JFrog & GitHub Partner to Integrate Best of Breed Platforms, Unifying Software Supply Chain Management & Security
Fueled by joint customer and community demand,
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240529643730/en/
![JFrog and GitHub Partner to Integrate Best of Breed Platforms, Unifying Software Supply Chain Management & Security (Graphic: Business Wire)](https://mms.businesswire.com/media/20240529643730/en/2143635/4/1280x960_Post_A.jpg)
JFrog and GitHub Partner to Integrate Best of Breed Platforms, Unifying Software Supply Chain Management & Security (Graphic: Business Wire)
Development teams must manage both source code and binaries, making a bi-directional integration between JFrog and GitHub a natural fit. A jointly-built roadmap developed by the two companies focuses on seamless navigation and traceability between source code and binaries, continuous integration and deployment with GitHub Actions and JFrog Artifactory, a unified view of security findings to provide one solution for software supply chain security and policies across GitHub & JFrog Advanced Security offerings, and the ability to leverage GitHub Copilot to chat and query artifact and pipeline status to keep projects moving forward.
“It's time for developers and DevOps Engineers to enjoy both worlds together as one; the best source code platform alongside the best artifact platform," said
In a J.P. Morgan report from
“We’re already seeing that GitHub Copilot is transforming the way developers write code. At the same time, more code means more binaries, which have their own management, security and delivery requirements,” said Thomas Dohmke, CEO, GitHub. “This is why we’re excited about a partnership with JFrog. We are taking our industry-leading technologies and seamlessly integrating them with the best-in-class artifact repository manager in Artifactory. With GitHub and JFrog, enterprises will have the most holistic option to generate, manage, secure, and deliver software across the supply chain.”
Joint JFrog and GitHub customer Morgan Stanley, a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services, commented on the joint approach.
"We are thrilled to see some of the enhancements come to life; we believe this collaboration between GitHub and JFrog has the potential to significantly impact the DevOps landscape,” noted
JFrog and GitHub now provide organizations with a seamless end-to-end experience in managing the Software Supply Chain:
- Bi-directional code and software package navigation – Allowing precise tracking and triage by offering native linking between code and built packages and vice versa, for more streamlined data, deeper compliance and security-oriented outputs, and software provenance.
- GitHub Actions tracking for stored artifacts - Seamless integration for resolving packages from Artifactory and storing binary artifacts generated by Actions, alongside build metadata in Artifactory, aiding more accurate SBOM generation.
- SSO, roles and project structures unification - Enabling seamless sign on, project role mapping and access management and CI integration to keep developers moving efficiently.
- Single pane of glass for JFrog & GitHub Advanced Security findings - Providing full security view of both source-focused and binary-focused security scans in a single place, providing full visibility of security posture from source to production and native linking of findings to either source or binaries (coming months).
- Copilot Chat integration - Allows developers to extend their Copilot Chat interactions to be interactively advised about the best software packages and versions to use, and to ask questions regarding security and JFrog project setup, etc., to gain a more complete view of the software development lifecycle (coming months).
As an ongoing initiative, both companies are dedicated to maintaining a roadmap for continuous enhancements, ensuring users of both platforms can efficiently manage their code and binaries. Additional integration points will be introduced and shared regularly.
“As developer responsibility has increased in areas of DevOps, ML, AI, security, and more, the push by many organizations to drive efficiency via tool consolidation is a natural move,” said
AT&T, the American-based multinational telecommunications company and a joint customer of JFrog and GitHub, noted from their Technology office:
"Beyond DevOps and DevSecOps practices, the future will require advanced interactions with AI tools,” said
As CIOs and CISOs share more responsibilities throughout the software supply chain flow, the collaboration between GitHub and JFrog has already received strong support from customers across a variety of industries and roles.
“The community and market have been anticipating this natural ‘better together’ solution. Organizations are consolidating around major best-of-breed platforms, and the partnership between GitHub and JFrog has the potential to transform the DevOps and DevSecOps market and supercharge developers’ efficiency,” said
The partnership roadmap was also endorsed by
“The world of software supply chain management introduces many challenges and points of friction for developers. The integration between JFrog's Software Supply Chain Platform and GitHub's Developer Platform was designed to provide a 'secure by default' developer experience,” said
In support of the GitHub and JFrog partnership vision,
JFrog has announced its upcoming annual user conference, swampUP, which is set to occur in
For a deeper look at the integration between JFrog and GitHub, visit this solutions page, read this blog and join us for a webinar with JFrog and GitHub tech leadership on
Like this story? Post this on X (formerly Twitter): .@jfrog and @gitHub partner to drive unified platform experience for AI-driven software pipelines and #softwaresupplychain #security. Learn more: https://jfrog.co/3RqTAL5 #DevSecOps #SDLC
About JFrog
Cautionary Note About Forward-Looking Statements
This press release contains “forward-looking” statements, as that term is defined under the
These forward-looking statements are based on our current assumptions, expectations and beliefs and are subject to substantial risks, uncertainties, assumptions and changes in circumstances that may cause JFrog’s actual results, performance or achievements to differ materially from those expressed or implied in any forward-looking statement. There are a significant number of factors that could cause actual results, performance or achievements, to differ materially from statements made in this press release, including but not limited to risks detailed in our filings with the
View source version on businesswire.com: https://www.businesswire.com/news/home/20240529643730/en/
Media Contact:
Investor Contact:
Source: