JFrog Ltd , the Liquid Software company and creators of the JFrog Software Supply Chain Platform, and GitHub, the world’s leading code development platform, unveiled new integrations at JFrog’s annual user conference. This deepening collaboration provides developers with a consolidated view of project status and security posture to help quickly address potential vulnerabilities discovered by the companies’ respective Advanced Security offerings. Additionally, to help developers quickly gain insight on third-party packages, the companies announced a Copilot chat extension to quickly select software packages that are updated, approved by the organization, and safe for use.
“For developers to be productive, they need complete information about the quality and security of the code and binaries they integrate into their software. Our partnership with GitHub enables teams to do this quickly and with confidence using Copilot,” said Yoav Landman, CTO and Co-Founder, JFrog. “Our partnership also allows developers to navigate between code and the binary artifacts produced by the build process through a more intuitive workflow so they can build and release trusted software, faster. We’re excited about our shared roadmap, and look forward to driving a single platform experience for our customers.”
According to JFrog’s 2024 Software Supply Chain State of the Union report, only 56% of companies use both source code and binary scanning to secure their software supply chains, leaving nearly half of companies vulnerable to attacks at the binary level. This is very risky, as underscored by the JFrog Security Research team’s recent discoveryof a token inadvertently left at the binary level in a Docker container that granted full access to the Python package repository. Had this token been discovered and exploited, it would have impacted tens of millions of computer systems worldwide that run most of internet and cloud infrastructure, automation tasks, financial services and data analysis.
JFrog Ltd. is on a mission to create a world of software delivered without friction from developer to device. Driven by a “Liquid Software” vision, the JFrog Software Supply Chain Platform is a single system of record that powers organizations to build, manage, and distribute software quickly and securely, to aid in making it available, traceable, and tamper-proof. The integrated security features also help identify, protect, and remediate against threats and vulnerabilities. JFrog’s hybrid, universal, multi-cloud platform is available as both self-hosted and SaaS services across major cloud service providers. Millions of users and 7K+ customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely embrace digital transformation.
SOURCE: Businesswire