JFrog users can look forward to some new products across the company’s vast portfolio of DevOps products. At its SwampUP conference today, the company announced new management capabilities for machine learning (ML) models and released a new tool for writing and releasing secure applications.

The new ML capabilities enable companies to detect and block malicious ML models, scan model licenses for compliance reasons, store models, and bundle models as part of software releases. 

Also part of these new capabilities is a new integration with Hugging Face, which is a collaborative platform for building and sharing AI models, datasets, and applications. JFrog users will now be able to grab ML models from that platform and cache them. 

“Increasing numbers of organizations are starting to incorporate ML models into their applications and with several government regulations requiring software vendors to list exactly what’s inside their software, we believe it won’t be long before these guidelines grow to include ML and AI models as well,” said Yossi Shaul, SVP of product and engineering at JFrog. “We’re excited to give customers an easy way to proxy, store, secure, and manage models alongside their other software components to help accelerate their pace of innovation while remaining well-positioned for tomorrow’s demands.”

In addition to the new ML capabilities, the company also announced other new security features so that developers can secure their applications throughout the software development life cycle. 

New SAST capabilities integrate within the development environment and scan code for vulnerabilities. JFrog SAST also uses contextual analysis to help developers prioritize their remediation plans.

A new open-source software catalog has also been added to the package management tool JFrog Curation. Now developers will have a better understanding of the risks associated with the open-source software they are using. 

“With the alarming rise of software supply chain attacks, securing at the binary level with immutable software bundles is a must because it’s the only way to certify that what you’re releasing is safe for use,” said Asaf Karas, CTO of JFrog Security. “By providing a comprehensive platform that is developer-friendly and enterprise-ready – with security baked in at every phase, backed by an expert team of security researchers always watching for emerging threats – we can better arm companies to innovate faster with peace of mind in knowing their software is safe for use both today, and tomorrow.”