Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

July 2021

jfrog

Bring Xray Out of the Box with Dependency and Binary Scanning

Jul 30, 2021 By Paul Garden In JFrog

Shifting left security means you, the developer, catching and fixing vulnerabilities and license violations early in the SDLC. That’s why Xray scans binaries pushed to Artifactory by your builds, and alerts you when there are issues with your dependencies. But catching them earlier, even before checking in code, can be important for developers shifting left.

Read Post
jfrog

JFrog detects malicious PyPI packages stealing credit cards and injecting code

Jul 29, 2021 By Andrey Polkovnichenko, Omer Kaspi and Shachar Menashe In JFrog

Software package repositories are becoming a popular target for supply chain attacks. Recently, there has been news about malware attacks on popular repositories like npm, PyPI, and RubyGems. Developers are blindly trusting repositories and installing packages from these sources, assuming they are secure.

Read Post

Vdoo & JFrog - Enhanced Security From Code To The Edge

Jul 22, 2021 By JFrog In JFrog
Join this webinar to learn more about JFrog’s announced acquisition of Vdoo! Together JFrog and Vdoo are the creators of a hybrid product security platform that automates multidimensional security tasks throughout the entire build and release cycle - and how JFrog and Vdoo plan to integrate their technologies to further the secure Liquid Software vision. Imagine if you had access to streamlined, consolidated and comprehensive security data in one platform that helped developers and security teams identify and fix their most critical issues rapidly.
View Video

Use the Jenkins Credentials Binding Plugin to Protect Your Veracode Credentials

Jul 6, 2021 By Veracode In Veracode
In this video, you will learn how to: You can use the Jenkins Credentials Binding Plugin to hide your Veracode API credentials from the Jenkins interface and logs. You use the plugin to associate, or bind, your Veracode API credentials to environment variables and save them to the Jenkins credentials store. During a build, Jenkins uses the environment variables to secretly access your credentials. The Jenkins interface and logs only show the bound environment variables.
View Video

JFrog And Red Hat DevSecOps Security Series

Jul 6, 2021 By JFrog In JFrog
Accurately detecting and mitigating security vulnerabilities is critical for any enterprise. JFrog’s ongoing collaboration with Red Hat provides the DevOps community with enterprise-grade DevSecOps capabilities, enabling you to deliver high-quality, and more secure software, anywhere. As part of the Red Hat DevSecOps Security Series, Join us on July 1st for JFrog & Red Hat’s perspective on application analysis and how JFrog’s recently achieved Vulnerability Scanner Certification helps identify vulnerabilities in applications, images and configurations early in your lifecycle.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.