JFrog launches AppTrust streamlining software compliance and governance

JFrog Ltd., the Liquid Software company, has announced the launch of JFrog AppTrust, a solution aimed at enhancing software supply chain governance. This groundbreaking tool is designed to aid companies in automating audit and compliance processes to mitigate risk and foster application trust.

At its core, JFrog AppTrust offers a complete perspective on software security, quality, and performance metrics. DevOps and security teams benefit from this by integrating evidence-based policies and contextual insights into their workflows.

One of the standout features is its native integration with the ServiceNow AI Platform. This collaboration ensures a unified experience across different layers of applications, paving the way for seamless enterprise application governance.

JFrog CEO and Co-founder, Shlomi Ben Haim said, "Software is being released faster than ever, and secure updates have become the fuel powering today's world... Our customers tell us that aftr DevOps and DevSecOps, the next big challenge is compliance - that's why 'DevGovOps' must happen"

Key capabilities introduced with JFrog AppTrust include:

• Governance, Risk, and Compliance (GRC): Establishes a verified evidence base and automated policy enforcement to maintain application integrity.
• Complete Application Context: Automatically maps software assets to applications, offering clear visibility into risks and ownership.
• Trust Control: Advances software through structured stages with policy gates reflecting security and other essential metrics.
• Evidence System of Record: A comprehensive infrastructure to attest to release metadata with signed, verifiable evidence.
• Efficiency Insights: Enhances software development efficiency using analytical metrics like DORA.

In collaboration with leading software firms, JFrog is enhancing its evidence ecosystem, integrating partners such as SonarQube, GitHub, and ServiceNow to bolster audit transparency and compliance.

"Modern software depends on bringing together the right data - from development through operations - to make informed, auditable decisions at scale. With ServiceNow's operational and compliance insights integrated into the JFrog ecosystem, organisations can extend visibility and control even further across their software supply chain. This integration reflects our continued focus on enabling connected, end-to-end governance across the digital lifecycle" stated Rahul Tripathi, GVP and GM of IT Service Management at ServiceNow.

As software releases accelerate, organisations face challenges in balancing speed, quality, and compliance. JFrog AppTrust aims to reconcile these through enhanced collaboration between development and security teams, ensuring rapid yet dependable application delivery.