Skip to main content
TrustRadius
JFrog Security (Xray)

JFrog Security (Xray)

Overview

What is JFrog Security (Xray)?

JFrog Security Essentials / Xray SCA can be used to discover and eliminate unwanted or unexpected packages, using JFrog’s database of identified malicious packages. It is presented as a DevOps-centric SCA solution for identifying and resolving security vulnerabilities and license…

Read more
Recent Reviews
TrustRadius

Leaving a review helps other professionals like you evaluate Software Composition Analysis (SCA) Tools

Be the first one in your network to review JFrog Security (Xray), and make your voice heard!

Return to navigation

Pricing

View all pricing

Pro Team

$98

Cloud
per month

Enterprise

$699

Cloud
per month

Free

Free

Cloud

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services
Return to navigation

Product Demos

JFrog Xray: Creating License Policy

YouTube

JFrog Xray: Creating a Security Policy

YouTube

[Screencast] JFrog Xray: Securing your Builds and Artifact Downloads

YouTube
Return to navigation

Product Details

What is JFrog Security (Xray)?

JFrog Security Essentials / Xray SCA can be used to discover and eliminate unwanted or unexpected packages, using JFrog’s database of identified malicious packages. The database is sourced with thousands of packages identified by our research team in common repositories alongside continuously-aggregated malicious package information from global sources. The solution is presented as a DevOps-centric SCA solution for identifying and resolving security vulnerabilities and license compliance issues in open source dependencies.

The solution can be used to continuously analyze software in its production context with end-to-end scanning from source code to binaries to help safeguard modern, always-evolving software artifacts. Binaries are what get attacked across the software supply chain, so scanning binaries and images (“binaries of binaries”) ensures it exposes and fortifies against blind spots not discovered by source code analysis alone.

Features available are determined by service tier:

Security Essentials (Xray)

  • Open Source Vulnerability Scanning
  • Container Scanning
  • ML Model Scanning
  • SBOM Build and Exports
  • Premium Vulnerability Database
  • Open Source License Compliance

Advanced Security

  • Contextual Security Analysis
  • Leaked Secrets Detection
  • Code Security Scanning (SAST)
  • IaC Security
  • Insecure Configuration Protection
  • Includes Base Package of Contributing Developers

JFrog Security (Xray) Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews

Sorry, no reviews are available for this product yet

Return to navigation