Progress announced the Q4 2024 release of its award-winning Progress® Telerik® and Progress® Kendo UI® component libraries.
JFrog Xray Adds Software Security Vulnerability Dataset via VulnDB
January 24, 2019
JFrog is announcing that Xray, JFrog’s flagship security and compliance scanning solution, will now provide the most comprehensive, integrated security solution in the market through a partnership with Risk Based Security [RBS].
RBS is the provider of VulnDB, which contains the world’s broadest set of vulnerability intelligence. As a result of the partnership, all JFrog Xray customers will now be protected from more than 194,000 unique vulnerabilities, as they monitor their pipelines from code through production.
While most software security solutions utilize the vulnerabilities made public through online resources, such as the National Vulnerability Database (NVD), JFrog, by embedding VulnDB into Xray, will provide customers industry-leading vulnerability intelligence that includes over 64,000 vulnerabilities and data not found in the NVD. The intelligence from VulnDB, coupled with JFrog’s deep, universal understanding of software package types will provide the broadest-reaching protection of any security scanning product, spanning from developer code commits all the way through production software in a Kubernetes cluster.
“We are excited to include the world’s richest vulnerability intelligence database in Xray, and provide our users with the best tool in the DevSecOps market with Risk Based Security’s VulnDB,” said Shlomi Ben Haim, JFrog Co-Founder and CEO. “900% growth YoY and over 2,200 Xray installations tell us that JFrog Xray answers developers’ real security concerns by offering a deep, recursive scanning and impact analysis solution. JFrog offers developers the two fundamental pillars of DevOps: Speed and Security. Therefore, when it comes to our customers’ CI/CD pipelines, we are determined to build more than just a ‘security-alarm-system’ – we are committed to offering a first-class, universal, automated solution to support DevOps at scale.”
The full breadth, depth, and timeliness of vulnerability intelligence from the VulnDB database will be automatically added to Xray in stages starting immediately, with full integration between VulnDB and Xray expected in mid-2019. All updates will also be made available offline for JFrog customers who run datacenters without access to the internet.
“Identifying and mitigating vulnerabilities in a timely fashion is a critical component of managing risk in today’s enterprises,” said Barry Kouns, Co-Founder and CEO of Risk Based Security. “VulnDB is the only comprehensive vulnerability intelligence feed that is able to provide actionable insight as quickly as organizations need it to address vulnerabilities in their code. We are excited to partner with JFrog to seamlessly deliver this critical intelligence into the DevSecOps market through JFrog Xray.”
VulnDB is included in JFrog Xray at no additional charge, and users will be able to take full advantage of this new functionality starting with Xray’s next release. VulnDB intelligence is available in both on-premise and SaaS versions of JFrog Xray.
Industry News
November 26, 2024
November 26, 2024
Check Point® Software Technologies Ltd. has been recognized as a Leader and Fast Mover in the latest GigaOm Radar Report for Cloud-Native Application Protection Platforms (CNAPPs).
November 26, 2024
Spectro Cloud, provider of the award-winning Palette Edge™ Kubernetes management platform, announced a new integrated edge in a box solution featuring the Hewlett Packard Enterprise (HPE) ProLiant DL145 Gen11 server to help organizations deploy, secure, and manage demanding applications for diverse edge locations.
November 26, 2024
Red Hat announced the availability of Red Hat JBoss Enterprise Application Platform (JBoss EAP) 8 on Microsoft Azure.
November 26, 2024
Launchable by CloudBees is now available on AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).
November 26, 2024
Kong closed a $175 million in up-round Series E financing, with a mix of primary and secondary transactions at a $2 billion valuation.
November 26, 2024
Tricentis announced that GTCR, a private equity firm, has signed a definitive agreement to invest $1.33 billion in the company, valuing the enterprise at $4.5 billion and further fueling Tricentis for future growth and innovation.
November 25, 2024
Check Point® Software Technologies Ltd. announced the new Check Point Quantum Firewall Software R82 (R82) and additional innovations for the Infinity Platform.
November 25, 2024
Sonatype and OpenText are partnering to offer a single integrated solution that combines open-source and custom code security, making finding and fixing vulnerabilities faster than ever.
November 25, 2024
Red Hat announced an extended collaboration with Microsoft to streamline and scale artificial intelligence (AI) and generative AI (gen AI) deployments in the cloud.
November 25, 2024
Endor Labs announced that Microsoft has natively integrated its advanced SCA capabilities within Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP).
November 21, 2024
Progress announced new powerful capabilities and enhancements in the latest release of Progress® Sitefinity®.
November 21, 2024
Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.
November 21, 2024
Securiti announced a new solution - Security for AI Copilots in SaaS apps.
November 20, 2024
Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.
