Data security is of utmost importance to JFrog Connect. We invest heavily in securing our infrastructure in close partnership with world-class security experts.
At JFrog Connect, we take the privacy, security and integrity of your data seriously. We adhere to industry standards and comply with relevant security and safety regulations to ensure the security of your data. We are also dedicated to enabling you to comply with your own internal security policies.
To provide the best user experience, we only engage top-tier vendors dedicated to privacy and security values and standards, including the largest cloud hosts and service providers in the market. Our vendors apply various controls to secure data including the use of secured data centers and compliance with the strictest certifications and accreditations.
Connect servers, databases, storage and cloud environment are all based on AWS products with AES-256 encryption and live zone fallback. combined with an extra layer of security: a separate isolated Amazon Virtual Private Cloud (Amazon VPC ).
Connect edge Agent is based on client-server architecture, with no open ports or running servers on the edge device, to ensure zero-surface for attackers.
Connect uses OAuth 2—An authorization standard that provides secure access to resources of the end-user. It specifies a process allowing third-party access to resources, but without the end-user having to share their credentials. This is commonly used to log into applications using Google, Twitter, and Facebook accounts.
Connect provides Two-factor authentication - an extra layer of security for your Connect account designed to ensure that you're the only person who can access your account, even if someone knows your password.