JFrog has announced the latest release of its continuous security and universal artifact analysis solution. JFrog Xray 2.0 is designed to give DevOps teams insight into potential problems and the confidence to release into development, deployment and production stages.
“Developers are incorporating an ever-growing number of artifacts from external and internal sources into their CI/CD pipeline to release faster,” said Dror Bereznitsky, vice president of products at JFrog. “While expediting delivery, this introduces risk of software being out of compliance or out of date. JFrog Xray multilayer analysis detects dependencies across all software packages to enable full impact analysis and secure releases.”
The solution provides a multilayer approach to analyzing containers and software artifacts for bugs, license compliance issues, and quality assurance. Features include the ability to analyze artifacts for all major package formats, deep recursive scanning to provide insight into Xray’s universal component graph, ability to show the impact of issues, automated protection for the life cycle, and native Artifactory integration.
The latest version provides enhanced usability, improved visibility, new native indexing and scanning support, and the ability to continuously govern and audit all artifacts consumed and produced, according to the company.
“JFrog Xray breaks down artifacts according to their specific packaging. Xray scans each package type, knows how to unpack it and what every underlying layer contains. Each unpacked component is examined individually to uncover potential vulnerabilities and policy violations, mapped out and merged into Xray’s universal component graph that represents the entire organization’s software structure. This allows developers to get maximum visibility into software dependencies and truly understand the impact of every issue found,” the company wrote in a statement.