Progress announced the launch of Progress Data Cloud, a managed Data Platform as a Service designed to simplify enterprise data and artificial intelligence (AI) operations in the cloud.
JFrog Authorized as a Numbering Authority for Vulnerabilities Exposure
October 04, 2021
JFrog has been designated by the CVE Program as a CVE Numbering Authority (CNA).
With this certification, JFrog joins an elite group of public and private sector organizations authorized to assign CVE identification numbers to newly discovered security vulnerabilities and publish related details in associated CVE Records for public consumption. This designation allows JFrog to collaborate with the global security community to accelerate threat detection, while providing its customers with the latest vulnerability information and differentiated remediation data via JFrog Xray.
"Becoming a CNA will not only allow us to help security researchers verify and triage their vulnerabilities but also help keep companies’ binaries more secure by collaborating on potential threats with the wider security community,” said Moran Ashkenazi, CISO and VP of Security Engineering, JFrog. “The number of security risks in software and connected devices continues to grow. As a CNA we're empowered to work with the community to accelerate threat detection and share information on new vulnerabilities fast—before they compromise businesses.”
Cybersecurity and IT professionals worldwide use CVE records to identify, prioritize, and coordinate their efforts for addressing critical software vulnerabilities. CVE IDs are assigned by CNAs like JFrog on a voluntary basis. With this certification, JFrog becomes one of the only DevSecOps leaders to join approximately 180 other CNA authorized commercial entities such as Linux, Red Hat, Google, Microsoft, and more as trusted security community contributors.
“As a CNA, we can more effectively and efficiently disseminate the results of our unique research to our customers and the software community in general—for both newly discovered vulnerabilities and existing CVE records that may be inaccurate or incomplete,” said Asaf Karas, JFrog Security CTO “With this achievement, JFrog reinforces its commitment to being an active participant in the security community and providing our customers with scalable, secure, development to edge DevSecOps solutions.”
Industry News
January 23, 2025
January 23, 2025
Sonar announced the release of its latest Long-Term Active (LTA) version, SonarQube Server 2025 Release 1 (2025.1).
January 23, 2025
Idera announced the launch of Sembi, a multi-brand entity created to unify its premier software quality and security solutions under a single umbrella.
January 22, 2025
Postman announced the Postman AI Agent Builder, a suite empowering developers to quickly design, test, and deploy intelligent agents by combining LLMs, APIs, and workflows into a unified solution.
January 22, 2025
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of CubeFS.
January 21, 2025
BrowserStack and Bitrise announced a strategic partnership to revolutionize mobile app quality assurance.
January 16, 2025
Mendix, a Siemens business, announced the general availability of Mendix 10.18.
January 16, 2025
Red Hat announced the general availability of Red Hat OpenShift Virtualization Engine, a new edition of Red Hat OpenShift that provides a dedicated way for organizations to access the proven virtualization functionality already available within Red Hat OpenShift.
January 16, 2025
Contrast Security announced the release of Application Vulnerability Monitoring (AVM), a new capability of Application Detection and Response (ADR).
January 15, 2025
Red Hat announced the general availability of Red Hat Connectivity Link, a hybrid multicloud application connectivity solution that provides a modern approach to connecting disparate applications and infrastructure.
January 15, 2025
Appfire announced 7pace Timetracker for Jira is live in the Atlassian Marketplace.
January 14, 2025
SmartBear announced the availability of SmartBear API Hub featuring HaloAI, an advanced AI-driven capability being introduced across SmartBear's product portfolio, and SmartBear Insight Hub.
January 14, 2025
Azul announced that the integrated risk management practices for its OpenJDK solutions fully support the stability, resilience and integrity requirements in meeting the European Union’s Digital Operational Resilience Act (DORA) provisions.
January 14, 2025
OpsVerse announced a significantly enhanced DevOps copilot, Aiden 2.0.
