DEVOPSdigest

JFrog announced a new initiative with the Rust Foundation, an independent non-profit organization that stewards the Rust programming language, focused on identifying and eliminating security threats to the Rust platform and ecosystem.

Starting immediately, the JFrog Security Research team will provide access to information on known software vulnerabilities, ongoing threat research, and dedicated developer resources to proactively amend discovered Rust platform issues to prevent future risk.

“Securing the software supply chain can’t be achieved with a one-time effort – it requires ongoing commitment, plus a multi-layered approach, and we believe memory-safe languages play a big role in that plan,” said Stephen Chin, VP of Developer Relations at JFrog. “By working hand-in-hand with the Rust Foundation, we can ensure this cornerstone programming language remains a recommended best practice in the development of modern, secure software.”

Rust has been identified as a “critical open source software project” by the Open Source Security Foundation (OpenSSF) and granted support under the OpenSSF’s Alpha-Omega Project to help identify new and as-yet-undiscovered vulnerabilities to improve Rust’s security posture. The inherent stability and performance of Rust, coupled with JFrog’s advanced security tools, research, and expertise, will help safeguard the Rust language over time.

JFrog and its Security Research team are the latest additions to a growing list of technology companies on the Rust Foundation Board of Directors, including Microsoft, Huawei, Google, AWS, and Mozilla. JFrog’s Rust membership adds to the company’s long list of open-source security initiatives, such as Pyrsia, Frogbot, status as a board member for the OpenSSF, and more.