2018 may be over but the damage caused by dozens of the years’ data breaches still haunts us. From Marriott to Equifax, last year illustrated the dire need for companies to invest in proper security measures in order to protect themselves against hackers and scammers. Luckily, there are companies doing just that; JFrog, the leading company in DevOps technology recognizes this necessity and is taking precautionary measures by partnering with Risk Based Security (RBS). By delivering the most extensive, integrated security into their flagship security and compliance scanning solution yet, XRay, JFrog customer pipelines will be properly screened from code through production, greatly reducing the risk of security breaches and hacks.
RBS is the provider of VulnDB, which holds the broadest collection of vulnerability intelligence, protecting JFrog XRay customers from over 194,000 unique vulnerabilities. This level of protection is critical for large companies; if software vulnerabilities are detected too late, companies risk a damaging headline that could ruin their reputation and credibility.
As it currently stands, most software security solutions only employ the vulnerabilities that are made public through online resources, such as the National Vulnerability Database (NVD). However JFrog takes a different approach; by embedding VulnDB into Xray, customers will be equipped with industry-leading vulnerability intelligence. This includes over 64,000 vulnerabilities as well as data that the NDV does not provide. Additionally, the intelligence provided by VulnDB, combined with JFrog’s intricate and universal comprehension of software package types, will produce the broadest-reaching protection of any security scanning product.
“We are excited to include the world’s richest vulnerability intelligence database in Xray, and provide our users with the best tool in the DevSecOps market with Risk Based Security’s VulnDB,” said Shlomi Ben Haim, JFrog Co-Founder and CEO. Indeed, RBS is a very reputable security provider, and front-runner in vulnerability intelligence, organizational ratings, and on-demand security solutions. Since 2011, their mission has been to deliver extensive, action-quality, and appropriate vulnerability intelligence through advanced and unprecedented technology enabled solutions.
Additionally, RBS developed VulnDB, the largest and most thorough vulnerability intelligence database. VulnDB helps customers uncover and confront areas of risk across various points of the entire organization, including application development and security operations. RBS also holds the most in-depth data breach and cyber exposure knowledge base available, Cyber Risk Analytics (CRA). CRA supports fact-based procurement due diligence, vendor performance monitoring, organizational ratings and prioritized remediation for high-risk vendors. As a result, utilizing CRA’s risk ratings with VulnDB’s vulnerability intelligence will undoubtedly produce a more comprehensive security for JFrog Xray customers.
Xray will automatically be incorporating the VulnDB database into its software, with the first stage of integration starting immediately and for the process to be complete by mid-2019. In order to accommodate any JFrog customers who run data centers without internet access, any updates made to the software will be made available offline. “Identifying and mitigating vulnerabilities in a timely fashion is a critical component of managing risk in today’s enterprises,” said Barry Kouns, Co-Founder and CEO of Risk Based Security. Indeed, by incorporating VulnDB into Xray’s existing software promptly, JFrog is taking the correct approach to combating future security risks and failures.
While VulnDB appears to be the most ideal solution for challenges relating to security risks and vulnerabilities, it’s hard to tell if any amount of intelligence will be enough to combat modern day hackers and cybercriminals. If we take a look at the 2018 track record of data breaches, it appears as though every major tech giant faced some form of attack, leading us to believe that no amount of preparation or precaution will ever truly equip us for the dangers of the digital world. Nevertheless, the fact that RBS and VulnDB can protect against 194,000 unique vulnerabilities is better than no defense at all, and more companies should mirror JFrog’s approach to this growing societal threat.