JFrog Xray Achieves Red Hat Vulnerability Scanner Certification
May 11, 2021

JFrog achieved the Red Hat Vulnerability Scanner Certification for JFrog Xray.

JFrog Xray, part of the JFrog DevOps Platform, provides continuous scanning for open source security vulnerabilities and license compliance.

The new certification, launched in February 2021, validates how security software partners use Red Hat security-related data for Red Hat products and packages. With the certification, organizations using the JFrog DevOps Platform can experience improved assurance that the security vulnerability and license compliance data identified by JFrog Xray is accurate and consistent and that their risk assessment is reliable and based on trusted, certified sources. This is critical in order to enable enterprises to adopt DevSecOps practices at scale, and introduce security and compliance measures early in the delivery process.

To achieve the certification, JFrog Xray has adopted Red Hat OVAL v2 security data streams and has worked closely with Red Hat to achieve scanning accuracy for Red Hat published images including Red Hat base images.

“JFrog is proud to be a certified Red Hat Vulnerability Scanner Partner,” said Dror Bereznitsky, Chief Product Officer, JFrog”. “Accurately detecting and mitigating security vulnerabilities threatening enterprises’ code bases as early in the DevOps process as possible is absolutely critical. We are proud to continue our close collaboration with Red Hat to help ensure both JFrog and Red Hat users alike benefit from a comprehensive DevSecOps solution across their entire delivery pipeline.

“JFrog Xray provides a robust, trusted security solution for open source packages,” said Lars Herrmann, vice president, Partner Ecosystems, Product & Technologies, Red Hat. “The Red Hat Vulnerability Scanner Certification further solidifies JFrog’s commitment to providing the DevOps community with enterprise-grade DevSecOps capabilities, enabling organizations to deliver high-quality, trustworthy and more secure software, anywhere.”

In addition to the Red Hat Vulnerability Scanner Certification for Xray, JFrog has also achieved:

- Red Hat Container Certification for JFrog Artifactory, the industry’s universal package manager and container registry.

- Red Hat OpenShift Operator Certification for both JFrog Artifactory and JFrog Xray to enhance customer installation and automation.

Users of JFrog Xray automatically benefit from the new certification on all hybrid instances of the JFrog DevOps Platform, as well as on all cloud SaaS subscriptions – including the free subscription – offered on the major public clouds.

Share this

Industry News

November 21, 2024

Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.

November 21, 2024

Securiti announced a new solution - Security for AI Copilots in SaaS apps.

November 20, 2024

Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.

November 20, 2024

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, has announced significant momentum around cloud native training and certifications with the addition of three new project-centric certifications and a series of new Platform Engineering-specific certifications:

November 20, 2024

Red Hat announced the latest version of Red Hat OpenShift AI, its artificial intelligence (AI) and machine learning (ML) platform built on Red Hat OpenShift that enables enterprises to create and deliver AI-enabled applications at scale across the hybrid cloud.

November 20, 2024

Salesforce announced agentic lifecycle management tools to automate Agentforce testing, prototype agents in secure Sandbox environments, and transparently manage usage at scale.

November 19, 2024

OpenText™ unveiled Cloud Editions (CE) 24.4, presenting a suite of transformative advancements in Business Cloud, AI, and Technology to empower the future of AI-driven knowledge work.

November 19, 2024

Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade developer portal based on the Backstage project.

November 19, 2024

Pegasystems announced the availability of new AI-driven legacy discovery capabilities in Pega GenAI Blueprint™ to accelerate the daunting task of modernizing legacy systems that hold organizations back.

November 19, 2024

Tricentis launched enhanced cloud capabilities for its flagship solution, Tricentis Tosca, bringing enterprise-ready end-to-end test automation to the cloud.

November 19, 2024

Rafay Systems announced new platform advancements that help enterprises and GPU cloud providers deliver developer-friendly consumption workflows for GPU infrastructure.

November 19, 2024

Apiiro introduced Code-to-Runtime, a new capability using Apiiro’s deep code analysis (DCA) technology to map software architecture and trace all types of software components including APIs, open source software (OSS), and containers to code owners while enriching it with business impact.

November 19, 2024

Zesty announced the launch of Kompass, its automated Kubernetes optimization platform.

November 18, 2024

MacStadium announced the launch of Orka Engine, the latest addition to its Orka product line.