SUNNYVALE, Calif. & BOSTON--(BUSINESS WIRE)--

AWS re:Inforce – (“JFrog”) (NASDAQ: FROG), the Liquid Software company and creators of the , today announced its DevSecOps tool, , now supports a cloud security posture management service that performs best practice checks, aggregates alerts, and allows automated remediation.

This press release features multimedia. View the full release here:

New JFrog Xray Support for AWS Security Hub Helps Customers and Cloud Developers Centralize, Analyze, and Remediate Cybersecurity Incidents (Graphic: Business Wire)

JFrog, already part of the under the AWS DevOps competency, also revealed it is participating in the new , which helps streamline the complex third-party software risk assessment process by enabling JFrog to make security and compliance information available to customers through AWS Marketplace. By using AWS Marketplace Vendor Insights, customers can reduce the vendor assessment cycle from months down to a few hours by allowing them to access JFrog’s validated security profile.

“Security and trust are at the core of our JFrog product development philosophy. We’re proud to have achieved the , which recognizes JFrog’s technical expertise and our DevOps platform’s ability to securely enable customers through their cloud journey,” said Kelly Hartman, SVP of Global Channels and Alliances, JFrog. “We’re also proud to be part of AWS Marketplace Vendor Insights to provide customers with additional visibility when it comes to vendor solution risk assessments, so they can have greater peace of mind.”

Having visibility of a cloud environment and being able to identify and address software supply chain security issues early in the development process reduces risk and cost and improves productivity. In many organizations, however, security processes can often slow down developers from launching new features to customers. JFrog Xray’s support of AWS Security Hub will help developers ensure security is continuously implemented across development pipelines and that they have a central location for visibility into vulnerability alerts, contextual applicability of the threat, and prioritization of remediation activities.

Keeping Vendors Accountable for Security Standards

is one of Australia's biggest banks, with over two million customers. It uses JFrog Artifactory and Xray on AWS to allow hundreds of developers to safely use 15 unique package types across 600-plus cloud-native applications with enhanced developer productivity while remaining compliant with regulations.

“As a financial institution responsible for the investments of millions of customers, security obviously needs to be - and is - a top priority for us. However, we also realize the reality that uneven cybersecurity strength in our software supply chain leaves us just as much at risk,” said Caio Trevisan, DevOps Service Owner, Bendigo and Adelaide Bank. “This is why we make sure the vendors we work with also have high security standards and are proud to work with companies like JFrog and AWS that prioritize and give thoughtful attention to matters of security.”

With JFrog’s new support of AWS Security Hub customers can utilize JFrog Xray to:

• Get a consolidated view of all license compliance and security vulnerabilities across their cloud instances.
• Enhance vulnerability identification, assessment, and management tapping into the JFrog Xray database of critical vulnerabilities exposures (CVEs).
• Better contextualize and prioritize vulnerabilities and automate remediation workflows to reduce Mean Time to Recovery (MTTR).

“AWS Marketplace Vendor Insights make it easier for a customer’s governance, risk, and compliance teams to assess software through a unified web-based dashboard. We are thrilled to partner with JFrog to deliver a streamlined compliance experience and to help customers secure their software supply chain,” said Chris Grusz, Director, Independent Software Vendor Partner and AWS Marketplace Business Development at AWS.

For additional information on JFrog Xray, its AWS DevOps Competency, and support for read or stop by booth #307 during AWS re:Inforce, taking place July 26 - 27, 2022 in Boston, MA by.

Like this Story? Tweet this: .@jfrog earns AWS DevOps Competency and unveils support for AWS Security Hub, helping customers rapidly identify and remediate security vulnerabilities and license violations. Learn more

About JFrog

JFrog Ltd. (NASDAQ: FROG), is on a mission to power all the world’s software updates, driven by a “Liquid Software” vision to allow the seamless, secure, fearless flow of binaries from developers to the edge. The JFrog DevOps Platform enables software creators to power their entire software supply chain throughout the full binary lifecycle, so they can build, secure, distribute, and connect any source with any production environment. JFrog’s hybrid, universal, multi-cloud DevOps platform is available as both self-hosted and SaaS services across major cloud service providers. Millions of users and thousands of customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely embrace digital transformation. Once you leap forward, you won’t go back! Learn more at and follow us on Twitter: .

Cautionary Note About Forward-Looking Statements

This press release contains “forward-looking” statements, as that term is defined under the U.S. federal securities laws. These forward-looking statements are based on our current assumptions, expectations and beliefs and are subject to substantial risks, uncertainties, assumptions, and changes in circumstances that may cause JFrog’s actual results, performance or achievements to differ materially from those expressed or implied in any forward-looking statement.

There are a significant number of factors that could cause actual results, performance or achievements, to differ materially from statements made in this press release, including but not limited to risks detailed in our filings with the Securities and Exchange Commission, including in our annual report on Form 10-K for the year ended December 31, 2021, our quarterly reports on Form 10-Q, and other filings and reports that we may file from time to time with the Securities and Exchange Commission. Forward-looking statements represent our beliefs and assumptions only as of the date of this press release. We disclaim any obligation to update forward-looking statements.

View source version on businesswire.com: