DEVOPSdigest

JFrog announced its DevSecOps tool, JFrog Xray, now supports Amazon Web Services (AWS) Security Hub, a cloud security posture management service that performs best practice checks, aggregates alerts, and allows automated remediation.

JFrog, already part of the DevSecOps category under the AWS DevOps competency, also revealed it is participating in the new AWS Marketplace Vendor Insights, which helps streamline the complex third-party software risk assessment process by enabling JFrog to make security and compliance information available to customers through AWS Marketplace. By using AWS Marketplace Vendor Insights, customers can reduce the vendor assessment cycle from months down to a few hours by allowing them to access JFrog’s validated security profile.

“Security and trust are at the core of our JFrog product development philosophy. We’re proud to have achieved the AWS DevSecOps Competency, which recognizes JFrog’s technical expertise and our DevOps platform’s ability to securely enable customers through their cloud journey,” said Kelly Hartman, SVP of Global Channels and Alliances, JFrog. “We’re also proud to be part of AWS Marketplace Vendor Insights to provide customers with additional visibility when it comes to vendor solution risk assessments, so they can have greater peace of mind.”

JFrog Xray’s support of AWS Security Hub will help developers ensure security is continuously implemented across development pipelines and that they have a central location for visibility into vulnerability alerts, contextual applicability of the threat, and prioritization of remediation activities.

With JFrog’s new support of AWS Security Hub customers can utilize JFrog Xray to:

- Get a consolidated view of all license compliance and security vulnerabilities across their cloud instances.

- Enhance vulnerability identification, assessment, and management tapping into the JFrog Xray database of critical vulnerabilities exposures (CVEs).

- Better contextualize and prioritize vulnerabilities and automate remediation workflows to reduce Mean Time to Recovery (MTTR).

“AWS Marketplace Vendor Insights make it easier for a customer’s governance, risk, and compliance teams to assess software through a unified web-based dashboard. We are thrilled to partner with JFrog to deliver a streamlined compliance experience and to help customers secure their software supply chain,” said Chris Grusz, Director, Independent Software Vendor Partner and AWS Marketplace Business Development at AWS.