When software can travel around the globe at the speed of the cloud’s gusts, enterprises need to be extra certain the updates they release are safe for customers to use. If an app built in Palo Alto uses a vulnerable package from Belgrade, losses can ripple from Sheboygan to Shanghai. At JFrog, we believe enabling global DevSecOps in the cloud should be an easy process.
As continuous software deployments grow and become the accepted standard, security measures gain even more importance. From development and all the way through to production, security requirements should be adopted by all teams in an organization. JFrog IDE integrations provide security and compliance intelligence to the developer right from within their IDE.
For some organizations, even the best isn’t quite enough. That’s why JFrog Xray provides a way for you to specify your own additional data, to detect even more sensitive issues in your binaries before they can reach production. JFrog Xray is a tool for DevSecOps teams to gain insight into the open source components used in their applications.
Golang developers care a lot about security and as Go modules become more widely used, they need more ways to assure these publicly shared files are safe. One unique feature included with Golang version 1.13 is the foresight that went into authentication and security for Go modules. When a developer creates a new module or a new version of an existing module, a go.sum file included there creates a list of SHA-256 hashes that are unique to that module version.