JFrog announces new integrations and unified ops platform

JFrog, the 16-year-old Sunnyvale, California company known for its software supply chain platform, has announced a series of major innovations designed to accelerate AI model deployment and enhance the security of software development workflows. In partnership with NVIDIA and GitHub, and with the introduction of new runtime security capabilities, JFrog is positioning itself to streamline critical software processes for enterprises.

Accelerating AI deployments with NVIDIA

In a strategic collaboration with NVIDIA, JFrog has introduced support for NVIDIA Inference Microservices (NIM), a tool that enables faster deployment of generative AI models across various infrastructures, including the cloud, data centers, and workstations. This integration combines NVIDIA’s powerful GPU-based AI services with JFrog’s DevSecOps tools, offering an end-to-end software supply chain management system designed for speed, visibility, and security.

“AI models are just another type of binary, like Docker or Python. We’re very honored that NVIDIA chose JFrog to be the model registry of choice for their enterprise GPU-optimized models,” said JFrog CEO and co-founder Shlomi Ben Haim.

The partnership provides a high-performance solution for storing, scanning, and securing AI models, ensuring that deployments happen safely and efficiently.

The integration specifically enhances AI performance by using JFrog Artifactory to manage NVIDIA NGC models and artifacts. This setup enables seamless deployment, allowing developers and data scientists to focus on innovation rather than infrastructure challenges. By incorporating NVIDIA’s microservices into its platform, JFrog ensures that customers can deploy AI models quickly, securely, and at scale.

Ben Haim highlighted the growing concerns about AI security, referencing JFrog’s recent discovery of malicious models in popular repositories. “Our collaboration with NVIDIA allows us to not only store AI models but also scan and secure them, ensuring no bad things happen when these models are deployed.”

With this integration, JFrog customers can benefit from centralized control over AI models, improved governance, and a heightened ability to detect and respond to security threats.

Expanding integration with GitHub

JFrog also revealed an enhanced partnership with GitHub, designed to offer developers a unified, secure platform for managing both code and binaries. This integration supports bidirectional navigation between GitHub and JFrog Artifactory, allowing developers to track vulnerabilities from source code all the way through to deployment.

“We developed an integration that ensures the JFrog platform and GitHub platform act as one, giving developers a seamless experience to manage their software supply chain from source code through binaries to production,” Ben Haim explained. This collaboration simplifies workflows, making it easier for developers to focus on delivering high-quality, secure software.

One key benefit of the integration is a consolidated dashboard that provides a comprehensive view of a project’s security status across both platforms. This enables developers to identify and resolve security issues earlier in the development cycle, reducing risks and minimizing costs.

Additionally, JFrog has introduced support for GitHub Copilot, a tool that uses AI to offer contextual coding assistance, boosting developer productivity by answering coding questions within the development environment.

“The partnership with GitHub includes three phases: first, integrating the platforms; second, offering one security pane of glass; and third, integrating with GitHub Copilot to support AI applications,” Ben Haim added, illustrating the depth of the integration and its long-term value to developers.

New runtime security capabilities

In a further bid to improve security, JFrog has launched new runtime security features aimed at protecting software during the critical post-deployment phase. These capabilities provide real-time vulnerability detection, threat monitoring, and prioritized threat triage, helping companies address security risks in cloud-native environments.

“Security is now a task that is on the developer’s plate, and we wanted to give the developer one pane of glass to view all findings, whether it’s source vulnerabilities or binary vulnerabilities,” Ben Haim said, noting the platform’s focus on consolidating security data into a single, user-friendly interface.

With more than 32% of security breaches occurring during runtime, according to industry research, these new tools are designed to offer continuous monitoring and immediate insights into vulnerabilities that arise after deployment. JFrog’s runtime security features are tailored to safeguard containerized applications, a growing necessity as more organizations shift toward dynamic, cloud-based environments.

Eyal Dyment, VP of Security Products at JFrog, stressed the need for security solutions that extend beyond the development phase, pointing out that runtime security is essential for protecting applications and workloads from unauthorized access, malware attacks, and privilege escalation.

In addition to the real-time visibility offered by JFrog’s new runtime security features, developers and security teams can use the platform to streamline threat response and optimize version control. By automating many security processes, JFrog’s platform helps developers save time and focus more on coding, without compromising the security of their applications.

Securing the software chain security

These new announcements reflect JFrog’s commitment to providing a comprehensive solution for the modern software development lifecycle. “JFrog is a full end-to-end software supply chain platform. We incorporate DevOps, DevSecOps, and MLOps into one platform experience,” Ben Haim said, explaining the company’s broad approach to securing and streamlining software development.

From early-stage coding to post-deployment monitoring, JFrog’s platform integrates security and efficiency at every step. The partnership with NVIDIA offers high-performance AI deployment capabilities, while the integration with GitHub enhances the traceability and security of software components from source code to binary. The introduction of runtime security capabilities completes JFrog’s full-stack approach, ensuring that vulnerabilities can be addressed throughout the entire software supply chain.

“What differentiates JFrog is that we provide full traceability and visibility into the software supply chain, something that no other platform can offer,” Ben Haim remarked, emphasizing JFrog’s unique value proposition in the industry.

As software development environments become more complex and threats more sophisticated, JFrog’s innovations are aimed at giving companies the tools they need to protect their software without sacrificing speed or productivity.

These new features and integrations are available to existing JFrog customers as part of the company’s software supply chain platform. By bringing AI acceleration, integrated security, and advanced runtime protection into one platform, JFrog continues to position itself as a leader in secure, efficient software development and delivery