July 2021

Bring Xray Out of the Box with Dependency and Binary Scanning

Jul 30, 2021 By Paul Garden In JFrog

Shifting left security means you, the developer, catching and fixing vulnerabilities and license violations early in the SDLC. That’s why Xray scans binaries pushed to Artifactory by your builds, and alerts you when there are issues with your dependencies. But catching them earlier, even before checking in code, can be important for developers shifting left.

Read Post

JFrog

Read more about Bring Xray Out of the Box with Dependency and Binary Scanning

How to Use Cargo Repositories in Artifactory

Jul 29, 2021 By Gianni Truzzi In JFrog

For five years running, Rust has taken the top spot in Stackoverflow’s survey of most loved programming languages. Seen by many as the next step after C/C++, the language is fast becoming embraced by embedded device developers and as a robust system for IoT. At JFrog, we took notice and are eager to welcome Rust developers to the empowerment of robust binaries management and how it contributes to continuous integration.

Read Post

JFrog

Read more about How to Use Cargo Repositories in Artifactory

JFrog detects malicious PyPI packages stealing credit cards and injecting code

Jul 29, 2021 By Andrey Polkovnichenko, Omer Kaspi and Shachar Menashe In JFrog

Software package repositories are becoming a popular target for supply chain attacks. Recently, there has been news about malware attacks on popular repositories like npm, PyPI, and RubyGems. Developers are blindly trusting repositories and installing packages from these sources, assuming they are secure.

Read Post

JFrog

Read more about JFrog detects malicious PyPI packages stealing credit cards and injecting code

JFrog and Vdoo: Better Together

Jul 28, 2021 By Paul Garden In JFrog

JFrog customers will soon enjoy end-to-end, holistic security across their software lifecycle — from development to devices — as the technology of recently-acquired Vdoo gets integrated into the JFrog DevOps Platform. That was the pledge made by JFrog and Vdoo leaders during their first joint webinar, in which they explained why JFrog acquired Vdoo, how the platform’s security and compliance capabilities will expand, and what’s the integration timeline.

Read Post

JFrog

Read more about JFrog and Vdoo: Better Together

Knative - deploy, and manage modern container-based serverless workloads - Elad Hirsch

Jul 22, 2021 By JFrog In JFrog

Yalla! DevOps 2021 -- The first, in-person DevOps conference of the year! Driven by the DevOps community. All about the DevOps community. Knative is the new kid in town in the Serverless community. As Kubernetes is de facto our cloud infrastructure Knative is allowing us to focus more on our business logic and less on infrastructure ,All while committing to the new paradigm of Serverless computing.

View Video

JFrog

Read more about Knative - deploy, and manage modern container-based serverless workloads - Elad Hirsch

Vdoo & JFrog - Enhanced Security From Code To The Edge

Jul 22, 2021 By JFrog In JFrog

Join this webinar to learn more about JFrog’s announced acquisition of Vdoo! Together JFrog and Vdoo are the creators of a hybrid product security platform that automates multidimensional security tasks throughout the entire build and release cycle - and how JFrog and Vdoo plan to integrate their technologies to further the secure Liquid Software vision. Imagine if you had access to streamlined, consolidated and comprehensive security data in one platform that helped developers and security teams identify and fix their most critical issues rapidly.

View Video

JFrog

Read more about Vdoo & JFrog - Enhanced Security From Code To The Edge

After analyzing 600,000 SQL queries, these are the top mistakes developers make - Oded Valin

Jul 21, 2021 By JFrog In JFrog

Yalla! DevOps 2021 -- The first, in-person DevOps conference of the year! Driven by the DevOps community. All about the DevOps community. Users want to see their data fast, immediately, now. Whether you’re working with an ORM or writing native SQL, you probably had a “scratching-my-head-trying-to-figure-out-why-this-database-is-so-slow” moment. The team at EverSQL analyzed more than 600,000 SQL queries from thousands of different companies, to lay down the most common mistakes developers do when writing SQL queries. This talk focuses on writing SQL the right way, the fast way.

View Video

JFrog

Read more about After analyzing 600,000 SQL queries, these are the top mistakes developers make - Oded Valin

Deep-dive into Open Policy Agent + Conftest + GateKeeper - Shimon Tolts & Noaa Barki

Jul 21, 2021 By JFrog In JFrog

Yalla! DevOps 2021 -- The first, in-person DevOps conference of the year! Driven by the DevOps community. All about the DevOps community. Deep-dive into Open Policy Agent + Conftest + GateKeeper: Kubernetes Policy in action In this session, we will do a deep-dive session into: Open Policy Agent, Conftest, and GateKeeper. We will show real-life use cases of how to use those technologies in production in order to configure and enforce a centralized policy for Kubernetes Shimon and Noaa will present both sides of the dev stack, DevOps and Developers.

View Video

JFrog

Read more about Deep-dive into Open Policy Agent + Conftest + GateKeeper - Shimon Tolts & Noaa Barki

The Peopleware Running Cloud DevOps

Jul 21, 2021 By Uri Peled In JFrog

Early this year, we set out on a journey to onboard a new cloud engineering team at JFrog. Many can relate to the challenges involved with onboarding a new team, these were amplified even more during the pandemic. However this blog post is not about COVID-19, it is about sharing our experience of fine-tuning the onboarding path for this unbeatable group. TL/DR: What it takes to build and onboard a team of junior engineers into the existing JFrog Cloud engineering team.

Read Post

JFrog

Read more about The Peopleware Running Cloud DevOps

How to Accelerate Software Delivery with Hybrid Cloud CI/CD

Jul 19, 2021 By Mark Milinkovich In JFrog

Are you looking for solutions to deliver rapid application development and iterations? You’re not alone. To accomplish this, many organizations are embracing cloud native containers across multiple cloud providers. The reason? This strategy reduces the risk of vendor lock-in, and helps you scale the application infrastructure horizontally.

Read Post

JFrog

Read more about How to Accelerate Software Delivery with Hybrid Cloud CI/CD

An Overview of the JFrog DevOps Platform

Jul 14, 2021 By JFrog In JFrog

View Video

JFrog

CI CD
DevOps

Read more about An Overview of the JFrog DevOps Platform

Influencing DevOps without Authority - How a DevOps Engineer can advance real DevOps

Jul 9, 2021 By JFrog In JFrog

In this talk, Baruch will show how some proven influencing and negotiating techniques can be used to convince critical stakeholders in your organization in the necessity of DevOps. We look at the arguments, the techniques, and the small tricks, which work in particular situations with particular engineering and business leadership positions and will prepare you to deliver the message of DevOps most convincingly to each.

View Video

JFrog

CI CD
DevOps

Read more about Influencing DevOps without Authority - How a DevOps Engineer can advance real DevOps

JFrog And Red Hat DevSecOps Security Series

Jul 6, 2021 By JFrog In JFrog

Accurately detecting and mitigating security vulnerabilities is critical for any enterprise. JFrog’s ongoing collaboration with Red Hat provides the DevOps community with enterprise-grade DevSecOps capabilities, enabling you to deliver high-quality, and more secure software, anywhere. As part of the Red Hat DevSecOps Security Series, Join us on July 1st for JFrog & Red Hat’s perspective on application analysis and how JFrog’s recently achieved Vulnerability Scanner Certification helps identify vulnerabilities in applications, images and configurations early in your lifecycle.

View Video