JFrog Curation is a DevSecOps solution designed to defend your software supply chain by automating the identification and blocking of malicious or risky open-source packages before they enter your development pipelines. By integrating seamlessly with JFrog Artifactory, it provides centralized visibility and control over third-party packages, ensuring that only trusted software components are utilized. This proactive approach enhances security, compliance, and developer productivity by preventing harmful packages from compromising your software development processes. With features like automated policy enforcement, comprehensive auditing, and a catalog of over 4 million open-source packages, JFrog Curation empowers organizations to maintain a secure and efficient software supply chain.

Features:

• Automated Policy Enforcement: Block packages with known vulnerabilities, malicious code, operational risks, or license compliance issues.
• Centralized Visibility: Track and manage open-source packages downloaded by your organization for enhanced control.
• Comprehensive Auditing: Maintain a detailed audit trail of package usage and policy enforcement actions.
• Extensive Package Catalog: Access metadata for over 4 million open-source packages, including version history, security vulnerabilities, and license data.
• Seamless Integration: Integrate with JFrog Artifactory and other DevOps tools for a unified software development workflow.