JFrog Xray is a universal binary analysis solution that works with JFrog Artifactory (binary and artifact management tool) to analyze software components and reveal a variety of vulnerabilities at any stage of the software application lifecycle. By scanning binary components and their metadata, recursively going through dependencies at any level, JFrog Xray provides unprecedented visibility into vulnerable components lurking anywhere in your organization. Xray’s interface with Artifactory gives it the exclusive advantage of combining any number of data feeds with the exhaustive metadata stored within Artifactory to detect different vulnerabilities without needing access to source code. JFrog Xray is also fully automated through a rich REST API that lets it integrate with a CI/CD pipeline and allows other binary analysis tools to build on its unique capabilities. JFrog Xray protects your development and production systems with: + Detailed reports on all vulnerabilities you are interested in. + The ability to recursively drill down and analyze even the smallest binary component that affects your software. + Clear visualization of how a vulnerability in one component affects all others. + Continuous scanning and analysis of existing components, even those long since deployed to production, and provides alerts for just-discovered vulnerabilities. + Analysis Filters, focus on the most relevant scope based on different parameters. + Custom API-Driven Automated Analysis through an open REST API. + Fully automated vulnerability analysis and management by integrating with your CI/CD pipeline.
Press and media coverage
https://sdtimes.com/devops/jfrog-xray-2-0-examines-the-cicd-pipeline/ https://hub.packtpub.com/meet-jfrog-xray-a-binary-analysis-tool-for-performing-security-scans-and-dependency-analyses/ https://sdtimes.com/security/a-guide-to-devsecops-tools/