- As part of the integration process, JFrog will triple the size of its security experts team – including engineering, marketing, and sales
- Many of today’s DevOps solutions are missing proper security capabilities that are fully integrated into the software lifecycle
JFrog Ltd has announced that that it has entered into a definitive agreement to acquire Vdoo Connected Trust Ltd. in a cash and stock-based deal valued at approximately $300 million. As part of the integration process, JFrog will triple the size of its security experts team – including engineering, marketing, and sales – with employees that will be located in Israel, Germany, Japan and North America
As part of the JFrog Platform, Vdoo will accelerate JFrog’s vision of becoming the company behind all software updates and creating a world of Liquid Software by expanding its end-to-end DevOps Platform offering, providing holistic security from the development environment all the way to edges, IoT and devices. They said that Vdoo’s security experts and vulnerability researchers will join the JFrog team to continue to develop advanced security solutions for developers and security engineers. With years of extensive experience in software architecture and vulnerability research, reverse engineering, and binary code analysis, Vdoo’s team and JFrog will seek to deliver a complete DevSecOps solution to secure the full software packages lifecycle.
Shlomi Ben Haim, co-founder and CEO of JFrog said, “We are excited to have Vdoo join the JFrog family.It is clear to us that the joint vision of changing the way software is being created, released, and updated to the edge will be our compass as we offer the market a binary-focused solution to secure their organization’s software assets. This move will amplify JFrog’s current success with our security solution, JFrog Xray, and create the expectation that ‘fearless releases’ will be the experience for both Security and Development teams.”
Many of today’s DevOps solutions are missing proper security capabilities that are fully integrated into the software lifecycle. Security tools are disparate, each with its own data set, which creates friction between development and security teams, slowing the releases of software updates – especially when continuously delivering to the edge or across a large fleet of devices. As a result, many of these security tools are not delivering on the promise of fast, automated, and secure releases.
The market demands a holistic process that secures software components all the way to the edge, consolidates security data for efficient decision-making, saves time and resources, and blesses an end-to-end delivery system with the highest integrity for security-certified releases — from any source to any endpoint.
As part of the integration process, JFrog will triple the size of its security experts team – including engineering, marketing, and sales – with employees that will be located in Israel, Germany, Japan and North America.
“We are excited to have Vdoo join the JFrog family.It is clear to us that the joint vision of changing the way software is being created, released, and updated to the edge will be our compass as we offer the market a binary-focused solution to secure their organization’s software assets. This move will amplify JFrog’s current success with our security solution, JFrog Xray, and create the expectation that ‘fearless releases’ will be the experience for both Security and Development teams.”
Vdoo’s technology for analyzing and securing software packages will fuel JFrog’s security and runtime technology expansion, with the anticipated following benefits to JFrog customers, security engineers and the developer community like saving resources with improved efficiency and high accuracy: Contextual threat analysis with advanced algorithmic applicability scanning that prioritizes critical security gaps across multiple vectors. It comes with the ability to automatically detect zero-day new vulnerabilities, malware, exploits, backdoors, supply chain risks, and other threats before they become public and actionable mitigation recommendations across multiple attack vectors cut to the bottom line, avoiding teams’ “alert-fatigue” and noise when having to sift through thousands of possible vulnerabilities.
It also has IoT and Embedded device security with extended security to embedded software on devices/IoT, along with firmware scanning and uniquely identifying vulnerabilities in compiled C/C++ application components and detecting configuration risks and implementation gaps (over 400 types of tests). Runtime protection for embedded devices: Alerting and blocking exploitation attempts in real-time and deeper, research-based coverage: Identify known and unknown security risks and improved prioritisation and mitigation capabilities and matching any security risk found to more than 40 (to date) different security standards and regulations
Business continuity and streamlined migration to the joint offering
In 2021, JFrog will expand JFrog Xray vulnerability detection to include Vdoo’s extensive data and improved scanning across multiple dimensions, including configuration and applicability scanning. JFrog expects to fully integrate Vdoo’s technology into its DevOps platform to provide an industry-leading, all-in-one, continuous, holistic secured platform in 2022.
In the immediate term, Vdoo’s SaaS product will remain in operation, with new development of features and functions focusing on the JFrog Platform solution. Following the completion of the acquisition, JFrog and Vdoo will work with customers to ensure business continuity and streamlined migration to the joint offering.
