With the introduction of JFrog Runtime, JFrog has added a component to its software supply chain security and devsecops platform to help users secure container-based applications in production.
Introduced September 10, JFrog Runtime integrates with JFrog Artifactory to allow devops and security teams to easily identify the source and owner of a vulnerable package and determine the fastest and most efficient way to mitigate risks, JFrog said. The technology monitors Kubernetes clusters, identifies and remediates vulnerabilities, and ensures the integrity of images in production. Leveraging the JFrog Platform, JFrog Runtime offers real-time visibility into runtime vulnerabilities and risks and automates integrity checks to ensure trusted images are running in production. Also featured are triage and prioritization for faster remediation of critical vulnerabilities.
JFrog stressed that keeping an application secure in runtime is a complex task. Organizations can struggle with maintaining real-time visibility into runtime vulnerabilities, managing and prioritizing risks, and ensuring deployment integrity, JFrog said. The goal is to identify and remediate vulnerabilities while minimizing business impact and tracking runtime components. Key features and benefits of JFrog Runtime include:
