UPDATED 11:09 EDT / MARCH 29 2023

INFRA

Simplifying software development with single-platform repository

The ability to deliver software updates safely and efficiently is as important as ever in an evolving technological landscape increasingly reliant on DevOps and software-as-a-service solutions.

JFrog Ltd. is one of few binary repository management solutions available, powering software supply chains and allowing businesses to manage binaries from developer to production, according to Sudhindra Rao (pictured), development manager of community engineering at JFrog.

“All these center depositories are prone to single point of failures, and we have all experienced what happens when one of those goes down and how it stops production,” he said. “What we are working on is how do we build a system where we can have liquid software as a reality and continue to build software, regardless of all these systems of being live all the time while having a mechanism to trust what is coming out of those systems?”

Rao spoke with theCUBE industry analyst John Furrier during last year’s DockerCon event about JFrog’s mission, its relationship with Docker, how to get involved with JFrog and more. (* Disclosure below.)

Automating and simplifying DevOps

Even when using trusted sources and the best cyber protection available, it’s hard to trust software as it can be potentially saddled with vulnerability and exploits, intentionally or not. JFrog has measures in place to ensure minimal security risks and errors with each update and rollout.

“If there is a vulnerability that is discovered and released in some database, and we need to take corrective action to say that this vulnerability is associated with this version but there is no automated mechanism, we are working on an automated mechanism where you can run a command, which will tell you what has happened with this piece of software, this version of it, and whether it is production worthy or not,” Rao explained.

When JFrog began teaming up with Docker, both companies had similar ideas on how to make these automated mechanisms openly available to those who need them, regardless of whether they’re interacting with the Docker Hub.

“What we worked with Docker is integrating our solution so that anywhere Docker is being used, people don’t have to change those behaviors or change those code lines,” Rao explained. “We wanted to build a seamless integration between Docker, and the solution that we are building lets you continue to do Docker pull and Docker push but get all the benefits of the supply chain security solution that we have.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the DockerCon event:

(* Disclosure: TheCUBE is a paid media partner for DockerCon. Neither Docker Inc., the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU