Operations | Monitoring | ITSM | DevOps | Cloud

January 2022

jfrog

Mind Your Dependencies: Defending against malicious npm packages

Jan 25, 2022 By Ilya Khivrich In JFrog
Modern software projects are mostly composed of open source code. The question of who really controls this code, and is responsible for detecting and fixing software supply chain security issues, became a significant source of concern after the discovery of the Log4Shell vulnerability.
Read Post

Get the most of your .Net Builds

Jan 20, 2022 By JFrog In JFrog
Give your.Net ecosystem the full power of DevOps running on AWS - The JFrog Platform covers the full application lifecycle of.NET builds from developer fingertips through distribution to consumers while covering application security, vulnerability analysis and artifact flow control. In this webinar will see how you can configure your.NET builds on AWS, so that they take full advantage of JFrog Platform for managing the lifecycle of your.NET artifacts.
View Video

Continuously Securing Software Supply Chain

Jan 19, 2022 By JFrog In JFrog
Catch this session to see a breakdown of the recent news related to software supply chain security and what you can do to meet new requirements and protect your software from such attacks. With new software supply chain attacks reaching the spotlight at an accelerating pace, security research uncovering novel attack methods and new mandates and guidelines starting to come into effect — it can be hard to stay on top of the latest developments and their implications.
View Video
jfrog

No Internet? No Problem. Use Xray with an Air Gap - Part II

Jan 19, 2022 By Tal Yitzhak In JFrog
With software supply chain attacks on the rise, implementing DevSecOps best practices in an air gapped environment is a must. In an effort to secure an organization’s internal network, there is an increasing trend of separating the internal network from the external one. Essentially creating an enclosed and disconnected environment from the public internet. An air gapped solution provides stricter security requirements, but that’s not enough.
Read Post

Effective Incident Management: How to Improve Collaborative Software Development

Jan 12, 2022 By JFrog In JFrog
* Are you using Azure DevOps as the starting point of your delivery process on the Azure cloud? Join this webinar to learn advanced tips and tricks for simplifying and accelerating your CI/CD pipelines with Azure DevOps and the JFrog Platform. Sharing a detailed demo of a real-world release pipeline triggered from Azure DevOps, we’ll review best practices and hard-won lessons for how you can streamline your end-to-end process and ensure it meets the security and quality requirements of large-scale enterprise delivery.
View Video
jfrog

Check Out JFrog's New Community Site for Developers

Jan 7, 2022 By Lori Lorusso In JFrog
JFrog has been hard at work behind the scenes restructuring how we share information with the developer community. We wanted to create a one-stop resource for developers who code in a variety of languages, with a focus on DevOps, DevSecOps, and cloud native technologies. So without further ado … let me introduce you to our new JFrog Community site!
Read Post

CTO Corner with Yoav Landman, JFrog | Episode 1: Build Info

Jan 6, 2022 By JFrog In JFrog
Want a glimpse at what it is like to be a CTO of a DevOps company? Join JFrog’s CTO Yoav Landman for our new CTO Corner Series. Each episode will feature a topic that is at the forefront of every technologist's mind… or should be. Yoav will be discussing hot topics in tech with other industry leaders giving you an opportunity to see behind the curtain of the decision makers.
View Video
jfrog

The JNDI Strikes Back - Unauthenticated RCE in H2 Database Console

Jan 6, 2022 By Andrey Polkovnychenko, Shachar Menashe In JFrog
Very recently, the JFrog security research team has disclosed an issue in the H2 database console which was issued a critical CVE – CVE-2021-42392. This issue has the same root cause as the infamous Log4Shell vulnerability in Apache Log4j (JNDI remote class loading). H2 is a very popular open-source Java SQL database offering a lightweight in-memory solution that doesn’t require data to be stored on disk.
Read Post

JFrog Artifactory on Your Choice of Cloud Provider

Jan 5, 2022 By JFrog In JFrog
JFrog Artifactory is a scalable, universal, binary repository manager that automatically manages your artifacts and dependencies throughout the application development and delivery process. Artifactory supports Kubernetes, the de facto orchestration tool in the industry, for automating deployment, scaling, and management of microservices and containerized applications..
View Video
jfrog

DevOps 2022: 5 Big Rocks to Harness the Software Supply Chain

Jan 5, 2022 By Shlomi Ben Haim, CEO In JFrog
Together with the community, JFrog pioneered what we now know as DevOps with a focus on binaries (aka software packages, artifacts or images). A decade ago, no one thought binary management would be a thing — now it’s a standard most companies can’t live without. Back then, we said software universality would be necessary, and now others follow suit. People thought cloud would be a single-vendor decision.
Read Post
jfrog

Cloud Nimble: The Next Evolution

Jan 4, 2022 By Gianni Truzzi In JFrog
Over the last several years, systems architects have had to make sure their systems are cloud native, with applications that are optimized for scalable cloud technology infrastructure. In today’s environment, you should be asking whether your solutions are cloud nimble as well. For the modern enterprise, cloud computing is now the default model for applications, storage, and compute.
Read Post
jfrog

Pulling All Your Kubernetes Cluster Images from a Private Artifactory Registry

Jan 3, 2022 By Yaniv Rozenboim, Uri Peled, Dana Rozen In JFrog
There are many benefits to working with JFrog Artifactory as your private Docker registry, allowing you to store, share and deploy your binary artifacts in a single source of truth. This blog post will focus on using Artifactory in Kubernetes. Specifically, we’ll walk through the steps for configuring Kubernetes to pull images from Artifactory and most importantly – scale up! It will also describe how you can enable cluster-wide authenticated access to Artifactory behind the scenes.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.