"The vulnerability, tracked as CVE-2024-5565 (CVSS rating: 8.1), relates to a case of prompt injection in the 'check with' operate that could be exploited to trick the library into executing arbitrary commands", JFrog explained. Learn more: https://jfrog.co/4f9M1Td
JFrog
Software Development
Sunnyvale, CA 61,807 followers
On a mission to create a world of software delivered without friction from developer to device.
About us
Deliver Trusted Software with Speed. The only software supply chain platform to give you end-to-end visibility, security, and control for automating the delivery of trusted releases. The massively scalable, hybrid JFrog Platform is open, flexible, and integrated with all the package technologies and tools comprising the software supply chain. Organizations benefit from full traceability to any type of release and deployment environment including ML models, software that runs on the edge, and software deployed in production data centers.
- Website
-
https://jfrog.com/
External link for JFrog
- Industry
- Software Development
- Company size
- 1,001-5,000 employees
- Headquarters
- Sunnyvale, CA
- Type
- Public Company
- Founded
- 2008
- Specialties
- Software Distribution, Continuous Integration, Liquid Software, Continuous Updates, Recursive Scanning, SaaS, IoT, Metadata, Binary Repository Management, DevOps, Dev Tools, containers, Binaries, Cloud, Registry, Cloud Native, Continuous Delivery, Artifact, Artifactory , Pipeline, Security, Java, Golang, JavaScript, Python, C/C , Conan, Maven, GoCenter , ConanCenter, CPP, EdgeOps, BinOps, CICD, Supply Chain Security, and Software Supply Chain
Products
JFrog Artifactory
DevOps Software
As the world’s first universal repository, JFrog Artifactory is the mission-critical heart of the JFrog Platform functioning as the single source of truth for all packages, container images, and Helm charts, as they move across the entire DevOps pipeline.
Locations
Employees at JFrog
Updates
-
Our Field #CISO, Paul Davis, shares his thoughts on the complexities of Crowdstrike #outage. Paul believes the company did a great job of identifying the issue > properly communicating with customers > remediating a major problem that can happen to anyone. Read the takeaways that companies need to learn: https://jfrog.co/3WyP2VU
A risky trade-off made CrowdStrike's outage so devastating - cybersecurity leaders say there's no easy fix
fortune.com
-
JFrog's $50 gym stipend has our Facilities Manager, Frankie, lifting like an Olympian! No matter where you are in the world, JFrog has benefits and perks to help you perform like a champion. Take a look at our job openings and good luck to the athletes competing in this year’s Paris Olympics! https://join.jfrog.com/ #JFrogLife #hiring #jobs
-
With 35min, you can either: 📺 watch a sitcom never get that time back OR 🛡️ watch Carmine Acanfora share #security best practices w/ the JFrog Advanced Security solution start saving time from your work day... Catch the replay: https://jfrog.co/3Ot3WZ5
DevSecOps Security Best Practices
https://www.youtube.com/
-
Here's the Friday blog roundup for your #AI / #ML fix 👇🏽 Taking a #GenAI Project to Production: https://jfrog.co/3zOv94g Basics of securing GenAI & #LLM development: https://jfrog.co/3Lo7kmi 4 Key Lessons for #ML Model #Security & Management: https://jfrog.co/42TA7H9
Four Key Lessons for ML Model Security & Management
https://jfrog.com
-
#Vulnerability Alert: A new critical vulnerability has been found in #DockerEngineMoby identified as #CVE-2024-41110. The vulnerability enables attackers to bypass authorization and may allow unauthorized actions. According to our Security Research team, users who do not use any authorization plugin are not affected by this. Read the full thread on X: https://jfrog.co/46mBeB1
-
🎉 A big thank you to everyone who joined our exclusive Mastering #DevSecOps event in collaboration with Information Security Media Group (ISMG)! We explored cutting-edge strategies and technologies shaping the future of secure software delivery, with a focus on integrating security into #DevOps practices. 🔐 Key Highlights: • Insightful stories from industry leaders on emerging trends. • Success stories from leading enterprises on achieving operational excellence & robust security. • Networking opportunities to connect with #security decision-makers. Stay tuned for more insights and events! 🚀
-
#Vulnerability Alert: A remote code execution vulnerability, #CVE-2024-37084, has been recently found in #SpringSkipper. This vulnerability allows a remote attacker to execute malicious code on the server, by uploading a package with specially crafted #YAML metadata. According to our Security Research team, there is currently no public exploit. Read the full thread on X: https://jfrog.co/3Wz1qoF
-
Let's decrease the risk of cyberattacks by confirming internal alignment between: Tech #Executives & Frontline "Doers". With the gap in #MLOps #security perceptions, download our new report to increase awareness & fortify your #SoftwareSupplyChain: https://jfrog.co/3ye0zAi
-
Tomorrow is your chance to hear JFrog's Head of Developer Relations, Melissa McKay, at #CloudNative Now! Learn how "The Joining of DevSecOps and Cloud Native is the New Software Delivery Path." Register before seats run out: https://jfrog.co/3LBmyUR