Operations | Monitoring | ITSM | DevOps | Cloud

May 2021

Signed Pipelines Build Trust in your Software Supply Chain

Trust isn’t given, it’s earned. As the Russian proverb advises, Доверяй, но проверяй — or as U.S. President Ronald Reagan liked to repeat, “Trust, but verify.” We designed JFrog Pipelines to securely support a large number of teams, applications, users and thousands of pipelines.

Announcing the Industry's First Private Distribution Network

Today, at our DevOps user conference swampUP, we were thrilled to announce a new groundbreaking innovation from JFrog: The industry’s first Private Distribution Network! Private Distribution Network (PDN) enables enterprises to easily set up and manage a secure, massively-scalable, hybrid distribution network for software updates.

What's New from JFrog: Binary Lifecycle Management at Scale

JFrog’s annual swampUp DevOps conference always brings new, exciting features to further our vision of accelerating releases through liquid software. This year was no exception, as JFrog CTO Yoav Landman and CPO Dror Bereznitsky revealed innovations for the JFrog DevOps Platform that enable end-to-end binary lifecycle management. Enterprise DevOps and large-scale modern application delivery require robust management of binaries, which are the building blocks of applications.

The Industry's First Private Distribution Network

Private Distribution Network (PDN) enables enterprises to easily set up and manage a secure, massively scalable, hybrid distribution network for software updates. This new innovative technology accelerates software distribution 40X to speed up deployments and concurrent downloads across large-scale environments spanning hybrid infrastructure, edges, and IoT devices. PDN provides two integrated network utilization and acceleration technologies - HTTP-based, secure P2P, and CDN - that can be rolled out across large-scale mixed-infrastructure and multi-tiered, customizable network topologies, and are managed as-a-service with usage-based pricing.

5 Steps to Starting DevOps with a JFrog Free Subscription

The JFrog Free subscription is a SaaS cloud offering of the JFrog DevOps Platform that provides software developers, DevOps Engineers, System Administrators and students a sandbox environment to explore solutions to common DevOps challenges. Here are examples of common DevOps challenges, where having a free subscription to the JFrog Platform helps.

US Executive Order on Cybersecurity: What it Means for DevOps

The United States Government equates cybersecurity with national security. That’s the crux of the recent Executive Order that will mandate that not only must software applications be vetted, but there will be upcoming regulations on providing all of the components that make up the software. As section 1 notes: “prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security.”

Keep OSS supply chain attacks off the menu: Tidelift catalogs + JFrog serve known-good components

How does your organization keep track of all of the open source components being used to develop applications and ensure they are secure and properly maintained? Our recent survey data shows that the larger an organization gets, the less confident they are in in their open source management practices. In companies over 10,000 employees, 39% are not very or not at all confident their open source components are secure, up to date, and well maintained.

What's New with JFrog Xray and DevSecOps

As we look to improve the quality and capabilities of the JFrog DevOps Platform, especially in the world of DevSecOps, we have added powerful new features to further enhance the award-winning JFrog Xray. The capabilities detailed below cement Xray’s position as a universal software composition analysis (SCA) solution trusted by developers and DevSecOps teams globally to quickly and continuously identify open source software vulnerabilities and license compliance violations.

Managing Users and Groups with SCIM in the JFrog Platform

When your organization becomes bigger, managing the users and groups lifecycle becomes a significant challenge. Your company grows rapidly, hiring new employees, and giving them access to more and more applications that your organization uses. This means that there are many employee-related actions that need to be taken when an employee changes their team, role, leaves temporarily or permanently (otherwise you may end up with operational, security or compliance issues).

How to Connect the Dots: Creating Complex CI/CD with JFrog Pipelines

As software gets more complex, so do software builds. With applications being composed of multiple services — often developed by separate teams — it can be challenging to automate a unified continuous integration process. JFrog Pipelines is unique among DevOps CI/CD solutions in empowering developers to create highly complex DevOps Pipeline workflows. Pipelines can be defined with multiple paths, trigger points and trigger types.