JFrog Xray is a universal binary analysis product that works with JFrog Artifactory to analyze software components, and reveal a variety of issues at any stage of the software application lifecycle. By scanning binary components and their metadata, recursively going through dependencies at any level, JFrog Xray provides unprecedented visibility into issues lurking in components anywhere in your organization. Xray’s interface with Artifactory gives it the exclusive advantage of combining any number of data feeds with the exhaustive metadata stored within Artifactory to detect different issues without needing access to source code. JFrog Xray is also fully automated through a rich REST API that lets it integrate with a CI/CD pipeline and allows other binary analysis tools to build on its unique capabilities.
JFrog Xray is the only product that takes a dual approach to protecting you against issues using a unique combination of:
Deep Recursive Scanning
JFrog Xray recursively scans components in your system, recursively drilling down to analyze even the smallest binary component that affects your software.
Continuous Impact Analysis
JFrog Xray continuously scans and analyzes existing components, even those long since deployed to production, and provides alerts and notifications for just-discovered vulnerabilities.
Custom API-Driven Automation
Through an open REST API, JFrog Xray lets you define a custom regimen of automated analysis for all components in your system.
The Xray-Artifactory Edge
As a complementary product to JFrog Artifactory, JFrog Xray has access to the wealth of metadata Artifactory stores which, combined with deep recursive scanning, puts Xray in a unique position to analyze the relationships between binary artifacts and provide radical transparency into your component architecture to reveal the impact that a vulnerability in one component has on any other.
The Xray User Guide is available for download in PDF format. Click this link to download the latest version:
Note that the online version may be more up-to-date.