What is JFrog Security Essentials?
JFrog Xray is an enterprise grade software composition analysis (SCA) tool that provides organizations with a simple way to identify, prioritize and remediate security vulnerabilities and license compliance issues in open source software (OSS) and third party components. Xray can be used to discover and eliminate unwanted or unexpected packages, using JFrog’s database of identified malicious packages. The database is sourced with thousands of packages identified by our research team in common repositories alongside continuously-aggregated malicious package information from global sources.
The solution can be used to continuously analyze software in its production context with end-to-end scanning from source code to binaries to help safeguard modern, always-evolving software artifacts. Binaries are what get attacked across the software supply chain, so scanning binaries and images (“binaries of binaries”) ensures it exposes and fortifies against blind spots not discovered by source code analysis alone.
The solution can be used to continuously analyze software in its production context with end-to-end scanning from source code to binaries to help safeguard modern, always-evolving software artifacts. Binaries are what get attacked across the software supply chain, so scanning binaries and images (“binaries of binaries”) ensures it exposes and fortifies against blind spots not discovered by source code analysis alone.
Categories & Use Cases
Product Demos
Technical Details
| Deployment Types | SaaS |
|---|---|
| Mobile Application | No |
FAQs
What is JFrog Security Essentials?
JFrog Security Essentials / Xray SCA can be used to discover and eliminate unwanted or unexpected packages, using JFrog’s database of identified malicious packages. It is presented as a DevOps-centric SCA solution for identifying and resolving security vulnerabilities and license compliance issues in open source dependencies.