GitHub and JFrog Collaborate to Streamline DevSecOps Processes
In
a
significant
move
to
enhance
DevSecOps
practices,
GitHub
and
JFrog
have
announced
a
new
partnership.
This
collaboration
is
set
to
enable
developers
to
manage
both
code
and
binaries
more
efficiently
across
two
of
the
most
widely
used
developer
platforms
globally,
according
to
The
GitHub
Blog.
Integration
for
Improved
Efficiency
As
code
volumes
continue
to
grow
exponentially,
the
collaboration
between
GitHub
and
JFrog
aims
to
alleviate
the
burden
on
software
developers,
DevOps
engineers,
and
security
specialists.
By
integrating
their
platforms,
the
two
companies
hope
to
streamline
processes
and
reduce
the
complexity
of
managing
code
and
binaries.
Currently,
50%
of
JFrog’s
customers
already
use
GitHub
as
their
primary
code
repository.
The
new
integration
promises
to
offer
seamless
navigation
and
traceability
between
source
code
and
binaries,
leveraging
CI/CD
capabilities
through
GitHub
Actions
and
JFrog
Artifactory.
This
unified
platform
aims
to
provide
developers
with
a
single
dashboard
for
managing
their
code,
security
findings,
and
innovations,
effectively
eliminating
the
need
for
context
switching.
Key
Features
of
the
Partnership
The
partnership
introduces
several
key
features
designed
to
enhance
the
developer
experience:
-
Single
Sign-On
(SSO):
Manage
access
and
roles
with
SSO
across
both
platforms,
centralizing
user
identity
and
access
management. -
Artifact
Lifecycle
Tracking:
GitHub
Actions
integrated
with
JFrog
Artifactory
for
better
tracking
and
metadata
inclusion
in
stored
artifacts. -
Bidirectional
Linking:
Link
software
packages
and
code
bidirectionally
to
enhance
compliance,
security,
and
traceability.
Gerard
McMahon,
Head
of
ALM
Tools
and
Platforms
at
Fidelity
Investments,
emphasized
the
importance
of
this
integration,
stating,
“The
integration
between
JFrog’s
Software
Supply
Chain
Platform
and
GitHub’s
Developer
Platform
provides
a ‘secure
by
default’
developer
experience,
offering
a
single
source
of
truth
for
code
and
binaries.”
Future
Developments
Looking
ahead,
GitHub
and
JFrog
plan
to
further
integrate
their
security
offerings
to
provide
a
comprehensive
view
of
software
supply
chain
security.
Additionally,
they
aim
to
incorporate
JFrog
functionalities
into
GitHub
Copilot
Chat,
allowing
developers
to
query
about
JFrog
processes
and
artifacts
directly
within
Copilot.
John
Nuttall,
Director
of
Technology
at
AT&T,
highlighted
the
potential
impact
of
this
collaboration,
noting,
“Chatting
with
GitHub
Copilot
to
select
the
right
and
secure
software
package
based
on
extensive
metadata
stored
in
JFrog
Catalog
can
be
a
game-changer.”
Getting
Started
For
those
interested
in
exploring
the
new
integrations,
GitHub
and
JFrog
are
offering
a
joint
webinar.
This
event
will
showcase
the
capabilities
of
the
unified
platform
and
demonstrate
how
it
can
enhance
the
software
development
lifecycle.
Enterprises
around
the
world
are
seeking
solutions
that
provide
robust
security,
management,
and
operational
capabilities.
The
partnership
between
GitHub
and
JFrog
represents
a
significant
step
towards
meeting
these
needs,
promising
to
drive
modern
development
forward.
Image
source:
Shutterstock
.
.
.
Comments are closed.