-

JFrog and DCI Enable Canadian Public Sector Organizations to Rapidly Respond to Evolving Software Transparency Standards

JFrog Platform now listed in the Government of Canada's Software Licensing Supply Arrangement (SLSA), giving federal agencies a streamlined path to procure trusted software artifact management and AI governance capabilities.

SUNNYVALE, Calif. & OTTAWA, Ontario--(BUSINESS WIRE)--JFrog Ltd., the Liquid Software company and creators of the JFrog Software Supply Chain Platform, the system of record for trusted software artifacts, binaries, and AI assets, today announced that its platform is now available for procurement through the Government of Canada’s Software Licensing Supply Arrangement (SLSA) Catalogue via Data Centre Intelligence (DCI), an Ottawa-based partner with deep public sector experience. JFrog’s listing gives federal departments and Crown corporation buyers an approved, trusted route to acquire the JFrog Platform at a critical moment when software supply chain attacks are accelerating, AI-generated code is introducing new categories of risk, and Canadian government organizations face growing expectations around software transparency, governance, and software supply chain security.

“We are excited about the partnership with DCI, which brings over a decade of experience helping the Canadian government adopt cutting-edge technologies.” - Rafael Santiago, SVP Global Sales, JFrog

Share

“With software supply chain security and governance becoming an increasing focus for federal departments navigating AI adoption, SBOM requirements, and automated decision-making directives, this listing puts the JFrog Platform on the approved path for the teams that need it most,” said Rafael Santiago, SVP Global Sales, JFrog. “We are excited about the partnership with DCI, which brings over a decade of experience helping the Canadian government adopt cutting-edge technologies.”

According to JFrog’s 2026 Software Supply Chain Security State of the Union report, over 48,000 new CVEs were disclosed in 2025 – a 20% year-over-year increase partially driven by AI-generated code. For government organizations responsible for critical infrastructure and citizen-facing services, the ability to continuously scan, govern, and prove the integrity of every software component is no longer optional. DCI’s established relationships across federal departments, and its fluency in the Government of Canada’s procurement processes, gives buyers a knowledgeable, locally grounded path to evaluate, acquire, and adopt the JFrog Platform through the SLSA Catalogue.

Why Now: Canada’s Software Governance Moment

Canadian federal departments are facing a convergence of new requirements that make software supply chain security and governance increasingly important, including:

  • AI Governance: The federal government’s AI Strategy for 2025 - 2027 sets expectations for responsible deployment, transparency, and safeguards across every department using AI tools – including governance over the software supply chains those tools produce.
  • SBOM Transparency: In September 2025, the Canadian Centre for Cyber Security (CCCS) joined CISA and 19 international partners in publishing A Shared Vision for the Software Bill of Materials for Cybersecurity – guidance encouraging organizations to adopt SBOMs as a foundation for understanding, securing, and managing software risk.
  • Automated Decision-Making Compliance: The Treasury Board’s amended Directive on Automated Decision-Making requires federal institutions to comply by June 2026 – demonstrating governance over the automated systems, and the software supply chains behind them, that power public services.
  • Procurement Efficiency: The SLSA Catalogue listing means JFrog is available through PSPC's Software Licensing Supply Arrangement with pre-negotiated terms and pricing ceilings in place – streamlining acquisition and shortening the path from decision to deployment compared with full procurement cycles.

"Technology alone doesn't solve government challenges – it takes the right partner to help organizations bridge the gap between evolving cybersecurity priorities and practical implementation," said Adam DaCosta, President of Data Centre Intelligence. "Making the JFrog Platform available through the Government of Canada's Software Licensing Supply Arrangement gives departments a straightforward way to evaluate, procure, and implement a trusted solution while working with a partner that understands both government technology priorities and public sector procurement."

Delivering a System of Record for Government Organizations

The JFrog Software Supply Chain Platform gives departments a single source of truth for every binary they build, secure, and release. It can also be deployed on-premises / self-managed, on the cloud, or in hybrid environments to meet the security requirements of Canada’s most sensitive networks. Key components include:

