cloud, JavaScript

How To Build An Integration With JFrog Xray?

The trend of DevSecOps is not new but it’s growing fast. More and more organizations wish to integrate their security team in all the phases of development and operation. 

Many security products keep your code safe from vulnerabilities at different stages (dev, test, qa and prod). However, JFrog Xray is unique in its capabilities to perform analysis of all the binaries you are consuming in your project.

JFrog Xray works with JFrog Artifactory to perform a deep analysis of binary components at any stage of the application lifecycle. It provides full transparency that leads to (more) trust in your software. By scanning binary components and their metadata, recursively going through dependencies at any level (think on the layers you have in any Docker container), JFrog Xray provides great visibility into issues lurking in components anywhere in your organization.

One of the best parts is that JFrog Xray is also fully automated through a rich REST API that lets it integrate with a CI/CD pipeline and allows other binary analysis tools to build on its unique capabilities.

Continue reading
Standard
cloud

What is the JFrog Container Registry? And Why Will You Want One?


These days, where many developers are working with containers and all their ‘outcomes’ are bundled in a Docker container, it is becoming challenging to manage and control them.

Moreover, as more containers and Kubernetes enter the party, the job gets that much harder. Now, you have a tool that can help you jump to the next level. The JFrog Container Registry is a new Docker, Helm, and generic registry that is scalable and reliable. 

What’s even better? 
It’s free… and gives you some unique features you can’t find anywhere else.

Give it a try at: jfrog.com/container-registry and/or continue to read below.

Continue reading
Standard
Business, life

Decisions And Intuition – Daniel Kahneman

Psychologist and Nobel laureate Daniel Kahneman reveals the actions we can take to overcome the biases. He talks in this podcast about the things that cripple our decision-making, damper our thinking, and limit our effectiveness.

Some gems from his conversion:

First one, is thought provoking as you take it to your personal or professional life.

“I think changing behavior is extremely difficult. There are a few guidelines about how to do that, but anybody who’s very optimistic about changing behavior is just deluded.”

The second is about incentives and it’s putting more light to Charlie’s perceptions.

Continue reading
Standard
cloud

JFrog Artifactory REST API in 5min

A good API is like a classic car - You want to use it again and again.
A good API is like a classic car – You want to use it again and again.

Most of the interactions with Artifactory will be from your CI/CD tools. It might be your build engine or from your log aggregator. This powerful API can be invoked in any of the standard ways you like to work with any other RESTful APIs (e.g. curl, CLI, your source code, etc’).
In many cases, it’s the preferred ‘glue’ for developers when it comes to automation. The options are extensive and you can do many useful things with this API. However, in this short post, we will cover the most popular actions you ‘must have’.

Let’s start with the most common action: “upload/download binaries“. This action could run automatically from the build machine to Artifactory using:

Continue reading
Standard
cloud

VP Of Technology At JFrog

At last SwampUP, I had the opportunity to talk with Alan Shimel, Founder and Editor at DevOps.com. We covered what I do at JFrog and spoke about the definition of the role “VP of Technology”. We also covered some interesting new products we offering these days to help developers move faster.

I told Alan that I define the role as “finding leverage points in (JFrog) technology to support the business”.

Continue reading
Standard
Business, cloud

Market Trends Talk – swampUp 2019

The world has many buzzwords that people like to use. Some are more relevant to the real world and some aren’t. If yesterday was powered by new products and features, today is going to be filled by insights from our communities.

There are around 37 million developers in the world (according to GitHub last report) so it’s a substantial community. Moreover, DevOps is growing at a rapid pace. Btw, according to StackOverflow last survey – DevOps developers and site reliability engineers are among the highest paid, most experienced developers most satisfied with their jobs, and are looking for new jobs at the lowest levels.

I think we can all agree that data is stronger than opinions, rights?
This is what I really like about the special point of view that we have at JFrog. As the “database of DevOps“, we are sitting in a unique place – holding the output of what developers producing.
This is giving us excellent visibility into trends and the real world.

What does this mean?

It’s about contrasting perception with reality.
We combined our own data from 5000 customers with internal and external researches in an effort to give you a clear picture of the current state and what are the DevOps trends for the next 12-18 months.

The main challenges

Continue reading
Standard
cloud

JFrog & Shippable – The Synergy

In the video below we talk about JFrogShippable acquisition and did our best to answer some of the questions, we got over the last couple of weeks.

What is Shippable?

Shippable provides software organizations with the ability to optimize and accelerate the process of shipping software by giving them an “Assembly Lines” platform that borrows concepts from the world of manufacturing and helps them easily achieve Continuous Delivery. Cutting-edge modern companies like Facebook, Amazon, Google, and Netflix have already built homegrown versions of Assembly Lines after spending years of effort and millions of dollars. You can ship applications as rapidly as these companies by leveraging Shippable.

JFrog

JFrog’s solution is a fully automated pipeline for distributing trusted software releases. It connects all developers and DevOps engineers to end devices and ensures software flows quickly and free from interruption. There are many good (starting) points of integration and it can be customized to the current needs of your company. For more about the enterprise platform read here: https://jfrog.com/enterprise-plus-platform/

So Where is the synergy?

Continue reading
Standard