New JFrog Platform MCP connections with GitHub Copilot deliver autonomous security resolution capabilities directly into developer workflows

swampUP 2025 – JFrog Ltd. (Nasdaq: FROG), the Liquid Software company and creators of the award-winning JFrog Software Supply Chain Platform, today announced a new set of AI agent-based capabilities to automate software vulnerability remediation. JFrog’s new agentic remediation capabilities help developers identify and automatically fix vulnerabilities as they code. The unique combination of JFrog’s research-based contextual analysis and policy-driven auto-remediation across enterprise applications aims to inoculate codebases in the AI era.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250909861213/en/

New JFrog Platform MCP connections with GitHub Copilot deliver autonomous security resolution capabilities directly into developer workflows

“We want to help developers shift from reactive security to proactive, continuous vulnerability management and autonomous remediation, wherein security is no longer an afterthought, it's an integral, agentic-coding problem solver,” said Asaf Karas, CTO, JFrog Security. “Our advanced security research insights coupled with our GitHub Copilot integration help teams automate vital safeguards like fixing CVEs and curating safe packages. This allows users to innovate with confidence, while reducing risk, and accelerating secure software delivery.”

Developer Intelligence with Agentic Security Remediation

By combining the power of JFrog’s Software Supply Chain Security with the GitHub integration, organizations enjoy streamlined, fast and trusted remediation that ensures they can:

• Safeguard against unsafe packages: JFrog Curation and Catalog, powered by AI agents via JFrog’s MCP server, enables developers to select secure, policy-compliant open-source packages, avoiding failed builds, boosting developer productivity, and reducing risk.
• Flag and fix vulnerable code automatically: JFrog flags insecure code directly in the IDE, and with agentic remediation powered by MCP server connections to GitHub Copilot, developers receive conversational, contextual suggested fixes inline.
• Immunize code for future development using context-aware insights: Developers can quickly tap into JFrog Security Research expertise when vulnerabilities are flagged in dependencies to determine the threat level based on their environment. Because fixes are generated in the context of the organization’s security and governance policies, Copilot not only patches the issue, but also immunizes their software from future use of the same infected code.

Uniting JFrog’s Curation and Catalog capabilities with its deep security research, MCP-based platform connectivity, and GitHub integration with Copilot AI assistant, transforms how developers address vulnerabilities: not just finding them, but fixing them instantly and continuously as part of a self-healing software supply chain.

JFrog’s new agentic remediation capabilities are available immediately as part of JFrog Ultimate or Unified security bundles. For more information on agentic remediation and its benefits read this blog.

Like this Story? Share this on X: @jfrog introduces Agentic Remediation: AI that understands your code, detects security issues, and suggests fixes. Built on our secure #SoftwareSupplyChain platform with GitHub integration, this tool makes secure development faster and easier for all. Learn more: http://bit.ly/3K9QRVa #DevOps #DevSecOps #cybersecurity #AppSec

About JFrog

JFrog Ltd. (Nasdaq: FROG), the creators of the unified DevOps, DevSecOps and MLOps platform, is on a mission to create a world of software delivered without friction from developer to production. Driven by a “Liquid Software” vision, the JFrog Software Supply Chain Platform is a single system of record that powers organizations to build, manage, and distribute software quickly and securely, that is available, traceable, and tamper-proof. Integrated security features also help identify, protect, and remediate threats and vulnerabilities. JFrog’s hybrid, universal, multi-cloud platform is available as both SaaS services across major cloud service providers and self-hosted. Millions of users and 7K+ customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely embrace digital transformation. Learn more at www.jfrog.com or follow us on X @JFrog.

Cautionary Note About Forward-Looking Statements

This press release contains “forward-looking” statements, as that term is defined under the U.S. federal securities laws, including, but not limited to, statements regarding our expectations with respect to the anticipated performance of the agentic remediation feature incorporated into JFrog’s Software Supply Chain Platform as part of JFrog Ultimate or Unified security bundles.

These forward-looking statements are based on our current assumptions, expectations and beliefs and are subject to substantial risks, uncertainties, assumptions and changes in circumstances that may cause JFrog’s actual results, performance or achievements to differ materially from those expressed or implied in any forward-looking statement. There are a significant number of factors that could cause actual results, performance or achievements to differ materially from statements made in this press release, including but not limited to risks detailed in our filings with the Securities and Exchange Commission, including in our annual report on Form 10-K for the year ended December 31, 2024, our quarterly reports on Form 10-Q, and other filings and reports that we may file from time to time with the Securities and Exchange Commission. Forward-looking statements represent our beliefs and assumptions only as of the date of this press release. We disclaim any obligation to update forward-looking statements except as required by law.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250909861213/en/

JFrog announced a new set of AI agent-based capabilities to automate software vulnerability remediation. JFrog’s new agentic remediation capabilities help developers identify and automatically fix vulnerabilities as they code.