Monday 06 July 2026 21:55:05 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Artifact

A built software package such as a JAR, container image, or release file.

An artifact is a built software package ready for deployment or distribution, such as a JAR file, container image, or release archive. In Java ecosystems, the artifact is what actually runs in production, not the source code in version control. Its exact version, build hash, and signing status determine what code is exposed to users.

Artifact tracking matters in cyber security because attackers often target the software that is truly deployed, while defenders may only review declared dependencies or source branches. A vulnerable library buried in a transitive dependency, or an old container image still running in a cluster, can leave systems exposed even after developers believe they have patched the project. Good defense means inventorying artifacts, comparing live versions with fixed releases, validating rebuilds, and confirming that images and packages were signed and replaced everywhere they run.

← WIKICROOK index