Last week, JFrog Ltd., the Liquid Software company unveiled new integrations for JFrog Xray with ServiceNow’s Lightstep Incident Response and Spoke products for IT Service Management. The integration is immediately available and will enable IT leaders to better handle security vulnerabilities and compliance issues quickly by engaging the necessary team members from across the organization for more immediate response and remediation.
Providing real-time insights
Essentially, the new integration enables IT teams to proactively address security issues before they become major concerns. The combination of JFrog Xray and ServiceNow delivers a robust software composition analysis (SCA) tool that can quickly scan binaries for vulnerabilities and license compliance issues, then share those insights with the appropriate parties across the organization. The JFrog Xray-ServiceNow solution is unique in that it helps DevOps engineers, site reliability engineers (SREs), IT system administrators, and others, more securely build, deploy, run, and monitor applications effortlessly, in a single view. It also enables real-time security alerts and insights with assigned actions across all the tools, people, and processes needed for timely resolution.
More specifically the integration allows for developers, SREs, and security administrators to monitor, collect and respond to license compliance and security vulnerabilities impacting the software supply chain across all stages of the software development and release lifecycle, and streamline vulnerability response by pulling in the right team members across the organization for faster remediation; it enables IT operations staff to generate violation reports, create ‘ignore rules’, re-scan builds, add custom item properties, automate workflows that meet audit demands, avoid penalties for improper use of code segments obtained from the open-source community, identify problems earlier in the application development pipeline and incorporate change management solutions.
As the Co-founder CEO of JFrog, Shlomi Ben Haim, stated: “Successfully securing the software supply chain at the speed of business is a team sport, requiring efficient, cross-team collaboration for timely security incidents remediation. Our integration with ServiceNow aims to change the relationship between developers and the rest of the business, so they can maintain the speed and frequency of releases while avoiding downtime and loss of trust from end customers.”