New JFrog Platform MCP connections with GitHub Copilot deliver autonomous security resolution capabilities directly into developer workflows
 JFrog Ltd (Nasdaq: FROG), the Liquid Software company and creators of the award-winning JFrog Software Supply Chain Platform, today announced a new set of AI agent-based capabilities to automate software vulnerability remediation. JFrog’s new agentic remediation capabilities help developers identify and automatically fix vulnerabilities as they code. The unique combination of JFrog’s research-based contextual analysis and policy-driven auto-remediation across enterprise applications aims to inoculate codebases in the AI era.
“We want to help developers shift from reactive security to proactive, continuous vulnerability management and autonomous remediation, wherein security is no longer an afterthought, it’s an integral, agentic-coding problem solver,” said Asaf Karas, CTO, JFrog Security. “Our advanced security research insights coupled with our GitHub Copilot integration help teams automate vital safeguards like fixing CVEs and curating safe packages. This allows users to innovate with confidence, while reducing risk, and accelerating secure software delivery.”
Developer Intelligence with Agentic Security Remediation
By combining the power of JFrog’s Software Supply Chain Security with the GitHub integration, organizations enjoy streamlined, fast and trusted remediation that ensures they can:
- Safeguard against unsafe packages: JFrog Curation and Catalog, powered by AI agents via JFrog’s MCP server, enables developers to select secure, policy-compliant open-source packages, avoiding failed builds, boosting developer productivity, and reducing risk.
- Flag and fix vulnerable code automatically: JFrog flags insecure code directly in the IDE, and with agentic remediation powered by MCP server connections to GitHub Copilot, developers receive conversational, contextual suggested fixes inline.
- Immunize code for future development using context-aware insights: Developers can quickly tap into JFrog Security Research expertise when vulnerabilities are flagged in dependencies to determine the threat level based on their environment. Because fixes are generated in the context of the organization’s security and governance policies, Copilot not only patches the issue, but also immunizes their software from future use of the same infected code.
Uniting JFrog’s Curation and Catalog capabilities with its deep security research, MCP-based platform connectivity, and GitHub integration with Copilot AI assistant, transforms how developers address vulnerabilities: not just finding them, but fixing them instantly and continuously as part of a self-healing software supply chain.
JFrog’s new agentic remediation capabilities are available immediately as part of JFrog Ultimate or Unified security bundles. For more information on agentic remediation and its benefits read this blog.
Also read:Â Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
