JFrog

@jfrog

Driven by a “Liquid Software” vision, the JFrog Software Supply Chain Platform powers organizations to build, manage, and distribute software quickly & securely

🌎

Joined May 2009

2.3K Following

23.2K Followers

18.1K Posts

JFrog

@jfrog

about 2 hours ago

Developers are pulling #AI models, #MCP servers, and plugins the same way they pulled npm packages in 2015: Fast and frequently with minimal vetting. 🫣 Every ungoverned AI asset is a #softwaresupplychain risk and most teams won't see it until it surfaces in production. Join us and Google Cloud to learn how platform and security teams are closing the #AI governance gap in regulated environments, without becoming a bottleneck: https://t.co/SLn8QUfSZ3 #DevSecOps #SoftwareSupplyChain #MLOps #AIGovernance #AgenticAI

JFrog

@jfrog

about 9 hours ago

Thank you, London! What a week at @Infosecurity Europe 🐸 Hundreds of conversations, a packed Case Studies Theatre session with Ofri Ouzan talking about securing AI agents, and some brilliant questions from security leaders who are taking the software supply chain seriously. The AI-era security conversation is just getting started. Missed us at the event? The team is always available. Visit the link below to continue the conversation 👇 https://t.co/u234fPWRqQ #DevSecOps #SoftwareSecurity #InfoSecEurope

jfrog's tweet photo. Thank you, London! What a week at @Infosecurity Europe 🐸

Hundreds of conversations, a packed Case Studies Theatre session with Ofri Ouzan talking about securing AI agents, and some brilliant questions from security leaders who are taking the software supply chain seriously.

The AI-era security conversation is just getting started.

Missed us at the event? The team is always available. Visit the link below to continue the conversation 👇
https://t.co/u234fPWRqQ

#DevSecOps #SoftwareSecurity #InfoSecEurope

JFrog

@jfrog

about 16 hours ago

Day 2 of the #EveryOps Tour Australia and Sydney went deep. 🔍 One question anchored the whole room: when #AI is writing the code, pulling dependencies, and running as agents in your pipeline — what does it actually mean to trust what ships? Three things that kept coming up: → AI agents aren't waiting for governance to catch up. Code is being created faster than it can be reviewed. → Binaries are now the primary output of AI, not #sourcecode. Most security models weren't built for that. → Trusted AI isn't about slowing adoption. It's about moving fast with the right guardrails in place. Huge thanks to Belen Fava & Marcus Lau from Heidi for bringing real practitioner perspective to the table. 🙏

jfrog's tweet photo. Day 2 of the #EveryOps Tour Australia and Sydney went deep. 🔍

One question anchored the whole room: when #AI is writing the code, pulling dependencies, and running as agents in your pipeline — what does it actually mean to trust what ships?

Three things that kept coming up:

→ AI agents aren't waiting for governance to catch up. Code is being created faster than it can be reviewed.
→ Binaries are now the primary output of AI, not #sourcecode. Most security models weren't built for that.
→ Trusted AI isn't about slowing adoption. It's about moving fast with the right guardrails in place.

Huge thanks to Belen Fava & Marcus Lau from Heidi for bringing real practitioner perspective to the table. 🙏

103

JFrog

@jfrog

about 17 hours ago

🤖 AI agents commit, build, and deploy... without a human sign-off. 👨🏻‍💻 #DORA assumes every production change has an accountable person behind it. Agentic code breaks that assumption entirely. For financial institutions, that gap isn't technical debt. It's a regulatory liability. Join JFrog's Global Field CISO Nir Peleg and AppTrust PM Sophie Starchenko on June 25th to see how to close it — live demo included. Register today: https://t.co/2IHr2DiIwt #DevSecOps #SoftwareSupplyChain #AppSec

jfrog's tweet photo. 🤖 AI agents commit, build, and deploy... without a human sign-off.

👨🏻‍💻 #DORA assumes every production change has an accountable person behind it. Agentic code breaks that assumption entirely.

For financial institutions, that gap isn't technical debt. It's a regulatory liability.

Join JFrog's Global Field CISO Nir Peleg and AppTrust PM Sophie Starchenko on June 25th to see how to close it — live demo included.

Register today: https://t.co/2IHr2DiIwt

#DevSecOps #SoftwareSupplyChain #AppSec

108

Who to follow

AI Security Engineers

@aiseceng

Advancing AI security by uniting innovators, researchers, builders, and defenders to share insights on securing AI-powered and agentic applications.

Red Hat Ansible

@ansible

Automation for Everyone. Simple, powerful, agentless automation language to describe your complete IT infrastructure.

