JFrog Launches Free Subscription to Multi-Cloud DevOps Platform with Built-in Open Source Security Scanning

Development teams can accelerate delivery with universal package management, DevSecOps tools and cloud-native CI/CD solutions across major cloud providers

The JFrog Platform Free Subscription

JFrog launches a free subscription to its Multi-Cloud DevOps platform with built-in open source security scanning.
JFrog launches a free subscription to its Multi-Cloud DevOps platform with built-in open source security scanning.
JFrog launches a free subscription to its Multi-Cloud DevOps platform with built-in open source security scanning.

SUNNYVALE, Calif., Oct. 13, 2020 (GLOBE NEWSWIRE) — JFrog, the liquid software company, today announced the general availability of a free subscription of its universal, hybrid and multi-cloud DevOps Platform, including industry-leading DevSecOps capabilities offered at no cost.

The JFrog Platform is used by some of the largest enterprises in the world to streamline and accelerate their delivery. Available on all major public cloud providers—AWS, Microsoft Azure, and Google Cloud Platform— and across 18 cloud regions, the free subscription of the JFrog Platform includes:

  • JFrog Artifactory, a universal software package (binary) management solution and enterprise container registry in one, supporting more than 26 technologies.

  • JFrog Xray, enabling DevSecOps with the industry-leading SaaS solution for OSS vulnerability scanning. Paid subscriptions also include OSS license compliance and additional, advanced security capabilities powered by VulnDB.

  • JFrog Pipelines, a next-generation CI/CD solution for both traditional and cloud-native applications.

  • Users receive free access to the critical building blocks for enterprise-grade end-to-end DevOps, with up to 2GB of storage, 10GB of monthly data transfer and 2,000 CI/CD pipeline minutes per month.

“The community deserves a solution that provides the combination of best-of-breed experience built into an end-to-end platform for all DevOps and DevSecOps needs. No need to worry about package types, security threats or user limit hassles – it’s just a simple, yet powerful and free DevOps solution,” said Shlomi Ben Haim, CEO at JFrog. “JFrog was built by developers for developers and it’s important to

Hasura Wins InfoWorld’s Best of Open Source Software Award

SAN FRANCISCO, Oct. 13, 2020 (GLOBE NEWSWIRE) — Hasura, the data access infrastructure company, today announced that it has won InfoWorld’s Best of Open Source Software Award, also known as the Bossie Award: https://www.infoworld.com/article/3575858/the-best-open-source-software-of-2020.html. Hasura’s open source product GraphQL engine has been downloaded more than 78 million times and has more than 18,500 GitHub stars.

Each year, InfoWorld’s Bossies recognize the best open source software for businesses and IT professionals. InfoWorld’s central mission has always been to identify the most innovative products available to developers and IT organizations. Increasingly, those products — ranging from software development tools to cloud infrastructure software to big data platforms — come from open source projects. Bossie winners are chosen by InfoWorld editors and expert reviewers that work in IT and software development – who have practical experience with the leading open source technologies.

“Like a benevolent Borg, open source sweeps across the software universe year after year, bringing innovation to everything it touches,” said Doug Dineley, Executive Editor of InfoWorld. “From better ways to build web applications or machine learning models or automated workflows to faster and more powerful distributed databases and analytics, our 2020 Bossie Award winners will amaze you with what cutting-edge open source software has to offer.”

Organizations already have data they want to use but it is trapped in silos. Rather than trying to use outdated approaches to overcome this problem like consolidating fast-moving operational data into static data warehouses or datalakes, Hasura provides a new option: simply connect applications by federating access to where the data lives, using a modern API-based approach that includes security, governance and scalability as standard features. With support for PostgreSQL, MySQL and SQL Server, using Hasura means developers aren’t forced to migrate data to make it accessible from their applications.

Hasura’s ability to

Rocket Insights Joins PathCheck Foundation’s Global Partner Program to Develop Open Source Software to Help Contain the Pandemic

BOSTON, Oct. 13, 2020 /PRNewswire/ — Rocket Insights, part of Dept, today announced it has joined PathCheck Foundation’s global partner program, PathCheck Alliance, as a founding member. Rocket Insights is working with PathCheck Foundation to develop and implement exposure notification and digital contact tracing solutions to help contain COVID-19.

