ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
Recent Quotes
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

JFrog and GitHub Expand Partnership, Deliver Single Pane of Glass for Security and Copilot Chat to Empower Developers

By: via Business Wire

Enhanced integration delivers Copilot chat powered by comprehensive software package insights, alongside holistic software supply chain security protection from code to binaries

JFrog swampUP JFrog Ltd (Nasdaq: FROG), the Liquid Software company and creators of the JFrog Software Supply Chain Platform, and GitHub, the world’s leading code development platform, today unveiled new integrations at JFrog’s annual user conference. This deepening collaboration provides developers with a consolidated view of project status and security posture to help quickly address potential vulnerabilities discovered by the companies’ respective Advanced Security offerings. Additionally, to help developers quickly gain insight on third-party packages, the companies announced a Copilot chat extension to quickly select software packages that are updated, approved by the organization, and safe for use.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240910960053/en/

JFrog and GitHub expand partnership to deliver unified view of project status and security posture, plus a new Copilot chat extension for validating third-party software packages. (Graphic: Business Wire)

JFrog and GitHub expand partnership to deliver unified view of project status and security posture, plus a new Copilot chat extension for validating third-party software packages. (Graphic: Business Wire)

“For developers to be productive, they need complete information about the quality and security of the code and binaries they integrate into their software. Our partnership with GitHub enables teams to do this quickly and with confidence using Copilot,” said Yoav Landman, CTO and Co-Founder, JFrog. “Our partnership also allows developers to navigate between code and the binary artifacts produced by the build process through a more intuitive workflow so they can build and release trusted software, faster. We're excited about our shared roadmap, and look forward to driving a single platform experience for our customers."

According to JFrog’s 2024 Software Supply Chain State of the Union report, only 56% of companies use both source code and binary scanning to secure their software supply chains, leaving nearly half of companies vulnerable to attacks at the binary level. This is very risky, as underscored by the JFrog Security Research team’s recent discovery of a token inadvertently left at the binary level in a Docker container that granted full access to the Python package repository. Had this token been discovered and exploited, it would have impacted tens of millions of computer systems worldwide that run most of today’s internet and cloud infrastructure, automation tasks, financial services and data analysis.

Creating Secure Developer Workflows by Uniting Best-of-Breed Source Code and Binary Platforms

JFrog’s integration with GitHub is expected to offer an easier, more secure way to trace code from its source to the resulting binaries across both platforms with the following key capabilities:

  • Copilot Chat Integration for Software Package Insights: The new GitHub Copilot extension boosts developer productivity by providing insights on open-source packages within the JFrog binary environment alongside GitHub code data, eliminating the need to search through documentation or online forums. It also aligns recommendations with organizational curation policies, enabling informed software package choices that consider security and market adoption. Combining Copilot's chat features with JFrog's artifact metadata creates an invaluable AI-powered assistant for developers.
  • Consolidated, Single Pane of Glass Security Dashboard: A unified view of security scan results from GitHub Advanced Security and JFrog Advanced Security (including the scanners that found the Python vulnerability mentioned above), helping developers address and remove potential software vulnerabilities earlier in the development lifecycle, saving time and reducing risk.
  • Bidirectional End-to-End Release Lineage: The new job summary page on GitHub offers a quick view of the health and security status of each GitHub Actions Workflow, allowing developers to quickly see the output packages from each build, navigate to their location in JFrog Artifactory and back again. This bidirectional navigation utilizes a software bill of materials (SBOM) preserved in JFrog Artifactory, enhancing software lineage traceability.
  • Dynamic Project Mapping and Authentication: Improved automatic authorization and seamless project mapping between GitHub Repositories and JFrog Projects in Artifactory utilizing current OpenID Connect (OIDC) integration, eliminating the need for developers to reauthenticate per repository.

For a deeper look at the one-platform experience provided by the JFrog and GitHub integration and partnership, visit the solutions page or read this blog.

Like this story? Post this on X (formerly Twitter): .@jfrog and @gitHub partner to deliver #security & #AI in a one platform experience for #developers. Learn more: https://jfrog.co/3MB3Ygb #DevSecOps #SDLC #softwaresupplychain

About JFrog

JFrog Ltd. (Nasdaq: FROG) is on a mission to create a world of software delivered without friction from developer to device. Driven by a “Liquid Software” vision, the JFrog Software Supply Chain Platform is a single system of record that powers organizations to build, manage, and distribute software quickly and securely, to aid in making it available, traceable, and tamper-proof. The integrated security features also help identify, protect, and remediate against threats and vulnerabilities. JFrog’s hybrid, universal, multi-cloud platform is available as both self-hosted and SaaS services across major cloud service providers. Millions of users and 7K+ customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely embrace digital transformation. Once you leap forward, you won’t go back! Learn more at jfrog.com and follow us on X: @jfrog.

Cautionary Note About Forward-Looking Statements

This press release contains “forward-looking” statements, as that term is defined under the U.S. federal securities laws, including, but not limited to, statements regarding our expectations with respect to the integrated product’s anticipated impact on the developer experience, and anticipated security enhancements to the software supply chain.

These forward-looking statements are based on our current assumptions, expectations and beliefs and are subject to substantial risks, uncertainties, assumptions and changes in circumstances that may cause JFrog’s actual results, performance or achievements to differ materially from those expressed or implied in any forward-looking statement. There are a significant number of factors that could cause actual results, performance or achievements to differ materially from statements made in this press release, including but not limited to risks detailed in our filings with the Securities and Exchange Commission, including in our annual report on Form 10-K for the year ended December 31, 2023, our quarterly reports on Form 10-Q, and other filings and reports that we may file from time to time with the Securities and Exchange Commission. Forward-looking statements represent our beliefs and assumptions only as of the date of this press release. We disclaim any obligation to update forward-looking statements except as required by law.

Contacts

Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.