New Docker Desktop Extension for JFrog Xray Helps Developers "Shift Left" - Performing Vulnerability Scanning & Violation Flagging Early in the Software Lifecycle
(Dockercon 2022) — JFrog Ltd. ("JFrog") (NASDAQ:FROG), the Liquid Software company and creators of the JFrog DevOps Platform, today introduced a new Docker Desktop Extension for JFrog Xray that allows organizations to automatically scan Docker Containers for vulnerabilities and violations early in the development process. Available through JFrog's free tier subscription, the new Xray integration with Docker Desktop helps increase productivity, reduce risk, and speed time-to-deployment.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20220510005694/en/
JFrog and Docker unveil new security vulnerability scanning capabilities to help increase developer productivity, reduce risk, and speed time-to-deployment. (Graphic: Business Wire)
"We're thrilled to extend our partnership and integrations with Docker to now include JFrog Xray for vulnerability scanning, forensics, and compliance capabilities," said Stephen Chin, Vice President of Developer Relations, JFrog. "At a time when software supply chain attacks are on the rise, we're glad we can empower developers to have greater insight into any exposures, early, so they can engage the necessary teams for timely response and remediation – reducing downtime and avoiding loss of trust from end customers."
Research by IDC indicates there will be 500 million new applications developed in the next few years – more than all applications that have been developed in the past 40 years of IT1. At the same time, the recent surge in software supply chain attacks makes securing those applications paramount – meaning developers must integrate security checks at every stage of the software development lifecycle.
The JFrog integration with Docker Desktop Extensions allows developers to:
- Monitor and audit the security of software encapsulated in Docker containers
- Identify vulnerable artifacts inside Docker containers prior to deployment and once they are in production
- Conduct enhanced forensic investigations that provide a complete view of software security incidents
- Get up and running quickly with an easy connection from the JFrog Platform to the Docker Desktop application.
"Docker is obsessed with developer ergonomics and is committed to filling and improving the developer experience gap," said Webb Stevens, Docker's SVP of Secure Software Supply Chain. "We welcome JFrog to the Docker Extension marketplace, expanding the applications and capabilities available for millions of registered Docker developers."
For more information on the features and advantages of the Docker Desktop Extension for JFrog Xray, read this blog or visit JFrog's virtual booth during DockerCon 2022, taking place online May 9-10th. Additional details on the Docker Extensions program can be found here. Stephen Chin, VP of Developer Relations for JFrog, will kick-off the DockerCon proceedings on Tuesday, May 10th at 8:00 am PT with his keynote session titled, "Security and Development at Harmony." The keynote will be followed by a breakout session at 11:45 am PT featuring JFrog Developer Advocate, Melissa McKay, and members of the F5 team, detailing how Docker Desktop and JFrog Xray enabled their teams to be proactive vs. reactive in their security practices. View the complete show agenda and register here.
Like this story? Tweet this: .@jfrog and @docker unveil new security vulnerability scanning capabilities for developers using #Xray and #Docker Desktop Extensions. #developers #devops #devsecops #shiftleft #cybersecurity
JFrog Ltd. (NASDAQ:FROG), is on a mission to power all the world's software updates, driven by a "Liquid Software" vision to allow the seamless, secure flow of binaries from developers to the edge. The JFrog Platform enables software creators to power their entire software supply chain throughout the full binary lifecycle, so they can build, secure, distribute, and connect any source with any production environment. JFrog's hybrid, universal, multi-cloud DevOps platform is available as both self-managed and SaaS services across major cloud service providers. Millions of users and thousands of customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely manage their mission-critical software supply chain. Once you leap forward, you won't go back. Learn more at jfrog.com and follow us on Twitter: @jfrog.
Cautionary Note About Forward-Looking Statements
This press release contains "forward-looking" statements, as that term is defined under the U.S. federal securities laws, including but not limited to statements regarding the new Docker desktop extension for JFrog Xray and it's performance of vulnerability scanning and violation flagging, our ability to meet customer needs, and our ability to drive market standards. These forward-looking statements are based on our current assumptions, expectations and beliefs and are subject to substantial risks, uncertainties, assumptions and changes in circumstances that may cause JFrog's actual results, performance or achievements to differ materially from those expressed or implied in any forward-looking statement.
There are a significant number of factors that could cause actual results, performance or achievements, to differ materially from statements made in this press release, including but not limited to risks detailed in our filings with the Securities and Exchange Commission, including in our annual report on Form 10-K for the year ended December 31, 2021, our quarterly reports on Form 10-Q, and other filings and reports that we may file from time to time with the Securities and Exchange Commission. Forward-looking statements represent our beliefs and assumptions only as of the date of this press release. We disclaim any obligation to update forward-looking statements.