JFrog Platform ‘Crypto-Signs’ Binaries for Zero-Trust Software Lifecycle Management
The JFrog DevOps Platform is putting the blockchain to use, digitally signing the software binaries to document and secure their journeys through the entire development process.
JFrog‘s crypto-signing functionality may be the first commercial use of a blockchain technology to capture changes on a CI/CD platform, asserted JFrog founder and chief technology officer Yoav Landman. This update, and others unveiled at the company’s SwampUP user conference being held this week virtually, are part of the JFrog’s overall goal to give enterprises, and their developers, more efficient and secure ways to manage the software development lifecycle.
The management of software binaries — the actual application after its code has been compiled into an executable program — is a huge portion of this lifecycle management, Landman said in an interview with The New Stack.
“Developers like to think about code, but in reality, what’s happening is that the transition to binary is almost immediate,” Landman said. Even in accelerated DevOps schedules, binaries are needed to build against as dependencies. “The binary that will travel all the way to the runtime, through scanning, distribution, all the QA testing for different phases, all the way to production.”
