JFrog Collaborates with the Rust Foundation to Eliminate Vulnerabilities in Open Source Software | New


SUNNYVALE, Calif. and AUSTIN, Texas–(BUSINESS WIRE)–Sept. 13, 2022–

JFrog Ltd. (“JFrog”) (NASDAQ: FROG), Liquid Software Company and the creators of the JFrog DevOps Platform, today announced a new initiative with the Rust Foundation, an independent nonprofit organization that manages the Rust programming language, focused on identifying and eliminating security threats to the platform and the Rust ecosystem. Effective immediately, the JFrog Security Research team will provide access to information about known software vulnerabilities, ongoing threat research, and dedicated resources for developers to proactively modify issues discovered on the Rust platform to prevent future risks.

This press release is multimedia. See the full version here: https://www.businesswire.com/news/home/20220913006141/en/

JFrog + Rust Foundation eliminates vulnerabilities in open source software. (Graphic: Business Wire)

“Securing the software supply chain cannot be achieved with a one-time effort – it requires continuous commitment, as well as a multi-layered approach, and we believe that memory-safe languages ​​play an important role in this plan” , said Stephen Chin, Vice President of Developer Relations at JFrog. “By working hand-in-hand with the Rust Foundation, we can ensure that this foundational programming language remains a recommended best practice in modern, secure software development.”

Remove root causes of software vulnerabilities

A Google study indicates memory safety issues represent nearly the same proportion of security vulnerabilities designated as critical vulnerability exposures (CVEs) for over a decade. The Rust programming language – which Slashdata boasts of has tripled its usage to 2.2 million developers over the past two years – was designed from the ground up to be both memory secure and high performance. This means that the language does not allow users to access memory they are not authorized to access, which greatly reduces their ability to unknowingly inject malicious code that could render the language insecure.

For this reason, Rust has been identified as a “critical open source software project” by the Open Source Security Foundation (OpenSSF) and has been granted support under the OpenSSF Alpha-Omega Project to help identify new and undiscovered vulnerabilities to improve Rust’s security posture. Rust’s inherent stability and performance, combined with JFrog’s advanced security tools, research, and expertise, will help protect the Rust language over time.

“We’re thrilled to have JFrog’s support to proactively improve Rust’s security and design principles so developers can have greater peace of mind when coding,” said Bec Rumbul, Director executive, rust foundation. “I believe this investment will ensure the safety, security and sustainability of Rust, enabling new use cases and broader industry adoption.”

JFrog and its security research team are the latest additions to a growing list of tech companies serving on the Rust Foundation’s board of directors, including Microsoft, Huawei, Google, AWS and Mozilla. Joining JFrog with Rust adds to the company’s long list of open source security initiatives, such as Pyrsia, robot frog, OpenSSF board member status, and more. To learn more about JFrog’s dedication and community contributions to securing the software supply chain, read this blog or visit https://jfrog.com/community/.

Do you like this story? Tweet this:[email protected] is engaging #security, research + technology expertise to help @RustFoundation fortify the #Rust programming language as part of the @OpenSSF #AlphaOmega project. Learn more: https://jfrog.com/press/ #DevSecOps #opensource #developer

About JFrog

JFrog Ltd. (NASDAQ: FROG) is on a mission to power all software updates worldwide, guided by a vision of “liquid software” to enable the seamless and secure flow of binaries from developers to the edge. The JFrog Platform enables software creators to power their entire software supply chain through the full binary lifecycle, so they can build, secure, distribute, and connect any source to any production environment. JFrog’s hybrid, universal, multi-cloud DevOps platform is available as self-managed and SaaS services from leading cloud service providers. Millions of users and thousands of customers worldwide, including the majority of Fortune 100 companies, depend on JFrog solutions to securely manage their critical software supply chain. Once you leap forward, you won’t go back. Learn more about jfrog.com and follow us on Twitter: @jfrog.

Caution Regarding Forward-Looking Statements

This press release contains “forward-looking” statements, as that term is defined under the United States federal securities laws. These forward-looking statements are based on our current assumptions, expectations and beliefs and are subject to substantial risks, uncertainties, assumptions and changes in circumstances that may cause JFrog’s actual results, performance or achievements to differ materially from those expressed or implied. – understood in any forward-looking statements.

There are a number of important factors that could cause actual results, performance or achievements to differ materially from the statements made in this press release, including, but not limited to, the risks detailed in our filings with the Securities and Exchange Commission, including in our annual report. on Form 10-K for the fiscal year ended December 31, 2021, our quarterly reports on Form 10-Q, and other filings and reports that we may file from time to time with the Securities and Exchange Commission. Forward-looking statements represent our beliefs and assumptions only as of the date of this press release. We disclaim any obligation to update any forward-looking statements.

Show source version on businesswire.com:https://www.businesswire.com/news/home/20220913006141/en/

CONTACT: Media contact:

Siobhan Lyons, Sr. MarComm Manager, JFrog, [email protected] Investor Contact:

Jeff Schreiner, Vice President of Investor Relations, [email protected]



SOURCE: JFrog Ltd.

Copyright BusinessWire 2022.

PUBLISHED: 09/13/2022 1:37 PM / DISK: 09/13/2022 1:37 PM



Comments are closed.