Starting at $98 per month
View Pricing Overview
What is JFrog Security (Xray)?
JFrog Security Essentials / Xray SCA can be used to discover and eliminate unwanted or unexpected packages, using JFrog’s database of identified malicious packages. It is presented as a DevOps-centric SCA solution for identifying and resolving security vulnerabilities and license…
Recent Reviews
Leaving a review helps other professionals like you evaluate Software Composition Analysis (SCA) Tools
Be the first one in your network to review JFrog Security (Xray), and make your voice heard!
Get StartedPricing
Pro Team
$98
Cloud
per month
Enterprise
$699
Cloud
per month
Free
Free
Cloud
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Product Demos
JFrog Xray: Creating License Policy
YouTube
JFrog Xray: Creating a Security Policy
YouTube
[Screencast] JFrog Xray: Securing your Builds and Artifact Downloads
YouTube
Product Details
- About
- Tech Details
What is JFrog Security (Xray)?
JFrog Security Essentials / Xray SCA can be used to discover and eliminate unwanted or unexpected packages, using JFrog’s database of identified malicious packages. The database is sourced with thousands of packages identified by our research team in common repositories alongside continuously-aggregated malicious package information from global sources. The solution is presented as a DevOps-centric SCA solution for identifying and resolving security vulnerabilities and license compliance issues in open source dependencies.
The solution can be used to continuously analyze software in its production context with end-to-end scanning from source code to binaries to help safeguard modern, always-evolving software artifacts. Binaries are what get attacked across the software supply chain, so scanning binaries and images (“binaries of binaries”) ensures it exposes and fortifies against blind spots not discovered by source code analysis alone.
Features available are determined by service tier:
The solution can be used to continuously analyze software in its production context with end-to-end scanning from source code to binaries to help safeguard modern, always-evolving software artifacts. Binaries are what get attacked across the software supply chain, so scanning binaries and images (“binaries of binaries”) ensures it exposes and fortifies against blind spots not discovered by source code analysis alone.
Features available are determined by service tier:
Security Essentials (Xray)
- Open Source Vulnerability Scanning
- Container Scanning
- ML Model Scanning
- SBOM Build and Exports
- Premium Vulnerability Database
- Open Source License Compliance
Advanced Security
- Contextual Security Analysis
- Leaked Secrets Detection
- Code Security Scanning (SAST)
- IaC Security
- Insecure Configuration Protection
- Includes Base Package of Contributing Developers
JFrog Security (Xray) Technical Details
Deployment Types | Software as a Service (SaaS), Cloud, or Web-Based |
---|---|
Operating Systems | Unspecified |
Mobile Application | No |