Operations | Monitoring | ITSM | DevOps | Cloud

June 2022

Trusted SBOMs delivered with the JFrog Platform and Azure

Jun 29, 2022 By JFrog In JFrog
SBOMs provide essential visibility into all the components that make up a piece of software and detail how it was put together. With an SBOM in hand it’s possible to determine if software contains existing security and compliance issues or is impacted by newly discovered vulnerabilities. The SBOM is imperative due to the White House’s cybersecurity executive order from May 2021 requiring them for all government software purchases and many private organizations following suit.
View Video

Supply Chain Security Meetup June 21 2022 (Sponsored by JFrog)

Jun 24, 2022 By JFrog In JFrog
Software Supply Chain Security Virtual Meetup Open-source vulnerabilities are in many applications. While finding them is critical, even more, critical is remediating them as fast as possible. Securing your software supply chain is absolutely critical as attackers are getting more sophisticated in their ability to infect software at all stages of the development lifecycle, as seen with Log4j and Solarwinds.
View Video
jfrog

Part I: A Journey of a Thousand Binaries - Types of Software Dependencies

Jun 22, 2022 By Ixchel Ruiz In JFrog
As software developers, one of the things that we worry a lot about is our software dependencies. To speed up delivery time of new functionality within our code we reuse software – we don’t have time to reinvent the wheel. We stand on the shoulders of giants and leverage all the hard work and lessons learned from the software developers of our past. Sounds great right! Well mostly great because we are faced with the underlying trials intrinsec to software development.
Read Post

JFrog Frogbot version 2

Jun 16, 2022 By JFrog In JFrog
Frogbot scans every pull request created for security vulnerabilities with JFrog Xray and in version 2 it even opens pull requests for upgrading vulnerable dependencies to a version with a fix!. With Frogbot installed, you can make sure that new pull requests don’t add new security vulnerabilities to your code base alongside them. If they do, the creator of the pull request has the opportunity to change the code before it is merged.
View Video
jfrog

5 Takeaways From "Behind the Curtain: The Road to Terraform"

Jun 13, 2022 By Sean Pratt In JFrog
How much time are you wasting initializing your Terraform environments? If your answer is, “more than we should,” then we have some tips for you. Terraform is a popular infrastructure-as-code (IaC) tool for anyone who deploys to the cloud. We use it here at JFrog to help manage infrastructure for our SaaS customers, and recently added support in Artifactory to manage your Terraform files (provider, modules, and backend).
Read Post
jfrog

Artifactory, Your Swift Package Repository

Jun 6, 2022 By Sean Pratt In JFrog
If you’re looking forward to WWDC 2022 for some exciting Swift news, we have just the thing. JFrog now offers the first and only Swift binary package repository, enabling developers to use JFrog Artifactory for resolving Swift dependencies instead of enterprise source control (Git) systems. Swift developers can benefit from Artifactory’s robust binary management and the ways that it contributes to stable and efficient CI/CD, massive scalability, and securing the software supply chain..
Read Post

The Road to Terraform with JFrog

Jun 2, 2022 By JFrog In JFrog
Transitioning to a new DevOps technology can be a daunting task, especially when it potentially impacts a solution being used by millions of developers around the globe. JFrog’s own DevOps team recently adopted Terraform in support of the JFrog SaaS offering and in the process helped guide creation of Artifactory’s support for Terraform modules, provider, and state files.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.