%term

Pyrsia - Securing your OSS Supply Chain

Sep 7, 2022 By JFrog In JFrog

With OSS, not knowing where all your software comes from means hard-to-spot risks to the integrity of your services. Without constant identity checks and safety protocols for keys and secrets, open-source dependencies can open the door to breaches, exploits, and supply chain attacks. Enter Pyrsia -- your torch that lights up the open-source supply chain!

View Video

JFrog

Read more about Pyrsia - Securing your OSS Supply Chain

#DevOpsSpeakeasy at #KubeCon EU 2022 with Nuno Do Carmo

Sep 7, 2022 By JFrog In JFrog

Nuno Do Carmo, Technical Writer for SUSE Rancher, discusses bringing the Cloud Native technologies to Windows and more specifically Windows Subsystem for Linux.

View Video

JFrog

Read more about #DevOpsSpeakeasy at #KubeCon EU 2022 with Nuno Do Carmo

Supply Chain Security Exposed @ JFrog Private Event Sydney

Sep 6, 2022 By JFrog In JFrog

View Video

JFrog

Read more about Supply Chain Security Exposed @ JFrog Private Event Sydney

The Software Supply Chain Risks You Need to Know

Sep 6, 2022 By Nati Davidi, SVP JFrog Security In JFrog

Code that an organization’s developers create is only the beginning of modern software development. In fact, first-party code is likely to be only a small proportion of an application – sometimes as little as 10% of the application’s artifact ecosystem. An enterprise’s software supply chain is made of many parts, from many sources: open source packages, commercial software, infrastructure-as-code (IaC) files, and more.

Read Post

JFrog

Read more about The Software Supply Chain Risks You Need to Know

4 Operational Risks to Not Leave to Chance

Sep 1, 2022 By JFrog Team In JFrog

Not all of the recognizable risks in your software supply chain can be identified by their known vulnerabilities recorded as CVEs. A component that is outdated or inactive may present risks to your application that no one has had cause to investigate. Yet these components could still harbor threats.

Read Post

JFrog

Read more about 4 Operational Risks to Not Leave to Chance

#DevOpsSpeakeasy at #KubeCon EU 2022 with Denis Rosa of Couchbase

Aug 31, 2022 By JFrog In JFrog

Denis Rosa, Developer Advocate Manager at Couchbase, talks about the challenge of external dependencies with continuous integration and delivery

View Video

JFrog

Read more about #DevOpsSpeakeasy at #KubeCon EU 2022 with Denis Rosa of Couchbase

Using Containers Responsibly

Aug 31, 2022 By JFrog In JFrog

Tools to package your applications and services into container images are abound. They’re easier to use and integrate into your CI/CD pipelines now more than ever. We can appreciate these advancements in the form of time savings and decreasing complexity when deploying to a cloud native environment, but we cannot completely ignore the details involved in these technologies. It’s tempting to take simplicity for granted, but sometimes we do this at the expense of keeping our software safe and secure!

View Video

JFrog

Read more about Using Containers Responsibly

FROGBOT : Securing your git repository! What is new!

Aug 30, 2022 By JFrog In JFrog

GitHub Security Alerts! Support for Yarn 2... Frogbot scans every pull request created for security vulnerabilities with JFrog Xray and in version 2.3.2 it even opens pull requests for upgrading vulnerable dependencies to a version with a fix! With Frogbot installed, you can make sure that new pull requests don’t add new security vulnerabilities to your code base alongside them. If they do, the creator of the pull request has the opportunity to change the code before it is merged.

View Video

JFrog

Read more about FROGBOT : Securing your git repository! What is new!

#DevOpsSpeakeasy at #KubeCon EU 2022 with Michael Irwin of Docker

Aug 30, 2022 By JFrog In JFrog

In this interview, Mike Irwin, Engineer Manager at Docker, discusses the release of Docker Desktop for Linux and Docker Extensions, as well as his thoughts on DevSecOps.

View Video

JFrog

Read more about #DevOpsSpeakeasy at #KubeCon EU 2022 with Michael Irwin of Docker

CVE-2021-38297 - Analysis of a Go Web Assembly vulnerability

Aug 30, 2022 By Uriya Yavnieli In JFrog

The JFrog Security Research team continuously monitors reported vulnerabilities in open-source software (OSS) to help our customers and the wider community be aware of potential software supply chain security threats and their impact. In doing so, we often notice important trends and key learnings worth highlighting.

Read Post

JFrog

Read more about CVE-2021-38297 - Analysis of a Go Web Assembly vulnerability

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Pyrsia - Securing your OSS Supply Chain

#DevOpsSpeakeasy at #KubeCon EU 2022 with Nuno Do Carmo

Supply Chain Security Exposed @ JFrog Private Event Sydney

The Software Supply Chain Risks You Need to Know

4 Operational Risks to Not Leave to Chance

#DevOpsSpeakeasy at #KubeCon EU 2022 with Denis Rosa of Couchbase

Using Containers Responsibly

FROGBOT : Securing your git repository! What is new!

#DevOpsSpeakeasy at #KubeCon EU 2022 with Michael Irwin of Docker

CVE-2021-38297 - Analysis of a Go Web Assembly vulnerability

Monthly Archive

Follow Us