PathCheck Foundation was spun out of MIT in March 2020 to build digital solutions to contain COVID-19 and revitalize the economy, while protecting individual privacy and liberty. PathCheck supports the Google Apple Exposure Notification system and a range of other technologies to help slow the spread of COVID-19. Teams in seven U.S. states and countries are implementing PathCheck technology to create exposure notification mobile apps for their communities, including Hawaii, Guam, Puerto Rico, and Cyprus.

“Early in the pandemic, our team was eager to find ways we could leverage our skills to help contain the spread of the virus,” said Ashley Streb, partner at Rocket Insights. “We were introduced to the PathCheck Foundation and jumped at the opportunity to provide product strategy, design and engineering to support the foundation’s vision of creating digital solutions to fight the pandemic.”

PathCheck partnered with Rocket Insights to design and build an app for digital contact tracing using privacy-preserving GPS data. This was followed by a second, separate app for exposure notification using the Google Apple Exposure Notification framework. This app uses Bluetooth to anonymously and securely identify when phones have been near each other and potential COVID-19 exposures have occurred (note: these capabilities are entirely optional and privacy preserving). The apps enable communities to work together to stop the spread of the virus, and complement other public health strategies, including manual contact tracing efforts.

Rocket Insights is working with PathCheck to build more features into the system to

Nizhny Novgorod shooter interested in computer games, weapons – source – Emergencies

MOSCOW, October 12. /TASS/. A shooting suspect in the Nizhny Novgorod Region was into computer games, firearms, and extreme industrial tourism, a source in law enforcement told TASS.

“Preliminary investigation showed that [Daniil] Monakhov was interested in firearms, their tactical technical properties, constructional features, and history. He was also into computer games. Additionally, among his hobbies <…> was extreme industrial tourism. He was active on social networks,” the agency’s interlocutor said.

In the evening of October 12, a man opened fire in the Bolsheorlovskoe settlement in the Nizhny Novgorod Region and later fled. Russia’s Investigative Committee’s regional directorate reported that three people were killed while three more were wounded. Currently, members of special purpose police units and rapid deployment task force have been dispatched to the crime scene to apprehend the armed criminal.

The source in the law enforcement told TASS that the shooting was initiated by a local 18-year-old resident Daniil Monakhov. It was caused by a conflict between him and his grandmother whom he wounded. The woman was delivered to a hospital in serious condition. The young man also shot and killed his neighbor and then killed two more people at a bus stop. Additionally, two women were also wounded there.

Later the source told TASS that the grandmother died in the hospital and the number of victims rose to four.

The suspect may be in possession of two smoothbore guns and 40 bullets.

Source Article

The threats of open source software in cloud native

The use of open source has become a crucial part of the modern development process. It helps everyone build software faster than ever, but it also puts developers at risk of unknowingly introducing security vulnerabilities into the applications they develop, and placing their own organization or their customers in jeopardy. A single bug in one of the code dependencies can affect an entire application, making it susceptible to compromise. In a cloud-native world, these risks are amplified due to the continuous stream of potentially vulnerable code.

The need for speed: The rise of open source

Over the past few years, open source has seen massive growth. Today, over 2.5 million developers contribute to open source on platforms like GitHub, which is the largest open source community in the world. It hosts millions of open-source projects, some of them not only having thousands of contributors but also acting as dependencies for numerous other repositories. Following the popularity of open source, its use in commercial software has also surged. According to the Synopsis 2020 Open Source Security and Risk Analysis Report, “open source components and libraries are the foundation of literally every application in every industry.”

The reality is that building an app completely from scratch these days is extremely rare. The proliferation of DevOps and cloud computing created a new, dynamic and fast-paced environment. More and more organizations are adopting containers and microservices to build cloud-native applications, taking advantage of the speed and agility these new technologies have to offer. Amazon engineers allegedly deploy code every 11.7 seconds whereas Netflix engineers deploy code thousands of times per day.

To keep up with this velocity, developers are increasingly using open source packages and libraries throughout the software lifecycle. It is estimated that 99 percent of today’s codebases contain open source components, and