JFrog Advanced Security solution is now available via self-hosted deployment licenses.
WHY: Following closely on the heels of the cloud version of JFrog Advanced Security, this new deployment option provides more flexibility for customers managing hybrid environments and unifies developers, operations, and security teams in an effort to collectively safeguard the software supply chain.
Asaf Karas, CTO, JFrog Security, said, “Many of today’s enterprise software security solutions fall short because they only focus on source code and what happens before that software is in production,” “However, to truly protect your software supply chain you need to consider both code in development and in production at the binary level. JFrog Advanced Security provides a rich set of binary and source code analysis capabilities spanning from developer to production environments in a single, integrated DevOps platform – helping eliminate complexity, streamline security detection, assessment, and remediation efforts.”
WHAT: JFrog Advanced Security augments the already robust security capabilities in JFrog Xray with the power to detect, assess and remediate software supply chain security vulnerabilities using:
- Deep binary scanning of all software components
- Container contextual analysis (to identify false positives)
- Exposed secrets detection
- Cloud Infrastructure-as-Code (IaC) security
- Detection of the misuse or misconfiguration of open source software libraries and services putting your application at risk
