%term

Episode 4: DevSecOps Coffee Break Series | 'Shift Left' Security With A Developer Centric Approach

Dec 2, 2021 By JFrog In JFrog

Learn best practices to immediately “shift left” in your Cl/CD process and fix vulnerabilities before they move into the next stage of your SDLC.

View Video

JFrog

Read more about Episode 4: DevSecOps Coffee Break Series | 'Shift Left' Security With A Developer Centric Approach

Episode 5: DevSecOps Coffee Break Series | If JFrog is Good Enough For The Government, Why Not You

Dec 2, 2021 By JFrog In JFrog

JFrog Artifactory and JFrog Xray achieved Iron Bank Certification - see how they can improve your SDLC security posture with the JFrog Platform.

View Video

JFrog

Read more about Episode 5: DevSecOps Coffee Break Series | If JFrog is Good Enough For The Government, Why Not You

Episode 3: DevSecOps Coffee Break Series | Securing Your Software Supply Chain

Dec 2, 2021 By JFrog In JFrog

Learn how you can protect your software development lifecycle (SDLC) from supply chain attacks, and ensure the software you deliver to your employees and your customers is safe.

View Video

JFrog

Read more about Episode 3: DevSecOps Coffee Break Series | Securing Your Software Supply Chain

JFrog Artifactory for EKS Anywhere Demo

Nov 30, 2021 By JFrog In JFrog

See how easy it is to provision JFrog Artifactory for EKS Anywhere from the AWS marketplace into your own on-prem clusters.

View Video

JFrog

CI CD
DevOps

Read more about JFrog Artifactory for EKS Anywhere Demo

With AWS EKS Anywhere, DevOps with Artifactory Can Be Everywhere

Nov 30, 2021 By Jagdish Mirani In JFrog

With all the focus on public cloud infrastructures, it’s easy to believe that there is no room for on-premises deployments of infrastructure. However, on-prem deployments are not likely to completely go away because often it’s just the right thing to do.

Read Post

JFrog

Read more about With AWS EKS Anywhere, DevOps with Artifactory Can Be Everywhere

Embrace your Updates

Nov 18, 2021 By Fred Simon In JFrog

As developers, we’re passionate about creating and delivering high-quality software to our end-users and customers. Simply knowing that our software was shipped, deployed, and is being used is a great achievement. And it looks like we did a good job. Everything around us in our lives depends on high-quality software. Software needs to run for us to get water, energy, electricity, transportation, food, etc. Developers have a huge responsibility to keep this software updated and running efficiently.

Read Post

JFrog

Read more about Embrace your Updates

Python Malware Imitates Signed PyPI Traffic in Novel Exfiltration Technique

Nov 18, 2021 By Andrey Polkovnychenko and Shachar Menashe In JFrog

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to report vulnerable and malicious packages to repository maintainers. Earlier this year we disclosed several malicious packages targeting developers’ private data that were downloaded approximately 30K times. Today, we will share details about 11 new malware packages that we’ve recently discovered and disclosed to the PyPI maintainers (who promptly removed them).

Read Post

JFrog

Read more about Python Malware Imitates Signed PyPI Traffic in Novel Exfiltration Technique

TensorFlow Python Code Injection: More eval() Woes

Nov 16, 2021 By Omer Kaspi and Shachar Menashe In JFrog

JFrog security research team (formerly Vdoo) has recently disclosed a code injection issue in one of the utilities shipped with Tensorflow, a popular Machine Learning platform that’s widely used in the industry. The issue has been assigned to CVE-2021-41228. This disclosure is hot on the heels of our previous, similar disclosure in Yamale which you can read about in our previous blog post.

Read Post

JFrog

Read more about TensorFlow Python Code Injection: More eval() Woes

A Singular Approach to DevOps Across Multiple Clouds

Nov 10, 2021 By JFrog In JFrog

View Video

JFrog

CI CD
DevOps

Read more about A Singular Approach to DevOps Across Multiple Clouds

Unboxing BusyBox - 14 new vulnerabilities uncovered by Claroty and JFrog

Nov 9, 2021 By Vera Mens, Uri Katz, Tal Keren, Sharon Brizinov, Shachar Menashe In JFrog

Embedded devices with limited memory and storage resources are likely to leverage a tool such as BusyBox, which is marketed as the Swiss Army Knife of embedded Linux. BusyBox is a software suite of many useful Unix utilities, known as applets, that are packaged as a single executable file. Within BusyBox you can find a full-fledged shell, a DHCP client/server, and small utilities such as cp, ls, grep, and others.

Read Post

JFrog

Read more about Unboxing BusyBox - 14 new vulnerabilities uncovered by Claroty and JFrog

Operations | Monitoring | ITSM | DevOps | Cloud

Episode 4: DevSecOps Coffee Break Series | 'Shift Left' Security With A Developer Centric Approach

Episode 5: DevSecOps Coffee Break Series | If JFrog is Good Enough For The Government, Why Not You

Episode 3: DevSecOps Coffee Break Series | Securing Your Software Supply Chain

JFrog Artifactory for EKS Anywhere Demo

With AWS EKS Anywhere, DevOps with Artifactory Can Be Everywhere

Embrace your Updates

Python Malware Imitates Signed PyPI Traffic in Novel Exfiltration Technique

TensorFlow Python Code Injection: More eval() Woes

A Singular Approach to DevOps Across Multiple Clouds

Unboxing BusyBox - 14 new vulnerabilities uncovered by Claroty and JFrog

Monthly Archive

Follow Us