JFrog Wins US Defense Department Security Certification
September 21, 2021

JFrog announced its JFrog Artifactory and JFrog Xray solutions are now accredited in Iron Bank and available via Platform One.

With this achievement, JFrog reinforces its commitment to providing a scalable, secure, development to edge DevOps and DevSecOps solution for its public sector customers and those in highly regulated industries such as finance, healthcare, energy, and transportation.

Under the DoD’s Platform One initiative, developers can now access a central binary repository of secure, Iron Bank-certified resources that have been hardened to the DoD’s specifications. This container registry has Continuous Authority to Operate (cATO), allowing developers to easily push validated code into production more quickly.

According to the Internet Crime Report, the FBI received nearly 2,500 ransomware complaints in 2020, up 20% from 2019, costing citizens nearly $29.1 million. Platform One aims to ensure all government entities can work with a collection of approved, hardened, cloud-native DevSecOps solutions along with collaboration tools, cybersecurity tools, open-source code, artifact repositories, and development tools. JFrog Artifactory provides a single, reliable source of truth for binary packages that follow the DevOps lifecycle from development to deployment at the edge. JFrog Xray works with JFrog Artifactory to enable multi-layer analysis of each binary or container image and flags any security vulnerabilities or compliance compromises to ensure software quality.

“We understand software needs to be hardened and trusted in order for the Federal government to rely on JFrog for their mission critical applications,” said Shlomi Ben Haim, Co-founder and CEO, JFrog. “Our vision is to enable all organizations to ‘shift left’ to bake security into every stage of development and seamlessly deploy updates across geographies, from ground to cloud, to any device throughout the software supply chain with ease and peace of mind.”

Iron Bank is the DoD Centralized Artifacts Repository (DCAR) of digitally signed, binary container images including both Free and Open-Source software (FOSS) and Commercial off-the-shelf (COTS). All artifacts are hardened according to the Container Hardening Guide, which allows software built in the system to be automatically authorized for use, a security process that usually takes months. Containers accredited in Iron Bank have DoD-wide reciprocity across classifications. Over 800 certified containers are available today including those offered by JFrog partners such as AWS, Docker, Microsoft Azure, Oracle, RedHat, and VMWare.

Share this

Industry News

October 21, 2021

Splunk announced the latest enhancements to the Splunk observability portfolio including advanced product innovations for Splunk Application Performance Monitoring (APM), Splunk Real User Monitoring (RUM), Splunk Synthetic Monitoring, Splunk Log Observer, Splunk Infrastructure Monitoring and Splunk IT Service Intelligence.

October 21, 2021

Platform9 announced a number of new enterprise features that greatly eliminate operational complexities in managing multi-cluster and multicloud Kubernetes deployments, available in the new release, Platform9 5.4 Release.

October 21, 2021

Graylog is announcing Graylog Security.

Designed to overcome legacy Security Information & Event Management (SIEM) challenges, Graylog’s scalable, flexible cybersecurity platform makes security analysts’ jobs easier and faster. With SIEM, Anomaly Detection, and User Entity Behavior Analytics (UEBA) capabilities, Graylog’s security solution will provide security teams with even greater confidence, productivity, and expertise to mitigate risks caused by Insider Threats, credential-based attacks, and other cyber threats.

October 21, 2021

Prodly announced a Series A investment of $10 million led by Leta Capital.

October 20, 2021

SonarSource added over 5,000 customers in the last 12 months, reaching the 15,000 commercial customers milestone in record time.

October 20, 2021

Actian announced the general availability of its newly released DataConnect 12 integration platform, demonstrating a continued focus on ease of use for complex data integration and data quality.

October 20, 2021

Salt Security announced new capabilities in its next-generation Salt Security API Protection Platform to secure GraphQL APIs.

October 20, 2021

vFunction announces the availability of the vFunction Application Transformation Engine and the expanded vFunction Modernization Platform, with new, advanced capabilities that enable enterprises to automatically assess, analyze, and manage the full modernization and migration process from start to finish.

October 20, 2021

Mage raised a $6.3 million seed round led by Gradient Ventures.

October 19, 2021

Couchbase announced its Couchbase Capella hosted Database-as-a-Service (DBaaS) offering on Amazon Web Services (AWS).

October 19, 2021

Checkmarx announced the launch of the Checkmarx Application Security Platform to help CISOs, AppSec teams, and developers address the growing and dynamic security challenges they face.

October 19, 2021

Tasktop announced Affinity Modeling for model-based integration in Tasktop Hub, helping Agile and DevOps software delivery teams reduce time to market and develop software faster.

October 19, 2021

Morpheus Data is continuing released version 5.3.3 targeted at enterprises trying to manage a complex mix of VMware, Kubernetes, and Public Cloud services.

October 19, 2021

Okta announced the availability of Okta Workflows as a standalone offering for all customers.

October 18, 2021

Red Hat announced a series of updates in its portfolio of developer tools and programs aimed at delivering greater productivity, security and scale for developers building applications on Red Hat OpenShift.