Sep 10, 2024, 12:00 AM
Sep 10, 2024, 12:00 AM

JFrog and GitHub enhance partnership with new security service launch

Highlights
  • JFrog has launched a runtime security solution and integrated its services with GitHub's Advanced Security.
  • The partnership allows for better visibility and traceability of code and binaries, addressing customer needs for a unified platform.
  • This collaboration enhances software supply chain security and improves the overall developer experience.
Story

Earlier this year, JFrog announced a partnership with GitHub aimed at enhancing the software supply chain experience for developers. This collaboration allows for seamless tracing of code from source to binary package, addressing customer demands for a unified platform. The integration of JFrog Advanced Security and JFrog Curation with GitHub’s Advanced Security service provides developers with a consolidated view of security, enabling them to manage vulnerabilities more effectively. In addition to the integration, JFrog is launching a runtime security solution that monitors binaries in production. This service enhances visibility and traceability, allowing users to identify vulnerabilities in real-time. JFrog's approach supports both shift-left and shift-right strategies, which are essential for comprehensive security management throughout the software development lifecycle. The partnership also includes participation in GitHub’s Copilot Extensions program, facilitating developers' access to coding assistance directly within their IDE. This integration is part of a broader trend where enterprises are increasingly recognizing the need for DevSecOps solutions to streamline their software supply chain workflows. Furthermore, the integration of Nvidia's NIM microservices into JFrog's platform aims to optimize model performance and compliance. JFrog's security tools will monitor these models, ensuring that organizations can maintain a secure and efficient production environment. Overall, this collaboration signifies a significant step towards enhancing software supply chain security and improving the developer experience.

Opinions

You've reached the end