NAPA, Calif. — A new persona in software development, artificial intelligence (AI) agents rather than human developers, has made it imperative that foundational platforms incorporate agentic practices alongside security, traceability, and visibility to succeed in the AI era.
“Every foundational platform requires a single system of record,” Ben Haim told the crowd. “If you don’t have that, you don’t have an anchor to build a platform around,” JFrog CEO Shlomi Ben Haim said in the opening keynote at swampUP 2025, the company’s annual conference here.
Speaking to developers and IT professionals, Ben Haim highlighted what he called “AI FOMO,” noting that 40% of CIOs are increasing their budgets because of board-level pressure around AI adoption, according to Gartner. When he asked attendees to raise their hands if they already had AI embedded in their software supply chains, nearly everyone responded affirmatively. “If you don’t, you can leave the room,” he said to laughter.
Ben Haim called JFrog “the system of record for your software supply chain” amid daily attacks on software infrastructure.
To that end, JFrog unleashed a slew of announcements Tuesday. It launched JFrog Fly, a DevOps platform that simplifies AI agent integration for application developers working at scale. Built on Anthropic’s Model Context Protocol (MCP), Fly connects with popular development tools including Cursor, GitHub Copilot, and Claude Code, allowing DevOps teams to centrally manage software components through semantic metadata while optimizing release deployments and integrating with package managers and GitHub repositories.
Yoav Landman, chief technology officer and co-founder at JFrog, addressed the “liquid software” climate in which “latest is king.”
“This has made a handful of questions harder to answer, including what makes up a release? And how do I track it?” asked Landman, who believes one key is a system of record that manages agentic releases.
The company has introduced AI agents that automatically remediate software vulnerabilities by applying real-time policy analytics during code development. Alongside this, JFrog launched its AppTrust platform, which serves as a unified hub for governance, risk management, and compliance (GRC) teams. Supporting this ecosystem, JFrog has established the Evidence Ecosystem through AppTrust partnerships with GitHub, ServiceNow, SonarQube, Akuity, Akto, Coguard, Dagger, Nightvision, Shipyard, and Troj.ai.
Additionally, JFrog overhauled its AI model catalog with a new Secure Model Registry that enables governance policy enforcement and cost tracking across multiple models.
“The pressure and forces from the top and boards has prompted companies to consider how do you use the leverage? And that has put pressure on the bottom for users,” Fred Simon, chief data scientist and co-founder of JFrog, said in an interview.
“But do I see a slowdown in the order of magnitude of speed and complexity? No,” he added.
“No one wants to be left behind and be the Blockbuster of this technology era,” Guy Levi, architects lead at JFrog, said in an interview.
Following his introductory remarks, Ben Haim was joined onstage by several executives whose companies partner with JFrog.
Sonar CEO Tariq Shaukat predicted that while much will change with AI adoption, core principles will remain constant. “It’s never been about how fast developers type on a keyboard,” Shaukat said, advocating a “trust, but verify” approach to AI-generated code. “We’re helping with that verification step as software is being written,” he said.
“Trust, but verify, or ‘Vibe then verify.’ We’re helping with that verification step as software is being written,” Shaukat added.
Rahul Tripathi, who leads ServiceNow’s IT Service Management business, emphasized the tension between speed and security in running large DevOps teams. “Nobody wants to receive a notification that our software was breached,” he said. “It’s about getting IT Ops moving at the speed of DevOps.”
Yet there are two classes of companies, he said — those willing to take risks and those slow-playing AI, he said in an interview late Tuesday.
Justin Boitano, vice president of enterprise AI at NVIDIA, said his company’s approach to scaling AI development, revealing that CEO Jensen Huang had challenged the team to double chip production, which could only be achieved by “infusing AI across our lifecycles.” Boitano noted that performance-optimized models can achieve double or triple token efficiency improvements.
When Ben Haim asked whether AI would replace human developers, Boitano downplayed the concern. “I think that’s over-hyped,” he said. “We see it as improving productivity across the board.”
The discussion underscored the industry’s focus on balancing AI adoption with governance and security concerns as organizations navigate the rapidly evolving technological landscape.
