Glossary Help Center JFrog Blog Consulting Services

Practice Lab: JFrog Security [LAB-504]

Securing the Software Supply Chain

Limited availability | See below
Cancel Apply

rate limit

Code not recognized.

About this course

This comprehensive lab series provides practical, hands-on experience in fortifying your software supply chain using the JFrog Platform. Through a combination of UI-driven analysis and automated policy enforcement, you will gain the skills necessary to identify, manage, and mitigate vulnerabilities across your entire development lifecycle.

Labs in this series:
  • Vulnerability Detection with Xray Lab: Dive into the core of software security by performing deep recursive scans on your artifacts. This lab teaches you how to use JFrog Xray to uncover hidden vulnerabilities and license compliance issues within your dependencies, ensuring only "clean" components move forward.
  • Security Policies & Watches Lab: Learn to automate governance by configuring granular security policies and watches. You will gain hands-on experience setting up automated "ignore" rules or "block" actions, allowing you to enforce compliance standards without slowing down your development velocity.
  • CI/CD Security Integration Lab: Bridge the gap between DevOps and Security. In this lab, you will integrate JFrog security scanning directly into a CI/CD pipeline using the JFrog CLI. You'll learn how to fail builds automatically when high-risk vulnerabilities are detected, shifting security "left" in your workflow.
  • Curating Secure Repositories Lab: Get practical experience managing remote repository caches. This lab focuses on using JFrog Curation to intercept malicious packages before they even enter your internal network, ensuring your developers always pull from a trusted, vetted source.
  • Auditing & Reporting Lab: Master the art of security visibility. You will learn how to generate comprehensive security reports and export data via REST APIs for external audits. This lab ensures you can provide stakeholders with clear, actionable insights into your organization's security posture.
Prerequisites:
  • Familiarity with DevOps practices and CI/CD pipelines.
  • Basic understanding of version control and software dependencies.
  • Access to a computer with internet connectivity for hands-on exercises.

About this course

This comprehensive lab series provides practical, hands-on experience in fortifying your software supply chain using the JFrog Platform. Through a combination of UI-driven analysis and automated policy enforcement, you will gain the skills necessary to identify, manage, and mitigate vulnerabilities across your entire development lifecycle.

Labs in this series:
  • Vulnerability Detection with Xray Lab: Dive into the core of software security by performing deep recursive scans on your artifacts. This lab teaches you how to use JFrog Xray to uncover hidden vulnerabilities and license compliance issues within your dependencies, ensuring only "clean" components move forward.
  • Security Policies & Watches Lab: Learn to automate governance by configuring granular security policies and watches. You will gain hands-on experience setting up automated "ignore" rules or "block" actions, allowing you to enforce compliance standards without slowing down your development velocity.
  • CI/CD Security Integration Lab: Bridge the gap between DevOps and Security. In this lab, you will integrate JFrog security scanning directly into a CI/CD pipeline using the JFrog CLI. You'll learn how to fail builds automatically when high-risk vulnerabilities are detected, shifting security "left" in your workflow.
  • Curating Secure Repositories Lab: Get practical experience managing remote repository caches. This lab focuses on using JFrog Curation to intercept malicious packages before they even enter your internal network, ensuring your developers always pull from a trusted, vetted source.
  • Auditing & Reporting Lab: Master the art of security visibility. You will learn how to generate comprehensive security reports and export data via REST APIs for external audits. This lab ensures you can provide stakeholders with clear, actionable insights into your organization's security posture.
Prerequisites:
  • Familiarity with DevOps practices and CI/CD pipelines.
  • Basic understanding of version control and software dependencies.
  • Access to a computer with internet connectivity for hands-on exercises.
Click here to read the terms of service | Featured | JFrog.com | Cookies Settings