Highlights 

  • Shadow AI Detection enables oversight of unmanaged AI models and API usage. 
  • Centralized governance helps enforce compliance across all AI assets. 
  • Feature supports tracking AI utilization to meet global regulatory standards. 

JFrog Ltd. (NASDAQ:FROG) has expanded its AI governance capabilities within the JFrog Software Supply Chain Platform with the introduction of Shadow AI Detection. Announced at JFrog swampUP Europe, this new feature provides enterprises with visibility and control over AI models and APIs, addressing risks associated with Shadow AI—unmonitored AI integration that can expose organizations to compliance and security vulnerabilities. 

Yuval Fernbach, VP and CTO of JFrog ML, commented, “Recognizing and mitigating the risks of shadow AI is becoming a critical priority for CIOs and CISOs who must strike a balance between innovating while maintaining security. Organizations should follow proven software development practices by creating developer-friendly workflows with strong security and robust governance. The addition of Shadow AI Detection capabilities is intended to strengthen JFrog’s leadership in securing the AI supply chain 360-degrees, helping companies utilize AI safely and responsibly.” 

Governance and Risk Oversight 

The Shadow AI Detection functionality automatically discovers, and inventories internal AI models and external API gateways used across an organization. Once identified, these assets can be centrally managed, allowing enterprises to: 

  • Apply security and compliance policies across all AI models and APIs. 
  • Establish approved pathways for accessing third-party AI services with fully auditable interactions. 
  • Monitor usage of external AI models and APIs, including services from OpenAI and Gemini. 

This capability addresses risks stemming from ungoverned AI integration, which can lead to data breaches, compliance issues, or software supply chain threats. 

Regulatory Compliance and Industry Frameworks 

JFrog’s AI governance solutions help enterprises comply with emerging regulations, including the US Transparency in Frontier AI Act, EU Cyber Resilience Act, EU AI Act, Germany’s BSI Guidelines, and NIS2. These frameworks focus on: 

  • Ensuring responsible AI development and deployment. 
  • Implementing comprehensive risk management and reporting standards. 
  • Providing visibility into software supply chain components. 
  • Securing AI systems from design to deployment. 

Availability 

Shadow AI Detection will be offered as part of the JFrog AI Catalog, with general availability planned for 2025. The platform enables centralized governance of AI models and APIs, allowing organizations to monitor, control, and secure their AI supply chains effectively. 

About JFrog 

JFrog Ltd. (NASDAQ:FROG) provides a unified DevOps, DevSecOps, and MLOps platform that helps organizations build, manage, and distribute software securely. Its Liquid Software vision ensures software delivery is traceable, tamper-proof, and accessible across cloud and self-hosted environments