JFrog, a leading software supply chain platform, has deepened its partnership with GitHub and unveiled a new runtime security solution. Announced during JFrog\u2019s SwampUp conference in Austin, the enhanced collaboration with GitHub emphasizes security, allowing developers to trace code from source to binary packages across both platforms. This integration extends JFrog\u2019s advanced security and open-source package tracking services directly into GitHub\u2019s Advanced Security service, simplifying workflows for developers who want a single, consolidated security view.<\/p>\n
JFrog CEO Shlomi Ben Haim explained that this expanded partnership addresses customer demand for greater transparency and traceability in the software supply chain. By integrating JFrog Advanced Security and JFrog Curation into GitHub\u2019s platform, users can now navigate seamlessly between their source code and binaries, all within GitHub\u2019s security tab. This unified approach provides developers with full traceability, enabling faster issue detection and remediation.<\/p>\n
According to JFrog CTO Yoav Landman, the partnership is aimed at streamlining developer workflows. \u201cDevelopers often don\u2019t realize there\u2019s an issue until something breaks. \u201cOur collaboration with GitHub allows teams to seamlessly manage both code development and binary storage,\u201d said Landman to media. This integration enhances traceability and offers a unified security overview, enabling developers to focus on crafting high-quality software without worrying about concealed vulnerabilities.<\/p>\n
In addition to its GitHub integration, JFrog has introduced a new runtime security solution. This service tracks binaries in production environments, providing full visibility and traceability from source code to deployment. The company is also integrating with Nvidia\u2019s NIM microservices, expanding its presence in the MLOps space following its acquisition of Qwak earlier this year.<\/p>\n
The runtime security service now actively monitors for vulnerabilities in real-time, scanning the production binaries and notifying users when a binary becomes compromised. By embedding sensors in the runtime environment, JFrog extends its security offerings beyond development and into live production. This marks the first time the company has deployed sensors in the runtime, further securing the software supply chain from development to production.<\/p>\n
Katie Norton, research manager for DevSecOps and Software Supply Chain Security at IDC, highlighted the significance of this approach: \u201cA platform that integrates security throughout the software supply chain, from development to production, offers essential visibility and traceability. This is crucial for developers and DevSecOps teams to manage and address risks effectively.\u201d<\/p>\n
With the addition of runtime security and its deeper GitHub integration, JFrog is positioning itself as a comprehensive DevSecOps platform, providing end-to-end protection for the software supply chain.<\/p>\n","protected":false},"excerpt":{"rendered":"
JFrog\u2019s new runtime security solution actively monitors binaries in production, offering full traceability from source code to deployment. By embedding sensors in the runtime environment, JFrog aims to secure the entire software supply chain, addressing the need for comprehensive protection in both development and live environments.<\/p>\n","protected":false},"author":266,"featured_media":51301,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[16990,16995,16989,16986,16985,16992,16991,16994,16987,16996,16988,16993],"class_list":["post-51300","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech","tag-binaries","tag-binary-scanning","tag-devsecops","tag-github-integration","tag-jfrog","tag-mlops","tag-nvidia-nim","tag-production-environments","tag-runtime-security","tag-shlomi-ben-haim","tag-software-supply-chain","tag-software-vulnerabilities"],"reading_time":"3 min read","_links":{"self":[{"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/posts\/51300","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/users\/266"}],"replies":[{"embeddable":true,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/comments?post=51300"}],"version-history":[{"count":0,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/posts\/51300\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/media\/51301"}],"wp:attachment":[{"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/media?parent=51300"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/categories?post=51300"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.businessupturn.com\/usa\/wp-json\/wp\/v2\/tags?post=51300"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}