Avatar of tutulbuet
Needs advice
on
GitHubGitHub
and
JFrog ArtifactoryJFrog Artifactory

Whenever Qualys scan finds out software vulnerability, say for example Java SDK or any software version that has a potential vulnerability, we search the web to find out the solution and usually install a later version or patch downloading from the web. The problem is, as we are downloading it from web and there are a number of servers where we patch and as an ultimate outcome different people downloads different version and so forth. So I want to create a repository for such binaries so that we use the same patch for all servers.

When I was thinking about the repo, obviously first thought came as GitHub.. But then I realized, it is for code version control and collaboration, not for the packaged software. The other option I am thinking is JFrog Artifactory which stores the binaries and the package software.

What is your recommendation?

READ MORE
6 upvotes·254.2K views