Jenkins

@jenkinsci

Jenkins, an extensible automation engine

JFrog

@jfrog

about 18 hours ago

Mumbai, the Frogs are coming 🐸 Meet the JFrog team at the 3rd India #DevSec Show 2026, one of India's premier gatherings for #DevSecOps and #security engineering leaders. Whether you want to see a live demo, talk #supplychainsecurity, or simply connect with our team, we'd love to have a conversation. 📅 11 June 2026 | The Lalit, Mumbai 📩 Book a meeting with us: https://t.co/JwnguKumM8 #IndiaDevSecShow2026 #Mumbai

JFrog

@jfrog

about 24 hours ago

🪱 Nicknamed "Iron Worm", our team @JFrogSecurity found a supply-chain worm hiding in #npm. Rust-built. eBPF rootkit. Back-dated commits. And an operator who hardcoded his own crypto wallet's recovery phrase into the malware so it wouldn't rob him. Full teardown: https://t.co/rGNVUwuslF

jfrog's tweet photo. 🪱 Nicknamed "Iron Worm", our team @JFrogSecurity found a supply-chain worm hiding in #npm. Rust-built. eBPF rootkit. Back-dated commits.

And an operator who hardcoded his own crypto wallet's recovery phrase into the malware so it wouldn't rob him.

Full teardown: https://t.co/rGNVUwuslF

177

JFrog

@jfrog

1 day ago

Your agent was doing great… Then it ran out of context, lost alignment, and you had to restart. 🙅‍♂️ If that sounds familiar, join our meetup, Beyond Tokens, on June 11th in San Francisco: https://t.co/gwqIAokFrE At Beyond Tokens, the team behind JFrog Boost will share the internal tooling they built to kill token waste and keep agents on task + hear from Nanoclaw creator, Gavriel Cohen, explains their 3 layers of safety. Free event for builders, so seats are limited! #AIAgents #DevMeetup #AIEngineering

jfrog's tweet photo. Your agent was doing great… Then it ran out of context, lost alignment, and you had to restart. 🙅‍♂️

If that sounds familiar, join our meetup, Beyond Tokens, on June 11th in San Francisco: https://t.co/gwqIAokFrE

At Beyond Tokens, the team behind JFrog Boost will share the internal tooling they built to kill token waste and keep agents on task + hear from Nanoclaw creator, Gavriel Cohen, explains their 3 layers of safety.

Free event for builders, so seats are limited!

#AIAgents #DevMeetup #AIEngineering

105

JFrog

@jfrog

1 day ago

That's a wrap on @gartnerinc Security & Risk Management Summit 2026! 🤝 Three days of real conversations with #CISOs, #security engineers, and risk leaders who are navigating one of the most complex threat landscapes in recent memory. Special shout out to Paul Davis for his talk. 🌟 A few things we heard a lot this week: → #AI is expanding the attack surface faster than security teams can respond. → Tool sprawl is creating more noise, not more signal. → CISOs need a single source of truth, not another vendor dashboard. If you missed us, it's not too late to get started on the JFrog platform today: https://t.co/2sVUdopfP9 #SoftwareSupplyChain #DevSecOps #CISO #AppSec

jfrog's tweet photo. That's a wrap on @gartnerinc Security & Risk Management Summit 2026!

🤝 Three days of real conversations with #CISOs, #security engineers, and risk leaders who are navigating one of the most complex threat landscapes in recent memory.

Special shout out to Paul Davis for his talk. 🌟

A few things we heard a lot this week:
→ #AI is expanding the attack surface faster than security teams can respond.
→ Tool sprawl is creating more noise, not more signal.
→ CISOs need a single source of truth, not another vendor dashboard.

If you missed us, it's not too late to get started on the JFrog platform today: https://t.co/2sVUdopfP9

#SoftwareSupplyChain #DevSecOps #CISO #AppSec

JFrog

@jfrog

1 day ago

Subject to Official Rules: https://t.co/5N1e6rKFjh

304

JFrog

@jfrog

1 day ago

Is your team moving as one? ☝️ Fragmentation is the enemy of speed, but The Convergence Award celebrates those who turned chaos into collaboration. If you’ve unified #dev and #security into a single, trust-filled workflow, it’s your time to shine. 🌟 You know how to prove that every little thing is gonna be alright. Apply today: https://t.co/WCi95shgbK #DevSecOps #Frogstars #SSCEAwards

jfrog's tweet photo. Is your team moving as one? ☝️

Fragmentation is the enemy of speed, but The Convergence Award celebrates those who turned chaos into collaboration. If you’ve unified #dev and #security into a single, trust-filled workflow, it’s your time to shine. 🌟

