artifactory
Safeguard articles tagged "artifactory" — guides, analysis, and best practices for software supply chain and application security.
8 articles
JFrog Curation 2026: Time-Based Waivers and On-Demand Policies
JFrog Curation shipped time-bound waivers, on-demand policy application, group-based scope, and ChainGuard hardened-Maven support in 2026. We tested the upgrade on an Artifactory estate.
JFrog Xray Deployment Blueprint 2026
A pragmatic blueprint for deploying JFrog Xray in 2026: indexing strategy, watch policies, build promotion gates, and the operational pitfalls to avoid.
Artifactory vs Nexus for Enterprise in 2025
JFrog Artifactory and Sonatype Nexus both remain viable enterprise artifact repositories in 2025. A head-to-head on scale, security, and the decision factors that actually matter.
Choosing a Private Package Registry in 2025
A 2025 buyer's guide comparing JFrog Artifactory, Sonatype Nexus, GitHub Packages, Google Artifact Registry, and Cloudsmith on ecosystems, policy, and TCO.
JFrog Artifactory Hardening Guide
Artifactory is the most common artifact repository in enterprise. It is also a default-permissive system where misconfigurations compound. A concrete hardening guide.
Package Registry Mirroring: Security Benefits and Hidden Risks
Mirroring npm, PyPI, or Maven Central locally reduces dependency on external infrastructure. But mirrors introduce their own security considerations that most teams overlook.
JFrog Xray: Vulnerability Scanning Built Into Your Artifact Pipeline
A review of JFrog Xray for vulnerability scanning and license compliance, covering its deep integration with Artifactory, impact analysis, and binary-level scanning.
Artifactory Security Best Practices for Enterprise Teams
JFrog Artifactory is a universal artifact manager. Getting its security right requires understanding its permission model, Xray integration, and access token management.