Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

JFrog

jfrog

Empowering DevSecOps: JFrog's Enterprise-Ready Platform for Federal NIST SP 800-218 Compliance

Jan 31, 2024 By Greg McDermott In JFrog
As an integrator or government agency providing mission-critical software, the question to ask yourself is “Is my software development environment NIST SP 800-218 compliant?”. Compliance with NIST SP 800-218 and the SSDF (Secure Software Development Framework) is mandatory, and it’s time to ensure your software supply chain is compliant.
Read Post

The DevSecOps Hangout

Jan 30, 2024 By JFrog In JFrog
Curious to see what all the AI/ML hype is about? Watch our DevSecOps Hangout and hear how ML Model management benefits organizations by providing a single place to manage ALL software binaries, bringing DevOps best practices to ML development, and allowing organizations to ensure the integrity and security of ML models – all while leveraging an existing solution they already have in place. Watch our expert educational talks and panel discussion with our Technology Partner Qwak on MLOps, DevSecOps, AI, and Machine Learning.
View Video

The Top 10 Finance companies trust their software supply chain to JFrog

Jan 29, 2024 By JFrog In JFrog
JFrog is powering entire industries, including 89% of the Fortune 100, and 10 of the top 10 finance companies in the world. All of them use JFrog to deliver applications faster, and more securely. Watch this webinar to learn some of the best practices and tools used by some of the largest FinTech and FinServ enterprises in the world.
View Video
jfrog

*nix libX11: Uncovering and exploiting a 35-year-old vulnerability - Part 2 of 2

Jan 24, 2024 By Yair Mizrahi In JFrog
The JFrog Security research team has recently discovered two security vulnerabilities in X.Org libX11, the widely popular graphics library – CVE-2023-43786 and CVE-2023-43787 (with a high NVD severity CVSS 7.8). These vulnerabilities cause a denial-of-service and remote code execution. X11’s latest versions contain fixes for these vulnerabilities.
Read Post
jfrog

*nix libX11: Uncovering and exploiting a 35-year-old vulnerability - Part 1 of 2

Jan 17, 2024 By Yair Mizrahi In JFrog

The JFrog Security research team has recently discovered two security vulnerabilities in X.Org libX11, the widely popular graphics library – CVE-2023-43786 and CVE-2023-43787 (with a high NVD severity CVSS 7.8). These vulnerabilities cause a denial-of-service and remote code execution. X11’s latest versions contain fixes for these vulnerabilities.

Read Post
jfrog

Integrating JFrog Artifactory with Amazon SageMaker

Jan 17, 2024 By Melissa McKay In JFrog

Today, we’re excited to announce a new integration with Amazon SageMaker! SageMaker helps companies build, train, and deploy machine learning (ML) models for any use case with fully managed infrastructure, tools, and workflows. By leveraging JFrog Artifactory and Amazon SageMaker together, ML models can be delivered alongside all other software development components in a modern DevSecOps workflow, making each model immutable, traceable, secure, and validated as it matures for release.

Read Post
jfrog

Evolving ML Model Versioning

Jan 11, 2024 By Sean Pratt In JFrog

TL;DR: JFrog’s ML Model Management capabilities, which help bridge the gap between AI/ML model development and DevSecOps, are now Generally Available and come with a new approach to versioning models that benefit Data Scientists and DevOps Engineers alike. Model versioning can be a frustrating process with many considerations when taking models from Data Science to Production.

Read Post
jfrog

What is JFrog Security?

Jan 8, 2024 By The JFrog Team In JFrog

The security of the software supply chain is rapidly becoming a paramount concern for organizations — and for good reason. With the increasing number of published Common Vulnerabilities and Exposures (CVEs), developers face the challenge of delivering software faster than ever before. However, in their quest for speed, many dev and security teams have resorted to fragmented security solutions, inadvertently leaving critical gaps in coverage and compromising their competitive advantage.

Read Post
jfrog

Proactive Vulnerability Management is a No Brainer for Security, but...

Jan 4, 2024 By Elana Marom In JFrog

In December 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) identified exploits against vulnerable public-facing applications as the most common initial attack vector for cybercriminals, followed by attacks on external remote services such as VPNs. According to a study by CrowdStrike, exploit activity targeting cloud apps and assets grew 95% from 2021 to 2022, and instances of threat actors directly targeting cloud apps exploded by 288% during that period.

Read Post
jfrog

SSH protocol flaw - Terrapin Attack CVE-2023-48795: All you need to know

Dec 25, 2023 By Yair Mizrahi In JFrog

The SSH Terrapin attack (CVE-2023-48795) has recently caught attention, targeting the SSH protocol security by truncating cryptographic information. The inherent flaw in the SSH protocol itself affects a wide range of SSH client and server implementations. Following our initial research communication, this post will detail its fundamentals and impact.

Read Post
Subscribe to JFrog

Copyright © 2024 OpsMatters™. All rights reserved.