Apr 9
Loading video player...
This video features Brett Smith, a distinguished software developer at SAS Institute, discussing how the company secures its software production pipelines for its flagship AI and machine learning platform, SAS Viya 4. SAS initially utilized JFrog Artifactory for managing Java-based Maven and Ivy artifacts. To address the increasing need for robust security and compliance with global regulations, the company expanded its partnership with JFrog by integrating additional security tools to protect their delivery pipelines. The implementation of JFrog Curation, Advanced Security, and Xray has enabled SAS to shift security "left," empowering developers to perform scans directly within their IDEs. Curation acts as a firewall to keep malicious packages out of the pipeline, while X-ray provides critical SCA scanning for builds and customer delivery. These tools are essential for meeting stringent cybersecurity regulations and self-attestation requirements in the United States, European Union, Australia, and the Asian Pacific Rim. ⏰ Timestamps: 0:00 - 0:36 – Intro to SAS and SAS Viya 4 0:36 - 1:12 – JFrog partnership and initial relationship 1:13 - 1:59 – Importance of security and global regulations 2:00 - 2:42 – Shift left security with JFrog Curation & Advanced Security 2:43 - 3:18 – Summary of JFrog security suite