You know how to prove that every little thing is gonna be alright. Apply today: https://t.co/WCi95shgbK

#DevSecOps #Frogstars #SSCEAwards

371

jfrog retweeted

NanoClaw

@NanoClaw_AI

1 day ago

Gavriel is going to San Francisco! June 11 at @JFrog's Beyond Tokens meetup, @Gavriel_Cohen is sharing exactly how we built an agent factory that reviews and merges code in our 30K-star repo. Step by step guide with nothing held back. Register: https://t.co/KyvVUQekLK

NanoClaw_AI's tweet photo. Gavriel is going to San Francisco!

June 11 at @JFrog's Beyond Tokens meetup, @Gavriel_Cohen is sharing exactly how we built an agent factory that reviews and merges code in our 30K-star repo.

Step by step guide with nothing held back.

Register: https://t.co/KyvVUQekLK https://t.co/9zdqn2yHgQ

315

JFrog

@jfrog

1 day ago

Evaluating a software supply chain platform shouldn't mean wasting time clicking through multiple screens and setting up test configurations. With JFrog’s new MCP server integration, you can now configure repos, audit builds, and run Xray security scans directly from your AI coding environment using plain language. Connect Cursor, Claude Code, or VS Code to your free trial instance and let your agents do the work so you can concentrate on the results. Read all about it: https://t.co/H41XKZH8fH #DevOps #AppSec #MCP #CursorAI #ClaudeCode

jfrog's tweet photo. Evaluating a software supply chain platform shouldn't mean wasting time clicking through multiple screens and setting up test configurations.

With JFrog’s new MCP server integration, you can now configure repos, audit builds, and run Xray security scans directly from your AI coding environment using plain language.

Connect Cursor, Claude Code, or VS Code to your free trial instance and let your agents do the work so you can concentrate on the results.

Read all about it: https://t.co/H41XKZH8fH

#DevOps #AppSec #MCP #CursorAI #ClaudeCode

161

JFrog

@jfrog

1 day ago

#AI has changed how software is built in Australia, and how fast it can be attacked. In our 2026 Software Supply Chain Security State of the Union, Australian findings show: ↳ 68% of organisations self-host AI models - highest rate globally ↳ 47% block unapproved IDE extensions - leading the world ↳ Yet only 38% are scanning for exposed secrets ↳ 44% still need a week or more to produce compliance audit proof Australia's automation-first approach is world-class. But automation and governance aren't the same thing, and the gap between them is exactly where attackers are moving. The gap between them is exactly where attackers are moving — and Australian organisations are not immune. Read the full findings to see where your defences stand: 🔗 https://t.co/IKU4TjtlMp Then join us live to unpack what it takes to close the gap: 📅 June 18, 2026 | 3:30PM AEST 🔗 https://t.co/GPltxQJSpE #DevGovOps #DevSecOps #SoftwareSupplyChain #EveryOps

JFrog

@jfrog

1 day ago

That's a wrap on Day 1 of the #EveryOps Tour Australia! 🇦🇺 What an incredible morning at The Boat House with some of #Australia's most thoughtful #technology and government leaders. We brought the #EveryOpsTour to Canberra to have a real conversation about what secure #softwaredelivery looks like when #AI is reshaping how teams build and ship - and the room did not disappoint. Thank you to every leader who showed up, leaned in, and shared openly. This is exactly the kind of peer exchange that moves the industry forward. Big Shoutout to @KirraServices for their partnership in bringing this conversation to Canberra. More cities. More conversations. Stay tuned. 👀 #SoftwareSupplyChain

jfrog's tweet photo. That's a wrap on Day 1 of the #EveryOps Tour Australia! 🇦🇺

What an incredible morning at The Boat House with some of #Australia's most thoughtful #technology and government leaders.

We brought the #EveryOpsTour to Canberra to have a real conversation about what secure #softwaredelivery looks like when #AI is reshaping how teams build and ship - and the room did not disappoint.

Thank you to every leader who showed up, leaned in, and shared openly. This is exactly the kind of peer exchange that moves the industry forward.

Big Shoutout to @KirraServices for their partnership in bringing this conversation to Canberra.

