Ubuntu Pro, Canonical’s comprehensive subscription for secure open source and compliance, is now generally available.
JFrog announced the immediate availability of JFrog Xray, its product for accelerating software delivery by giving organizations unprecedented insight into their software packages and containers.
As a universal artifact analysis product, JFrog Xray works with all software package formats and a multitude of databases as it deeply and recursively scans every type of binary component ever used in a software project and points out changes or issues impacting the production environment.
"The early response to JFrog Xray has been phenomenal," said Shlomi Ben Haim, founder and CEO of JFrog. "We're excited that more and more organizations will now be able to benefit from this pioneering technology for gaining radical transparency into the huge volume and variety of binary components used in development. The combination of validating with security databases, along with acquiring metadata from JFrog Artifactory makes JFrog Xray the only tool in the world that not only scans the container or software package, but also provides a full dependency graph and impact analysis to the user. Our goal is to address the real DevOps pain and not just to send another scanner to the market!"
As organizations increasingly transform from isolated teams and role-specific tools to common delivery pipelines shared by global teams and driven by seamlessly interoperating tools, they need to understand all the binary artifacts they produce, across all product lines and geographies, and taking into account changes to global application deployment and distribution over time.
JFrog Xray addresses this need by providing deep recursive scanning to repeatedly peel back the layers of software components and their accompanying metadata to uncover security vulnerabilities or other issues down to the most fundamental binary component no matter what binary packaging format the organization uses. This deep scanning of the dependency graph provides organizations the ability to perform impact analysis on changes to their package structure.
JFrog Xray is a fully automated platform with a powerful REST API, enabling integration with an organization's CI/CD pipeline as well as with all current and any future types of component-scanning technology.
It integrates with a universal range of databases and security platforms so that critical necessities such as security vulnerability analysis, license compliance and component version analysis and assurance become possible not only at build time but across all of the enterprise's binary digital assets.
Industry News
Mirantis, freeing developers to create their most valuable code, today announced that it has acquired the Santa Clara, California-based Shipa to add automated application discovery, operations, security, and observability to the Lens Kubernetes Platform.
SmartBear has integrated the powerful contract testing capabilities of PactFlow with SwaggerHub.
Venafi introduced TLS Protect for Kubernetes.
Tricentis announced the general availability of Tricentis Test Automation, a cloud-based test automation solution that simplifies test creation, orchestration, and scalable test execution for easier collaboration among QA teams and their business stakeholders and faster, higher-quality, and more durable releases of web-based applications and business processes.
Couchbase announced its Couchbase Capella Database-as-a-Service (DBaaS) offering on Azure.
Mendix and Software Improvement Group (SIG) have announced the release of Mendix Quality & Security Management (QSM), a new cybersecurity solution that provides continuous deep-dive insights into security and code quality to immediately address risks and vulnerabilities.
Panaya announced a new Partnership Program in response to ongoing growth within its partner network over the past year.
Cloudian closed $60 million in new funding, bringing the company’s total funding to $233 million.
Progress announced the R1 2023 release of Progress Telerik and Progress Kendo UI.
Wallarm announced the early release of the Wallarm API Leak Management solution, an enhanced API security technology designed to help organizations identify and remediate attacks exploiting leaked API keys and secrets, while providing on-going protection against hacks in the event of a leak.
ThreatModeler launched Threat Model Marketplace, a cybersecurity asset marketplace offering pre-built, field-tested threat models to be downloaded — free for a limited time — and incorporated into new and ongoing threat modeling initiatives.
Software AG has launched new updates to its webMethods platform that will simplify the process by which developers can find, work on and deploy new APIs and integration tools or capabilities.