JFrog Wins US Defense Department Security Certification
September 21, 2021

JFrog announced its JFrog Artifactory and JFrog Xray solutions are now accredited in Iron Bank and available via Platform One.

With this achievement, JFrog reinforces its commitment to providing a scalable, secure, development to edge DevOps and DevSecOps solution for its public sector customers and those in highly regulated industries such as finance, healthcare, energy, and transportation.

Under the DoD’s Platform One initiative, developers can now access a central binary repository of secure, Iron Bank-certified resources that have been hardened to the DoD’s specifications. This container registry has Continuous Authority to Operate (cATO), allowing developers to easily push validated code into production more quickly.

According to the Internet Crime Report, the FBI received nearly 2,500 ransomware complaints in 2020, up 20% from 2019, costing citizens nearly $29.1 million. Platform One aims to ensure all government entities can work with a collection of approved, hardened, cloud-native DevSecOps solutions along with collaboration tools, cybersecurity tools, open-source code, artifact repositories, and development tools. JFrog Artifactory provides a single, reliable source of truth for binary packages that follow the DevOps lifecycle from development to deployment at the edge. JFrog Xray works with JFrog Artifactory to enable multi-layer analysis of each binary or container image and flags any security vulnerabilities or compliance compromises to ensure software quality.

“We understand software needs to be hardened and trusted in order for the Federal government to rely on JFrog for their mission critical applications,” said Shlomi Ben Haim, Co-founder and CEO, JFrog. “Our vision is to enable all organizations to ‘shift left’ to bake security into every stage of development and seamlessly deploy updates across geographies, from ground to cloud, to any device throughout the software supply chain with ease and peace of mind.”

Iron Bank is the DoD Centralized Artifacts Repository (DCAR) of digitally signed, binary container images including both Free and Open-Source software (FOSS) and Commercial off-the-shelf (COTS). All artifacts are hardened according to the Container Hardening Guide, which allows software built in the system to be automatically authorized for use, a security process that usually takes months. Containers accredited in Iron Bank have DoD-wide reciprocity across classifications. Over 800 certified containers are available today including those offered by JFrog partners such as AWS, Docker, Microsoft Azure, Oracle, RedHat, and VMWare.

Share this

Industry News

April 03, 2025

StackGen has partnered with Google Cloud Platform (GCP) to bring its platform to the Google Cloud Marketplace.

April 03, 2025

Tricentis announced its spring release of new cloud capabilities for the company’s AI-powered, model-based test automation solution, Tricentis Tosca.

April 03, 2025

Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.

April 03, 2025

AutonomyAI announced its launch from stealth with $4 million in pre-seed funding.

April 02, 2025

Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.

April 02, 2025

Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.

April 02, 2025

Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.

April 02, 2025

Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)

April 02, 2025

Opsera raised $20M in Series B funding.

April 02, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.

April 01, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.

April 01, 2025

Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.

April 01, 2025

Platform9 announced that Private Cloud Director Community Edition is generally available.

March 31, 2025

Sonatype expanded support for software development in Rust via the Cargo registry to the entire Sonatype product suite.

March 31, 2025

CloudBolt Software announced its acquisition of StormForge, a provider of machine learning-powered Kubernetes resource optimization.