These integrations are intended to provide IT leaders with real-time security, vulnerability, and compliance insights in order to react quickly and engage necessary team members from across the organization for more immediate remediation.
By combining JFrog Xray and ServiceNow, users gain access to a software composition analysis tool that can scan binaries for vulnerabilities and license compliance issues quickly, then share those results with the appropriate teams.
According to the companies, this integration has the potential to help several different roles within an organization, including DevOps engineers, site reliability engineers, and IT systems administrators.
Additionally, it allows for real-time security alerts with assigned actions across all of the tools, people, and processes needed for resolution.
The JFrog Xray Spoke for ServiceNow enables IT operations teams to generate violation reports, create “ignore rules,” re-scan builds, and add custom item properties.
It also works to automate workflows that meet audit demands and avoid penalties for incorrect use of code segments obtained from the open-source community.
“Successfully securing the software supply chain at the speed of business is a team sport, requiring efficient, cross-team collaboration for timely security incident remediation,” said Shlomi Ben Haim, co-founder and CEO of JFrog. “Our integration with ServiceNow aims to change the relationship between developers and the rest of the business, so they can maintain the speed and frequency of releases, while avoiding downtime and loss of trust from end customers.”
More information can be found in the blog post.