JFrog has announced the general availability of its universal artifact analysis product, JFrog Xray, which works with all software package formats and a multitude of databases. The solution deeply and recursively scans every type of binary component ever used in a software project and points out changes or issues impacting the production environment.
The combination of validating with security databases, along with acquiring metadata from JFrog Artifactory, provides the ability for JFrog Xray to scan a container or software package and also provides a full dependency graph and impact analysis to the user.
JFrog Xray provides deep recursive scanning to repeatedly peel back the layers of software components and their accompanying metadata to uncover security vulnerabilities or other issues down to the most fundamental binary component no matter what binary packaging format the organization uses. This deep scanning of the dependency graph provides organizations the ability to perform impact analysis on changes to their package structure.
JFrog Xray is a fully automated platform offered through a public Rest API, enabling integration with an organization's continuous delivery/continuous integration pipeline as well as with all current and any future types of component-scanning technology. It integrates with a universal range of databases and security platforms so that critical necessities such as security vulnerability analysis, license compliance and component version analysis and assurance become possible not only at build time but across all of the enterprise's binary digital assets.