Shifting security left involves preventing the use of vulnerable software components in the development process as early as possible, thereby reducing remediation costs. JFrog enables this by allowing organizations to curate open-source software (OSS) components through a DevSecOps practice, where developers source approved packages from an internal proxy repository curated by the security team, rather than directly from public repositories like Maven Central or Docker Hub. JFrog's platform facilitates the creation of a front-end DMZ for these components, which acts as a trusted catalog and is managed by the security team. This DMZ utilizes JFrog Xray to continuously scan and identify vulnerabilities, automatically blocking any risky packages. It can be hosted in any cloud, offering flexibility and minimal security requirements. The curated components ensure secure and efficient software delivery, as on-prem production systems can access these trusted resources, preventing unapproved OSS components from entering production builds. This approach not only isolates production environments from untrusted networks but also protects against malicious attacks, providing a cloud-nimble solution that interconnects various JFrog deployments.