Operations | Monitoring | ITSM | DevOps | Cloud

JFrog

jfrog

The Impact of CVE-2022-0185 Linux Kernel Vulnerability on Popular Kubernetes Engines

Feb 1, 2022 By Itay Vaknin and Jonathan Sar Shalom In JFrog
Last week, a critical vulnerability identified as CVE-2022-0185 was disclosed, affecting Linux kernel versions 5.1 to 5.16.1. The security vulnerability is an integer underflow in the Filesystem Context module that allows a local attacker to run arbitrary code in the context of the kernel, thus leading to privilege escalation, container environment escape, or denial of service.
Read Post
jfrog

Mind Your Dependencies: Defending against malicious npm packages

Jan 25, 2022 By Ilya Khivrich In JFrog
Modern software projects are mostly composed of open source code. The question of who really controls this code, and is responsible for detecting and fixing software supply chain security issues, became a significant source of concern after the discovery of the Log4Shell vulnerability.
Read Post

Get the most of your .Net Builds

Jan 20, 2022 By JFrog In JFrog
Give your.Net ecosystem the full power of DevOps running on AWS - The JFrog Platform covers the full application lifecycle of.NET builds from developer fingertips through distribution to consumers while covering application security, vulnerability analysis and artifact flow control. In this webinar will see how you can configure your.NET builds on AWS, so that they take full advantage of JFrog Platform for managing the lifecycle of your.NET artifacts.
View Video

Continuously Securing Software Supply Chain

Jan 19, 2022 By JFrog In JFrog
Catch this session to see a breakdown of the recent news related to software supply chain security and what you can do to meet new requirements and protect your software from such attacks. With new software supply chain attacks reaching the spotlight at an accelerating pace, security research uncovering novel attack methods and new mandates and guidelines starting to come into effect — it can be hard to stay on top of the latest developments and their implications.
View Video
jfrog

No Internet? No Problem. Use Xray with an Air Gap - Part II

Jan 19, 2022 By Tal Yitzhak In JFrog
With software supply chain attacks on the rise, implementing DevSecOps best practices in an air gapped environment is a must. In an effort to secure an organization’s internal network, there is an increasing trend of separating the internal network from the external one. Essentially creating an enclosed and disconnected environment from the public internet. An air gapped solution provides stricter security requirements, but that’s not enough.
Read Post

Effective Incident Management: How to Improve Collaborative Software Development

Jan 12, 2022 By JFrog In JFrog
* Are you using Azure DevOps as the starting point of your delivery process on the Azure cloud? Join this webinar to learn advanced tips and tricks for simplifying and accelerating your CI/CD pipelines with Azure DevOps and the JFrog Platform. Sharing a detailed demo of a real-world release pipeline triggered from Azure DevOps, we’ll review best practices and hard-won lessons for how you can streamline your end-to-end process and ensure it meets the security and quality requirements of large-scale enterprise delivery.
View Video
jfrog

Check Out JFrog's New Community Site for Developers

Jan 7, 2022 By Lori Lorusso In JFrog
JFrog has been hard at work behind the scenes restructuring how we share information with the developer community. We wanted to create a one-stop resource for developers who code in a variety of languages, with a focus on DevOps, DevSecOps, and cloud native technologies. So without further ado … let me introduce you to our new JFrog Community site!
Read Post

CTO Corner with Yoav Landman, JFrog | Episode 1: Build Info

Jan 6, 2022 By JFrog In JFrog
Want a glimpse at what it is like to be a CTO of a DevOps company? Join JFrog’s CTO Yoav Landman for our new CTO Corner Series. Each episode will feature a topic that is at the forefront of every technologist's mind… or should be. Yoav will be discussing hot topics in tech with other industry leaders giving you an opportunity to see behind the curtain of the decision makers.
View Video
jfrog

The JNDI Strikes Back - Unauthenticated RCE in H2 Database Console

Jan 6, 2022 By Andrey Polkovnychenko, Shachar Menashe In JFrog
Very recently, the JFrog security research team has disclosed an issue in the H2 database console which was issued a critical CVE – CVE-2021-42392. This issue has the same root cause as the infamous Log4Shell vulnerability in Apache Log4j (JNDI remote class loading). H2 is a very popular open-source Java SQL database offering a lightweight in-memory solution that doesn’t require data to be stored on disk.
Read Post

JFrog Artifactory on Your Choice of Cloud Provider

Jan 5, 2022 By JFrog In JFrog
JFrog Artifactory is a scalable, universal, binary repository manager that automatically manages your artifacts and dependencies throughout the application development and delivery process. Artifactory supports Kubernetes, the de facto orchestration tool in the industry, for automating deployment, scaling, and management of microservices and containerized applications..
View Video

Copyright © 2024 OpsMatters™. All rights reserved.