Devsecops business JFrog on September 13 introduced ML Design Management, a set of capabilities for the JFrog Software Application Supply Chain Platform developed to streamline the management and security of artificial intelligence models.Using ML Model
Management and the JFrog Software Application Supply Chain Platform, organizations can manage their exclusive designs in Artifactory and proxy the Hugging Face design repository to cache the open source AI models they count on, bringing them closer to production and development and protected from removal or modification.Further, brand-new ML security capabilities in JFrog Xray permit companies to identify and block malicious models and models with licenses that do not abide by business policies. Users likewise can keep home-grown or internally enhanced ML designs with access controls and versioning history. ML designs can be bundled and distributed as part of any software application release.JFrog said increasing numbers of organizations are integrating ML models into applications. With government guidelines needing software application vendors to list what is inside their software, JFrog believes it will not be long prior to these standards are reached consist of AI and ML designs. The integration of the ML model management capability provides clients a way to shop, safe and secure, and manage ML models along with other software application elements, the company said.JFrog on September 13 also unveiled these other abilities for JFrog Software Supply Chain Platform: Static Application Security Testing(SAST)
, to assist with scanning source code for zero-day security vulnerabilities. JFrog SAST assists lessen false positives
- and prioritize remediation efforts by means of contextual analysis. Open-Source Software (OSS )Brochure, providing an online search engine for software application packages in the JFrog UI or by means of an API, backed by both public and JFrog information, and offering users
- insight into security and danger metadata connected with OSS bundles. The catalog is featured as part of the JFrog Curation element of Software application Supply Chain Platform. Release Lifecycle Management (RLM ), developing an immutable release package defining a software bundle and its components early in the software advancement lifecycle. RLM likewise leverages anti-tampering systems,
- compliance checks, and evidence capture to collect data on each release package. JFrog stated that to attend to the rise in software supply chain attacks, securing at the binary level with immutable software packages was a”should”due to the fact that this was the only method to accredit what was being launched, and accrediting the release was the only method
to accredit security for use. Copyright © 2023 IDG Communications, Inc. Source
