JFrog Acquires Qwak to Strengthen MLOps, DevOps Integration

$230 Million Acquisition of Qwak Enhances Model Deployment and Security Features
JFrog Acquires Qwak to Strengthen MLOps, DevOps Integration

JFrog plans to purchase a startup led by a former Payoneer executive to address the integration issues associated with deploying machine learning models in production.

See Also: SBOM and Connected Device Security

The Silicon Valley-based software supply chain firm said its proposed buy of New York-based Qwak will boost JFrog's DevSecOps platform with comprehensive machine learning capabilities. Bringing JFrog and Qwak together will give organizations a seamless pipeline from development to production, ensuring models are accurately deployed and managed alongside other software assets, said CTO Yoav Landman.

"The biggest problems with machine learning development is how you get the model to production," Landman told Information Security Media Group. "It's really easy to complete the first stage - developing the model and making sure that it's accurate and it's making good predictions. But then you need the collaboration of DevOps in order to have that integrated with the rest of the application."

Qwak, founded in 2020, received $12 million in financing from Bessemer Venture Partners in March 2023, and employs 86 people, up 65% from 54 staffers a year ago, according to LinkedIn. The company has been led since its inception by Alon Lev, who previously spent six and a half years at Payoneer, culminating in a role in which he spearheaded data science, ML engineering, data engineering and analytics (see: Sonatype, Snyk, Synopsys Top SW Comp Analysis Forrester Wave).

What Qwak Brings to the Table

Buying Qwak for $230 million will bring advanced model versioning, dependency management and security scanning features into JFrog's DevOps ecosystem, Landman said. Adding Qwak's technology will help JFrog maintain security and compliance by scanning models for malicious activity, managing license issues and providing a unified platform that manages all aspects of the software and model life cycle.

"The data that you're using to train the model on and also to analyze your predictions is like any that's input for an application," Landman said. "If it changes, it changes the output of the application, and it changes the quality of your application. So you need to version it. You need to make sure that you only consume it from that resource."

The combined platform will also focus on enhancing the development of large language models and generative AI, which Landman said reflects the growing demand and complexity in the field. By ensuring end-to-end visibility and control over machine learning assets, Landman said, JFrog aims to facilitate a more integrated and secure approach to modern software development.

Qwak provides a pipeline for deploying machine learning models into production, while JFrog's platform manages all related assets, ensuring end-to-end visibility and control. JFrog's platform offers visibility into the life cycle of machine learning models from development to runtime, which he said is crucial for managing the security and performance of models in production.

"They have a very powerful yet very simple way to take the model and bring it to production," Landman said, "and we're providing the platform for managing all the assets."

How to Secure Machine Learning Models

Integrating Qwak with DevOps practices will allow for better collaboration between machine learning models and application development, facilitating easier deployment and management of models in production environments. JFrog also integrates with other prominent machine learning tools such as Amazon SageMaker, MLflow and Databricks, enhancing its versatility and utility in various ML environments.

Landman said both JFrog and Qwak emphasize versioning and managing all dependencies, ensuring reproducibility and consistency in model deployment. The rise of generative AI significantly affected both the development and deployment of machine learning models, and Landman said Qwak's platform successfully addresses the complexities introduced by generative AI.

"Part of the value that JFrog is providing is about being able to make sure that the model you're developing is reproducible," Landman said, "and Qwak has the same notion that they call 'model as a package.'"

Although Qwak is a smaller company, Landman said, its customer base overlaps significantly with JFrog's, which includes 95% of the Fortune 10 and 70% of the Fortune 100. Once the deal closes, JFrog customers will benefit from Qwak's ability to scan models and datasets for malicious activities, ensure compliance with licensing and data use policies, and incorporate new features for generative AI development.

Specifically, Landman said, Qwak's Feature Store service allows for the aggregation and analysis of data used in model training and predictions, ensuring only trusted data sources are utilized and enhancing the overall quality and security of models. He said there's strong customer demand for mature machine learning practices, and Qwak will simplify the development, deployment and management of ML models.

"A very natural way for the platform to integrate together is being able to provide this great visibility and management between MLOps and DevOps," Landman said. "We see that as a marriage of platforms."


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.