Check Point® Software Technologies Ltd.(link is external) announced the launch of its next generation Quantum(link is external) Smart-1 Management Appliances, delivering 2X increase in managed gateways and up to 70% higher log rate, with AI-powered security tools designed to meet the demands of hybrid enterprises.
JFrog Integrates with Hugging Face
March 05, 2025
JFrog is partnering with Hugging Face, host of a repository of public machine learning (ML) models — the Hugging Face Hub — designed to achieve more robust security scans and analysis forevery ML model in their library.
The new integration is designed to provide higher levels of trust for scanning results by prominently displaying a “JFrog Certified” checkmark, so developers, data scientists, and ML Engineers know which models are safer to use.
“As ML models become integral to critical business applications, ensuring these models are secure is crucial for preventing breaches, data leaks, and decision-making errors,” said Asaf Karas, CTO of JFrog Security. “We’ve been working with Hugging Face since 2023 to help securely bring ML Models to production. We also found intentionally malicious models in Hugging Face in early 2024, which prompted us to dedicate more of our security experts to help scan and assess the well-being of all Hugging Face models to ensure they are safe for use in AI application development.”
JFrog Xray and JFrog Advanced Security – key components of the JFrog Software Supply Chain Platform – are designed to scan AI/ML model artifacts for threats at every stage of their lifecycle. These threats include model serialization attacks, known CVEs, backdoors, and more. Now Hugging Face will utilize JFrog Advanced Security scans in its Hugging Face Hub, allowing each model contained within the platform to be scanned in advance of being downloaded for use. The results of each scan will be prominently displayed for all users to see.
This new advanced security integration between Hugging Face and JFrog differs from existing ML model scanners due to JFrog’s malicious code decompilation and deep data flow analysis. While existing solutions simply check for automatically-executed code embedded in a model, JFrog’s model scanner uses an enhanced approach to extract and analyze the embedded code which eliminates more than 96% of false positives produced by other scanners on current Hugging Face models.
In addition, JFrog’s enhanced analysis highlighted 25 models as zero-day malicious in nature. These are machine learning models hosted in Hugging Face which were not identified as malicious by any other scanner available for Hugging Face based on our evaluation.
“For a long time, AI was a researcher’s field, and the security practices were quite basic, but as the popularity and widespread use of AI grows, so do the number of potentially bad actors who may want to target the AI community in general and our platform more specifically,” said Julien Chaumond, CTO, Hugging Face. “As the leading collaboration platform for AI models, we’re delighted to deepen our partnership with JFrog to implement high-quality scanning capabilities for our AI/ML models and deliver greater peace of mind for developers looking to create the next generation of AI-powered applications.”
Industry News
May 28, 2025
May 28, 2025
Salesforce and Informatica have entered into an agreement for Salesforce to acquire Informatica.
May 28, 2025
Red Hat and Google Cloud announced an expanded collaboration to advance AI for enterprise applications by uniting Red Hat’s open source technologies with Google Cloud’s purpose-built infrastructure and Google’s family of open models, Gemma.
May 28, 2025
Mirantis announced Mirantis k0rdent Enterprise and Mirantis k0rdent Virtualization, unifying infrastructure for AI, containerized, and VM-based workloads through a Kubernetes-native model, streamlining operations for high-performance AI pipelines, modern microservices, and legacy applications alike.
May 28, 2025
Snyk launched the Snyk AI Trust Platform, an AI-native agentic platform specifically built to secure and govern software development in the AI Era.
May 28, 2025
Bit Cloud announced the general availability of Hope AI, its new AI-powered development agent that enables professional developers and organizations to build, share, deploy, and maintain complex applications using natural language prompts, specifications and design files.
May 27, 2025
AI-fueled attacks and hyperconnected IT environments have made threat exposure one of the most urgent cybersecurity challenges facing enterprises today. In response, Check Point® Software Technologies Ltd.(link is external) announced a definitive agreement to acquire Veriti Cybersecurity, the first fully automated, multi-vendor pre-emptive threat exposure and mitigation platform.
May 27, 2025
LambdaTest announced the launch of its Automation MCP Server, a solution designed to simplify and accelerate the process of triaging test failures.
May 27, 2025
DefectDojo announced the launch of their next-gen Security Operations Center (SOC) capabilities for DefectDojo Pro, which provides both SOC and AppSec professionals a unified platform for noise reduction and prioritization of SOC alerts and AppSec findings.
May 22, 2025
Check Point® Software Technologies Ltd.(link is external) has been recognized on Newsweek’s 2025 list of America’s Best Cybersecurity Companies(link is external).
May 22, 2025
Red Hat announced enhanced features to manage Red Hat Enterprise Linux.
May 22, 2025
StackHawk has taken on $12 Million in additional funding from Sapphire and Costanoa Ventures to help security teams keep up with the pace of AI-driven development.
May 21, 2025
Red Hat announced jointly-engineered, integrated and supported images for Red Hat Enterprise Linux across Amazon Web Services (AWS), Google Cloud and Microsoft Azure.
May 21, 2025
Komodor announced the integration of the Komodor platform with Internal Developer Portals (IDPs), starting with built-in support for Backstage and Port.
May 21, 2025
Operant AI announced Woodpecker, an open-source, automated red teaming engine, that will make advanced security testing accessible to organizations of all sizes.
