Unity is strength. And at JFrog, we’re committed to providing the strongest DevOps tools available. With the promised release of the JFrog DevOps Platform, it’s my honor and delight to announce JFrog’s biggest leap yet toward fulfilling our universal vision of Liquid Software. We’re excited and proud to launch the world’s first universal, hybrid, end-to-end DevOps platform.

In this blog post, we are going to cover how to perform container image scanning for CircleCI using Sysdig Secure. Image scanning allows DevOps teams to detect and resolve issues, like known vulnerabilities and incorrect configurations, directly in their CI/CD pipelines. Using Sysdig Secure, you can enforce image policies to block vulnerabilities before they reach production environments and fix them faster while the developer still has the context.

“Software is eating the world” is no longer a hopeful vision. It’s happening. It’s here. Software is driving the world’s most important technological trends, and 2020 will prove to be an inflection point for several of them. Underlying the rapid pace of software transformation is another trend that has become immensely popular in itself. The rise of continuous delivery has enabled software companies to turn their ideas into reality faster than ever before.

In our previous blog post we discussed the challenges with relying on external servers for downloading pre-build tools such as Curl, CLI, wget, Maven, Gradle, npm and others. We discussed how they can sometimes cause stability issues, also called “Environmental Issues”, that will break the build.

We’ve been busy over the last week rolling out new product features that make the cloud feel and perform as if it was right there in the building with you - specifically geographic storage and edge caching.

As developers, we need to get back to being diligent - and consistently diligent - about questions of security, provenance, reliability and availability when it comes to packages and dependencies.

The promise of Cloudsmith is simple. We ensure development teams have access to the packages they need, when they need them. And we do that through a private, cloud-based repository that can help shield the business from malware, security and licensing concerns related to the use of third party software packages, whilst giving you total control over access to your own packages.