzi In JFrog
For five years running, Rust has taken the top spot in Stackoverflow’s survey of most loved programming languages. Seen by many as the next step after C/C++, the language is fast becoming embraced by embedded device developers and as a robust system for IoT. At JFrog, we took notice and are eager to welcome Rust developers to the empowerment of robust binaries management and how it contributes to continuous integration.
Read Post
jfrog

JFrog detects malicious PyPI packages stealing credit cards and injecting code

Jul 29, 2021 By Andrey Polkovnichenko, Omer Kaspi and Shachar Menashe In JFrog
Software package repositories are becoming a popular target for supply chain attacks. Recently, there has been news about malware attacks on popular repositories like npm, PyPI, and RubyGems. Developers are blindly trusting repositories and installing packages from these sources, assuming they are secure.
Read Post
jfrog

JFrog and Vdoo: Better Together

Jul 28, 2021 By Paul Garden In JFrog
JFrog customers will soon enjoy end-to-end, holistic security across their software lifecycle — from development to devices — as the technology of recently-acquired Vdoo gets integrated into the JFrog DevOps Platform. That was the pledge made by JFrog and Vdoo leaders during their first joint webinar, in which they explained why JFrog acquired Vdoo, how the platform’s security and compliance capabilities will expand, and what’s the integration timeline.
Read Post

Knative - deploy, and manage modern container-based serverless workloads - Elad Hirsch

Jul 22, 2021 By JFrog In JFrog
Yalla! DevOps 2021 -- The first, in-person DevOps conference of the year! Driven by the DevOps community. All about the DevOps community. Knative is the new kid in town in the Serverless community. As Kubernetes is de facto our cloud infrastructure Knative is allowing us to focus more on our business logic and less on infrastructure ,All while committing to the new paradigm of Serverless computing.
View Video

Vdoo & JFrog - Enhanced Security From Code To The Edge

Jul 22, 2021 By JFrog In JFrog
Join this webinar to learn more about JFrog’s announced acquisition of Vdoo! Together JFrog and Vdoo are the creators of a hybrid product security platform that automates multidimensional security tasks throughout the entire build and release cycle - and how JFrog and Vdoo plan to integrate their technologies to further the secure Liquid Software vision. Imagine if you had access to streamlined, consolidated and comprehensive security data in one platform that helped developers and security teams identify and fix their most critical issues rapidly.
View Video
Subscribe to JFrog

Copyright © 2024 OpsMatters™. All rights reserved.