Software composition analysis for vulnerabilities, licenses, and supply-chain risk.
JFrog Xray provides deep recursive scanning to identify security vulnerabilities, license compliance issues, and operational risks in open-source dependencies, binaries, and ML models. It integrates with CI/CD pipelines and artifact repositories to ensure continuous security and compliance from development to runtime.
Scans all components, dependencies, and binaries recursively to detect vulnerabilities and license compliance issues throughout the software supply chain.
Extends scanning capabilities to machine learning models to identify vulnerabilities, malicious models, license issues, and operational risks.
Integrates natively with popular CI/CD systems like Jenkins and GitHub Actions to automate security scanning within development pipelines.
Supports scalable user and group management with SSO, SAML, SCIM, and granular RBAC permissions for secure platform-wide access control.
Enables syncing and replication of artifacts across multiple sites with one-way and bi-directional replication for distributed development environments.
Allows users to define and run automated repository cleanup policies that are logged and auditable to maintain repository hygiene.
Provides seamless integration and synchronization of roles, projects, security results, and artifact details across JFrog and GitHub platforms.
Optional integration with JFrog Advanced Security for contextual vulnerability remediation, secret detection, runtime security, and IaC scanning.
Connect JFrog Xray to your JFrog Artifactory or other supported artifact repositories to enable scanning of stored components.
Define security and license compliance policies that specify which vulnerabilities or licenses should trigger alerts or block builds.
Integrate Xray scanning into your CI/CD pipelines using native plugins or APIs to automate scanning during build and deployment.
Review vulnerability and compliance reports generated by Xray to identify and prioritize remediation efforts.
Configure automated cleanup policies to maintain repository hygiene by removing outdated or non-compliant artifacts.
Pricing details are gathered from the official JFrog Xray website and are provided for reference only. Always confirm the latest information directly with the vendor.
| Plan | Price | Highlights |
|---|---|---|
| Pro | $150 | 25 GB base consumption
|
| Enterprise X | Starting at $950 | Everything in Pro
|
| Enterprise + | Custom Pricing | Everything in Enterprise X
|
Explore tools grouped by use case so you can keep researching without losing momentum.
Compare other vetted products our editors see buyers evaluate alongside JFrog Xray.
