Introducing JFrog Advanced Security

We are excited to introduce JFrog Advanced Security. With JFrog you can now intelligently deliver secure software at speed and scale with the industry’s only DevOps-centric security solution. The new advanced security solution unifies developers, operations, and security teams to safeguard the software supply chain in a holistic, hybrid, multi-cloud platform.

Join us to learn how these new features and the JFrog Platform identify common, but hidden supply chain security issues that attackers use to compromise development, release, and deployment processes, with the following features:

• Container Contextual Analysis: Container image scanning to detect whether the open source software vulnerabilities detected are actually exploitable in the application – an industry first
• Exposed Secrets: Detect secrets left exposed in any containers to prevent any accidental leak of internal tokens or credentials
• Insecure use of Libraries and Services: Discover whether common OSS libraries and services are used or configured insecurely
• Infrastructure-as-Code (IaC): Scan IaC files for early detection of cloud and infrastructure misconfigurations

The JFrog platform enhances your DevOps security posture with these new features and more including enhanced CVE data, remediation advice and severity assessment, malicious package detection, operational risk policies, easy SBOM exports, IDE plugins, and a Docker desktop extension.