|
Did you know that in just the first half of 2025, over 20,000 new software security vulnerabilities were disclosed? This is more than 3x the number compared to the previous year.
Unfortunately, AI is being weaponized in many cases; a growingly popular attack vector these days is in exploiting the software toolchain itself—just look at the recent npm and Nx problems. You (and your employer) do NOT want to experience a production shutdown due to a vulnerability exploited from deep within your software toolchain…
That’s why at JFrog's swampUP conference last month we announced the upcoming availability of Develocity Provenance Governor: a continuous Governance, Risk, and Compliance (GRC) platform for DevOps, along with our first integration partner JFrog and their AppTrust platform.
This new platform enables your CISO office and DevSecOps teams to shift GRC policy enforcement to the left, meaning fewer costly and risky discoveries down the road.
Develocity Provenance Governor allows you to evaluate every artifact in every local and CI build in your SDLC, catching various supply chain attack vectors during development and preventing unauthorized or unverifiable toolchain artifacts from ever reaching production.
General Availability of Develocity Provenance Governor is coming soon, so for now learn more below and reach out to us through the linked form to talk to someone at Gradle.
|
