Topics
Latest
AI
Amazon
Image Credits:Trout55 / Getty Images
Apps
Biotech & Health
Climate
Image Credits:Trout55 / Getty Images
Cloud Computing
DoC
Crypto
Image Credits:JFrog
enterprisingness
EVs
Fintech
Image Credits:JFrog
Fundraising
convenience
punt
Image Credits:JFrog
Government & Policy
Hardware
layoff
Media & Entertainment
Meta
Microsoft
secrecy
Robotics
Security
Social
Space
Startups
TikTok
exile
Venture
More from TechCrunch
outcome
Startup Battlefield
StrictlyVC
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
originally this year , software program supplying Ernst Boris Chain platform ( and binary specialiser ) JFrog announce a partnership with GitHub that , among other thing , allowed developer and the squad that support them to trace code from source to binary package across the two platforms . On Tuesday , at JFrog’sSwampUp conference in Austin , the two party are extending this early workplace on their integrations with a nidus on security .
In addition , JFrog is launching a runtime security solution , as well as an integration with Nvidia ’s NIM microservices , which expand its ambitiousness as an MLOps platform after itacquired Qwakearlier this year .
Deeper GitHub integration
JFrog chief operating officer and co - founderShlomi Ben Haimtold me that the idea behind the GitHub partnership was always intend to go profoundly than the original integration the two companiesannouncedin May . JFrog ’s and GitHub ’s client , he said , wanted the two party to separate down the wall between their products so they could choose the good - of - breed platforms for manage their rootage code and their binaries . What client are telling him , Ben Haim said , is that they want a exclusive battery-acid of deoxyephedrine .
“ What we hear from our users is : ‘ take heed , this is very important . Source codification security — very crucial . Software supply chain certificate — very important , ” he said . “ But we can not just keep running between puppet and scanners . We want to have one pane of glass to see all finding to be able to remediate faster , to be able-bodied to respond quicker , to be able-bodied to have full traceability for all sources . And JFrog comes with the binaries determination , while GitHub comes with the informant code determination , so that everything will be on the developer program , display on the GitHub security tablet . ”
Essentially , this means thatJFrog Advanced SecurityandJFrog Curation , its armed service for tracking which open reservoir packages are being used by developer , is now integrated directly with GitHub’sAdvanced Securityservice .
“ Developers often do n’t realize there ’s an issuance until something breaks ; it ’s only then that they can start piece together the puzzler to get hold out what run wrong . Our partnership with GitHub empowers teams to seamlessly navigate between code development and binary storage , enabling a more intuitive workflow , ” said JFrog CTO and conscientious objector - founder Yoav Landman . “ This integrating is expect to enhance the developer experience and traceability , ensuring they can easily connect their seed code with the represent binaries while maintaining a consolidated view of surety so they can focus on deliver gamey - quality computer software without the worry of unseen vulnerabilities . ”
JFrog is now also participating in GitHub ’s Copilot Extensions program , allowing developers to expend Copilot Chat to ask coding questions about JFrog ’s platform right in their IDE .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
Nvidia NIM integration
Because JFrog focus on binaries , it ’s no surprisal that the company also want to get by machine encyclopedism models . There , too , initiative are quickly realizing that they need a DevSecOps solution to manage their software / model supply chain work flow . With NIM , Nvidia aim to make a de facto criterion for managing and deploying illation microservices .
“ As enterprise scale their generative AI deployments , a primal repository can help them speedily select and deploy model that are O.K. for development , ” said Nvidia ’s Pat Lee , who is the vice president of Enterprise Strategic Partnerships . “ The integration of Nvidia NIM microservices into the JFrog program can help developer quickly get full compliant , performance - optimise example quickly run in product . ”
JFrog ’s security measure tools will now rake and supervise the security department of these role model , and Artifactory , JFrog ’s service for storing and managing binary , can become a party ’s local role model registry .
Ben Haim called the company ’s overall strategy here “ too integrated to miscarry . ” “ I give you what you already chose , just with a better experience . You already select these tools . I just want you to have a better experience , ” he said .
JFrog Runtime Security
JFrog is also launch a runtime security department root that now watches over the binary while in product . Since JFrog knows precisely what is running in production — and can trace how that double star came to be from source code to deployment — the service can now tell its users when a binary is vulnerable .
“ JFrog Runtime Security will ply full profile and traceability for our customers , whether they shift right or leave when it comes to binary scanning , ” Ben Haim said .
He also mention that while JFrog obviously already secured the binary star that go into output , this is the first time the party is deploying sensors in the runtime environment .
“ A political platform that unifies security measures across the software program supplying chain from development to production can bring home the bacon critical visibleness and traceability that developer and DevSecOps team need to manage and remediate risks efficaciously , ” said Katie Norton , research director , DevSecOps and Software Supply Chain Security at IDC . “ JFrog ’s addition of runtime security measure supports a teddy - left and shift - right strategy , fostering comprehensive aegis and streamlined process that lessen the strain on growing and security teams . ”
