DEVOPSdigest

JFrog unveiled new integrations for JFrog Xray with ServiceNow’s Lightstep Incident Response and Spoke products for IT Service Management.

Available immediately, the JFrog Xray integrations with ServiceNow provide IT leaders with real-time insights on security vulnerabilities and compliance issues to quickly engage necessary team members from across the organization for more immediate response and remediation.

“Successfully securing the software supply chain at the speed of business is a team sport, requiring efficient, cross-team collaboration for timely security incident remediation,” said Shlomi Ben Haim, Co-Founder and CEO, JFrog. “Our integration with ServiceNow aims to change the relationship between developers and the rest of the business, so they can maintain the speed and frequency of releases, while avoiding downtime and loss of trust from end customers.”

The new integration enables IT teams to proactively address security issues before they become major concerns. The combination of JFrog Xray and ServiceNow delivers a robust software composition analysis (SCA) tool that can quickly scan binaries for vulnerabilities and license compliance issues, then share those insights with the appropriate parties across the organization. The JFrog Xray-ServiceNow solution is unique in that it helps DevOps engineers, site reliability engineers (SREs), IT system administrators, and others, more securely build, deploy, run, and monitor applications effortlessly, in a single view. It also enables real-time security alerts and insights with assigned actions across all the tools, people, and processes needed for timely resolution.

By improving real-time insight, collaboration, and communication amongst and between enterprise security and IT teams, the JFrog Xray-ServiceNow integrations ensure swift responses to emerging security threats.

The JFrog Xray integration with Lightstep Incident Response enables developers, SREs, and Security Administrators to:

- Monitor, collect and respond to license compliance and security vulnerabilities impacting the software supply chain across all stages of the software development and release lifecycle.

- Streamline vulnerability response by pulling-in the right team members across the organization for faster remediation.

The JFrog Xray Spoke for ServiceNow allows IT operations staff to:

- Generate violation reports, create ‘ignore rules’, re-scan builds, add custom item properties, and more.

- Automate workflows that meet audit demands and avoid penalties for improper use of code segments obtained from the open-source community.

- Identify problems earlier in the application development pipeline and incorporate change management solutions.