The cost of remediating a vulnerability is akin to the cost of fixing a bug. The earlier you remediate a vulnerability in the release cycle, the lower the cost.
JFrog Xray is instrumental in flagging components when vulnerabilities are discovered in production systems at runtime, and also, through integration to CI systems like Jenkins CI and TeamCity at build time. The IDE integration completes the CI/CD process, by bringing Xray's issue discovery one step earlier, to development time.
Current support includes:
npm, Pypi, Go