JFrog Ltd., the Liquid Software company, has announced the launch of new capabilities that strengthen the security and integrity of software releases. The company’s Software Supply Chain Platform now includes enhanced features for quality assurance, security, MLOps (Machine Learning Operations), and software compliance. This offering ensures that applications remain traceable, reliable, compliant, and secure throughout the software development lifecycle.
JFrog has made significant investments in developing comprehensive security solutions that automate DevSecOps processes at the binary level. This unique approach enables customers to safeguard their software supply chains effectively. The company’s latest capabilities cover a wide range of protection areas such as open-source and first-party code, secrets detection, Infrastructure as Code (IaC) security, and curation of OSS (Open-Source Software) packages. Additionally, JFrog is introducing AI and MLOps security, as well as caching and protection for customers’ ML (Machine Learning) models.
One of the highlights of the new capabilities is JFrog’s ML Model Management, which enables quick scanning and detection of malicious machine learning models. This feature allows organizations to block the use of such models if necessary and ensures compliance with license policies. Another key offering is the Static Application Security Testing (SAST) functionality, which seamlessly integrates with various developer environments to accurately identify zero-day security vulnerabilities in source code.
JFrog’s OSS Catalog, part of its Curation solution, provides users with immediate insights into the security and risk metadata associated with all OSS packages. By preventing the entry of malicious packages or vulnerabilities into the development environment, organizations can enhance their software security and integrity.
The JFrog Platform’s security capabilities are reinforced by a dedicated team of security engineers and researchers who actively investigate vulnerabilities and potential attack methods. Alongside these security enhancements, JFrog has also introduced new DevOps functionality. This includes the ability to proxy and cache open-source AI models from the popular Hugging Face repository, as well as ML Model Management for governing the continuous delivery of ML components.
Furthermore, JFrog has expanded its Release Lifecycle Management (RLM) capabilities, allowing organizations to create immutable Release Bundles that define the components of software packages early in the development process. These bundles undergo anti-tampering systems, compliance checks, and evidence capture, providing transparency and quality assurance at every stage of development.
JFrog’s holistic approach to software security and automation meets the needs of organizations seeking to implement true shift-left strategies in their DevOps processes. By embedding security into every phase of development, JFrog empowers companies to innovate faster while ensuring the safety and reliability of their software. With its comprehensive platform and expert security team, JFrog is at the forefront of helping organizations protect their software supply chains against emerging threats.
To learn more about the new security and DevOps capabilities in JFrog’s Software Supply Chain Platform, visit the official product pages and blogs on their website.
Keywords: JFrog, Software Supply Chain Platform, security, MLOps, DevSecOps, binary level, ML Model Management, Static Application Security Testing, OSS Catalog, Curation, Release Lifecycle Management, DevOps, Hugging Face repository, AI models, software development lifecycle.