More cities. More conversations. Stay tuned. 👀

#SoftwareSupplyChain

JFrog

@jfrog

2 days ago

Day 1 at @Infosecurity Europe, wrapped. We're live at Booth C-40 throughout the event 🐸 The team is here, the demos are running, and Ofri Ouzan took to the stage! We've been speaking to customers and the community about: 🔒 Securing AI agents and agentic workflows 📦 Software supply chain security from prompt to production 🤖 AI-era AppSec at speed 📍 Booth C-40, ExCeL London See you tomorrow! #DevSecOps #SoftwareSecurity #InfoSecEurope

jfrog's tweet photo. Day 1 at @Infosecurity Europe, wrapped. We're live at Booth C-40 throughout the event 🐸

The team is here, the demos are running, and Ofri Ouzan took to the stage!

We've been speaking to customers and the community about:

🔒 Securing AI agents and agentic workflows
📦 Software supply chain security from prompt to production
🤖 AI-era AppSec at speed

📍 Booth C-40, ExCeL London

See you tomorrow!

#DevSecOps #SoftwareSecurity #InfoSecEurope

123

JFrog

@jfrog

2 days ago

⏳ LAST CALL: The shift toward autonomous development is happening fast so if you haven’t secured your spot for our webinar, do it now: https://t.co/x9TPsrI1YW Why join? AI agents are accelerating code production, but they also introduce massive supply chain risks. Tomorrow, we’re breaking down exactly how to embed automated guardrails, govern #MCP servers, and secure your pipeline at #AI scale. 🚫 Don't get left behind with slow, reactive security ticket queues. #DevGovOps #DevSecOps #AppSec #GenerativeAI #SoftwareSupplyChain

jfrog's tweet photo. ⏳ LAST CALL: The shift toward autonomous development is happening fast so if you haven’t secured your spot for our webinar, do it now: https://t.co/x9TPsrI1YW

Why join? AI agents are accelerating code production, but they also introduce massive supply chain risks.

Tomorrow, we’re breaking down exactly how to embed automated guardrails, govern #MCP servers, and secure your pipeline at #AI scale.

🚫 Don't get left behind with slow, reactive security ticket queues.

#DevGovOps #DevSecOps #AppSec #GenerativeAI #SoftwareSupplyChain

291

JFrog

@jfrog

2 days ago

🤖 Your coding agents ran all weekend, and your security dashboard looks clean. But what about the unapproved #MCP server an agent pulled at 2:47 AM? In part 2 of our Trusted AI Adoption series, we explain why periodic scans fail in the agentic era and how to build a continuous detection engine. Stop hoping. Start enforcing. Read the full detection blueprint: https://t.co/ytahNVFsxe #DevSecOps #ShadowAI #AppSec #GenerativeAI #JFrog

jfrog's tweet photo. 🤖 Your coding agents ran all weekend, and your security dashboard looks clean. But what about the unapproved #MCP server an agent pulled at 2:47 AM?

In part 2 of our Trusted AI Adoption series, we explain why periodic scans fail in the agentic era and how to build a continuous detection engine.

Stop hoping. Start enforcing. Read the full detection blueprint: https://t.co/ytahNVFsxe

#DevSecOps #ShadowAI #AppSec #GenerativeAI #JFrog

152

JFrog

@jfrog

3 days ago

The Frogs are happy to be at the @Gartner_inc Security & Risk Management Summit this week! The conversations on the floor are exactly why events like this matter. #CISOs, #security architects, and platform engineers are wrestling with the same questions: How do you govern #AI at the speed it's actually moving? How do you stop #SoftwareSupplyChain risk without slowing your #developers down? Stop by JFrog Booth 1024 and let's dig into it. Feel free to book 1:1 time with our team before the event is over: https://t.co/tviBIMTdcX 🌟Bonus: Tomorrow, JFrog Field CISO Paul Davis is presenting "Secure Agentic AI Supply Chains: CISO Strategies for Automated Attacks". #GartnerSRM #DevSecOps #CyberSecurity

jfrog's tweet photo. The Frogs are happy to be at the @Gartner_inc Security & Risk Management Summit this week!

The conversations on the floor are exactly why events like this matter. #CISOs, #security architects, and platform engineers are wrestling with the same questions: How do you govern #AI at the speed it's actually moving? How do you stop #SoftwareSupplyChain risk without slowing your #developers down?

Stop by JFrog Booth 1024 and let's dig into it.
Feel free to book 1:1 time with our team before the event is over: https://t.co/tviBIMTdcX

🌟Bonus: Tomorrow, JFrog Field CISO Paul Davis is presenting "Secure Agentic AI Supply Chains: CISO Strategies for Automated Attacks".

#GartnerSRM #DevSecOps #CyberSecurity

112

JFrog

@jfrog

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users