  • JFrog Artifactory - the Single Source of Truth: The authoritative repository for all binaries, dependencies, and build artifacts across the software delivery lifecycle. Provides enterprise-grade binary artifact management that meets stringent government security standards, with deployment flexibility for self-hosted cloud environments to support sovereignty and compliance requirements.
  • JFrog Xray – Automated Security Scanning: Delivers open-source binary vulnerability and license compliance scanning with deep visibility into all underlying layers and dependencies of binaries and container images. Enables government organizations to find, fix, and fortify software artifacts while maintaining continuous security posture across the software supply chain.
  • JFrog Curation – Proactive Software Supply Chain Defense: Designed to stop risky open-source components at ingestion and guides developers to pre-vetted, compliant package versions – essential for organizations facing increased scrutiny over software supply chain security and needing to demonstrate control over what enters their development environments.
  • JFrog AI Catalog and MCP Registry – AI Asset Governance: Extends proven software supply chain security controls to AI models and agent-based development assets. As government organizations adopt AI-generated code, this provides the visibility and trust layer needed to ensure only approved AI components enter production environments.
  • JFrog AppTrust – Verifiable Compliance and Policy Enforcement: Replaces manual approvals and disconnected evidence trails with immutable evidence and automated policy gates across the entire software supply chain. Enables security and compliance teams to demonstrate continuous policy enforcement with auditable proof – critical for government organizations facing demanding security audits.
  • SBOM Evidence – Transparency and Accountability: Provides detailed Software Bills of Materials showing all components that make up software releases, with enhanced VEX support aligned to CycloneDX and SPDX 3.0 standards. Delivers the verifiable documentation trail government auditors and regulators require to confirm that vulnerabilities were assessed, risk decisions were documented, and compliance obligations were met.

Canadian public sector organizations can learn how to procure the JFrog Software Supply Chain Platform on the SLSA Catalogue by connecting with DCI on the JFrog Partner Finder. For more on how JFrog helps government organizations meet SBOM, security, and AI governance requirements, visit https://jfrog.com/.

Like this Story? Share this on X: The @JFrog Software Supply Chain Platform is now available on Canada’s SLSA Catalogue through @DataCentreIntel. As Canadian federal departments face new guidelines for #SBOMs, #AI governance, software #security and transparency, JFrog gives them a reliable system of record for every binary from dev to production. Learn more: https://bit.ly/4y53jdH #SoftwareSupplyChain #DevSecOps #DevGovOps #cybersecurity

About JFrog

JFrog Ltd., the creators of the unified DevOps, DevSecOps, DevGovOps and MLOps platform, is on a mission to create a world of software delivered without friction from development to production. Driven by a “Liquid Software” vision, the JFrog Platform is a software supply chain system of record that is designed to power organizations as they build, manage, and distribute secure software with speed and scale. Holistic security features help identify, protect, and remediate against threats and vulnerabilities. The universal, hybrid, multi-cloud JFrog Platform is available as both SaaS services across major cloud service providers and self-hosted. Millions of users and approximately 6,600 organizations worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely embrace digital transformation in the AI era. Learn more at https://jfrog.com/ or follow us on X @JFrog.

About DCI (Data Centre Intelligence)

Established in 2012 and located in Ottawa, Ontario, Data Centre Intelligence (DCI) is a Canadian organization bringing more than 80 years of collective government technology and sales experience to our engagements, specializing in public sector government solutions, procurement strategies, and sales. Our customers rely on us to develop strategic procurement methodologies, design and deliver technical outcomes and connect them to government resources and initiatives to drive their success.

Contacts

Media Contact:
Siobhan Lyons, Director, Global Communications, siobhanL@jfrog.com

Investor Contact:
Jeff Schreiner, VP of Investor Relations, jeffS@jfrog.com

JFrog Ltd.

NASDAQ:FROG
Details
Headquarters: Sunnyvale, California
CEO: Shlomi Ben Haim
Employees: ~1800
Organization: PUB

Release Summary
JFrog and DCI Enable Canadian Public Sector Organizations to Rapidly Respond to Evolving Software Transparency Standards
Release Versions
$Cashtags

Contacts

Media Contact:
Siobhan Lyons, Director, Global Communications, siobhanL@jfrog.com

Investor Contact:
Jeff Schreiner, VP of Investor Relations, jeffS@jfrog.com

Social Media Profiles
More News From JFrog Ltd.

JFrog Positioned as a Leader in the First Gartner® Magic Quadrant™ for Software Supply Chain Security

SUNNYVALE, Calif.--(BUSINESS WIRE)--JFrog named a leader in the first-ever Magic Quadrant for Software Supply Chain Security, placing highest on Ability to Execute amongst all vendors....

JFrog and Anthropic Bring Enterprise-Grade Software Supply Chain Governance and Security to Claude Code

SUNNYVALE, Calif.--(BUSINESS WIRE)--JFrog and Anthropic Bring Enterprise-Grade Software Supply Chain Governance and Security to Claude Code...

JFrog Announces Inclusion in Russell 3000 ® Index

SUNNYVALE, Calif.--(BUSINESS WIRE)--JFrog added to Russell 3000...
Back to Newsroom