wonderfully unique software solutions

JFrog gets jump on Defense and threat intelligence designation

Developer tools company JFrog has achieved US Defense security certification for its Artifactory and Xray products, ahead of authorisation for its greater engagement with public Common Vulnerabilities and Exposures (CVE) threat intelligence databases.

Lou Doerr, head of US commercial unit Oteemo, said: “Knowing JFrog’s Platform is Iron Bank-certified makes it easy to recommend them for use by public and private organidations needing software delivery solutions that bake in security from inception.”

Rapid software development is imperative for many customers, including the US military, but should never come at the expense of security, according to Doerr in JFrog’s press statement.

As part of the Iron Bank accreditation, JFrog Artifactory and Xray have been verified as ‘secure for use’ under the Department of Defense’s Platform One devsecops software initiative.

This will help deliver multilayer security and management to government entities and highly regulated industries via the JFrog software management platform, according to JFrog.

Under Platform One, developers can access a central binary repository of secure, Iron Bank-certified resources that have been hardened to Defense specifications — helping protect customers against threats like ransomware.

“This container registry has Continuous Authority to Operate (cATO), allowing developers to easily push validated code into production more quickly,” according to JFrog.

JFrog has also been authorised as a numbering authority for vulnerabilities exposures recorded on the public CVE database — which JFrog says will give it a larger role in helping accelerate threat detection worldwide.

Moran Ashkenazi, CISO and VP of security engineering at JFrog, said the certification enables JFrog to join a select group of organisations that identify security vulnerabilities and publish details for the public.

“It will not only allow us to help security researchers verify and triage their vulnerabilities but also help keep companies’ binaries more secure by collaborating on potential threats with the wider security community,” Ashkenazi said.

“We’re empowered to work with the community to accelerate threat detection and share information on new vulnerabilities before they compromise businesses.”

JFrog’s Q3 financial results announcement is on Thursday 4 November at 2pm, US Pacific time. Click here for the investor webcast.

( Photo by Stephen Hocking on Unsplash )

Recent Articles

N-able teams up with US cybersecurity agency on RMM tactics

Remote monitoring and management (RMM) software vendor N-able has announced it is working with the US Cybersecurity and Infrastructure Security Agency (CISA)...

Nitro with Level Access launches accessibility upgrade for PDF management

E-documentation company Nitro has teamed up with digital accessibility as a service provider Level Access on an accessible version of the former's...

CoreView expects further sales growth as Microsoft launches ‘disruptive’ tools

Microsoft 365 (M365) management software vendor CoreView is gearing up for greater demand, predicted to be fuelled further by AI adoption via...

Keeper Security expands global reach with new investments in zero-trust security

Keeper Security has opened an Asia-Pacific (APAC) headquarters in Japan, reflecting increased global interest and investment in unified, zero-trust enterprise passwords, secrets...

iSpring follows Salesforce integration with Albato no-code automation

Edtech software vendor iSpring Solutions has announced integration of the iSpring Learn learning management system (LMS) with no-code automation from Albato, expanding...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox