{"id":2037071,"date":"2024-11-20T13:56:52","date_gmt":"2024-11-20T18:56:52","guid":{"rendered":"https:\/\/securityboulevard.com\/?p=2037071"},"modified":"2024-11-20T13:56:52","modified_gmt":"2024-11-20T18:56:52","slug":"securing-the-software-supply-chain-checkmarx-one-expands-its-offerings","status":"publish","type":"post","link":"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/","title":{"rendered":"Securing the Software Supply Chain: Checkmarx One Expands its Offerings"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">The software supply chain is under siege. Threat actors increasingly exploit weaknesses in code repositories, dependencies and mismanaged secrets to infiltrate and disrupt software development processes. In response, organizations are turning to robust strategies to safeguard their supply chains, including tools like SCA scanning, AI and container security, secrets detection and repository health monitoring.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Checkmarx\u2019s recent announcement about its enhanced software supply chain security solutions comes at a pivotal moment, addressing key vulnerabilities that put organizations at risk. In this article, we will explore and unpack how SBOMs, secrets detection and repository health monitoring contribute to a more secure development ecosystem.<\/span><\/p>\n<h3><b>Understanding Software Supply Chain Security<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The software supply chain encompasses all the components, processes and tools involved in developing, building and deploying software. This includes source code, open-source libraries, APIs, CI\/CD pipelines and infrastructure-as-code templates. A compromise in any part of the chain can have devastating ripple effects, leading to data breaches, malware injections, or service disruptions.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Recent attacks like SolarWinds and Log4j have highlighted the urgency of securing every link in the chain. Organizations need proactive measures to identify vulnerabilities, mitigate risks and ensure that all components are trustworthy.<\/span><\/p>\n<h3><b>The Role of SBOMs in Software Security<\/b><\/h3>\n<p><span style=\"font-weight: 400;\"><a href=\"https:\/\/securityboulevard.com\/2024\/11\/gartner-report-how-sboms-improve-security-and-compliance-in-the-software-supply-chain\/\" target=\"_blank\" rel=\"noopener\">A Software Bill of Materials<\/a> (SBOM) is like a nutrition label for software. It lists all the components \u2014 proprietary and open-source \u2014 used in an application. SBOMs are essential for identifying vulnerabilities in third-party libraries, managing licensing compliance and ensuring transparency in software composition.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By incorporating SBOM generation and analysis into its platform, Checkmarx enables organizations to:<\/span><\/p>\n<ul>\n<li><b>Track Dependencies:<\/b><span style=\"font-weight: 400;\"> Gain visibility into all third-party and open-source components.<\/span><\/li>\n<li><b>Identify Vulnerabilities:<\/b><span style=\"font-weight: 400;\"> Cross-reference components against known vulnerabilities in public databases like NVD (National Vulnerability Database).<\/span><\/li>\n<li><b>Facilitate Compliance:<\/b><span style=\"font-weight: 400;\"> Meet regulatory requirements and industry standards that mandate SBOMs, such as those outlined in the U.S. Executive Order on Cybersecurity.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">With SBOMs, organizations can better understand their software landscape, making it easier to secure and manage.<\/span><\/p>\n<h3><b>Secrets in Cybersecurity: What Are They and Why Do They Matter?<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">In cybersecurity, \u201csecrets\u201d refer to sensitive information embedded in code repositories or development environments. These can include:<\/span><\/p>\n<ul>\n<li><b>API Keys:<\/b><span style=\"font-weight: 400;\"> Used to authenticate with third-party services.<\/span><\/li>\n<li><b>Access Tokens:<\/b><span style=\"font-weight: 400;\"> Allow access to specific resources or applications.<\/span><\/li>\n<li><b>Database Credentials:<\/b><span style=\"font-weight: 400;\"> Enable applications to connect to databases.<\/span><\/li>\n<li><b>Encryption Keys:<\/b><span style=\"font-weight: 400;\"> Securely encrypt and decrypt data.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">When secrets are hardcoded into source code or stored insecurely, they can be easily exploited if exposed. A single leaked API key, for instance, could allow attackers to access critical services or exfiltrate data. Secrets detection is, therefore, a cornerstone of secure software development.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Checkmarx\u2019s advanced secrets detection tools aim to prevent these risks by scanning code, repositories and development environments for exposed secrets. The platform uses machine learning algorithms to distinguish real secrets from false positives, reducing noise and enabling faster remediation.<\/span><\/p>\n<h3><b>The Importance of Repository Health<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">A healthy repository is the foundation of secure software development. Repository health involves assessing and maintaining the integrity, security and usability of source code repositories. Neglected repositories often contain outdated dependencies, unpatched vulnerabilities and mismanaged access controls \u2014 all of which create entry points for attackers.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Checkmarx\u2019s repository health capabilities focus on:<\/span><\/p>\n<ul>\n<li><b>Dependency Management:<\/b><span style=\"font-weight: 400;\"> Identifying and addressing outdated or vulnerable dependencies.<\/span><\/li>\n<li><b>Access Control Audits:<\/b><span style=\"font-weight: 400;\"> Ensuring that only authorized personnel have access to repositories.<\/span><\/li>\n<li><b>Code Hygiene:<\/b><span style=\"font-weight: 400;\"> Highlighting practices like unused code, excessive complexity, or lack of documentation.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">By actively monitoring and improving repository health, organizations can reduce technical debt and minimize their attack surface.<\/span><\/p>\n<h3><b>Checkmarx\u2019s Comprehensive Approach to Supply Chain Security<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Checkmarx\u2019s latest enhancements address the critical areas of SBOM generation, secrets detection and repository health, creating a holistic solution for software supply chain security. The platform integrates seamlessly into existing CI\/CD pipelines, ensuring that security is built into the development lifecycle without disrupting workflows.<\/span><\/p>\n<p><b>Key Features Include:<\/b><\/p>\n<ul>\n<li><b>Advanced Secrets Detection:<\/b><span style=\"font-weight: 400;\"> Real-time scanning for exposed credentials and sensitive information.<\/span><\/li>\n<li><b>SBOM Management:<\/b><span style=\"font-weight: 400;\"> Automated generation and analysis of SBOMs to maintain a clear view of software composition.<\/span><\/li>\n<li><b>Repository Health Insights:<\/b><span style=\"font-weight: 400;\"> Continuous monitoring of repository practices and dependencies to prevent vulnerabilities.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">By combining these capabilities, Checkmarx empowers organizations to stay ahead of evolving threats and build trust in their software.<\/span><\/p>\n<h3><b>Best Practices for Securing the Software Supply Chain<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">To maximize the benefits of solutions like those offered by Checkmarx, organizations should adopt the following best practices:<\/span><\/p>\n<ol>\n<li><b>Shift Left:<\/b><span style=\"font-weight: 400;\"> Incorporate security measures early in the development process to catch vulnerabilities before deployment.<\/span><\/li>\n<li><b>Implement Secrets Management:<\/b><span style=\"font-weight: 400;\"> Use secure vaults and access control mechanisms to manage sensitive credentials.<\/span><\/li>\n<li><b>Maintain SBOMs:<\/b><span style=\"font-weight: 400;\"> Regularly update SBOMs to reflect changes in software composition and identify new vulnerabilities.<\/span><\/li>\n<li><b>Audit Dependencies:<\/b><span style=\"font-weight: 400;\"> Continuously monitor third-party components for security issues and update them promptly.<\/span><\/li>\n<li><b>Foster a Security-First Culture:<\/b><span style=\"font-weight: 400;\"> Educate developers on secure coding practices and the importance of repository hygiene.<\/span><\/li>\n<\/ol>\n<h3><b>Conclusion<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">As software supply chains grow increasingly complex, securing them has become a top priority for organizations across industries. Checkmarx\u2019s focus on SBOMs, secrets detection and repository health demonstrates a forward-thinking approach to mitigating risks and ensuring software integrity.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By leveraging these tools and adopting best practices, organizations can build resilient supply chains that withstand today\u2019s sophisticated cyberthreats. In doing so, they not only protect their own assets but also contribute to a safer, more secure digital ecosystem for everyone.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The software supply chain is under siege. Threat actors increasingly exploit weaknesses in code repositories, dependencies and mismanaged secrets to infiltrate and disrupt software development processes. In response, organizations are turning to robust strategies to safeguard their supply chains, including tools like SCA scanning, AI and container security, secrets detection and repository health monitoring. Checkmarx\u2019s..<\/p>\n","protected":false},"author":5992,"featured_media":1792073,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[21858,14097,98631,99462,99461,94019,13418],"tags":[96073,47481,51192,10494],"class_list":["post-2037071","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sb-featured","category-sb","category-social-facebook","category-social-linkedin","category-social-x","category-software-supply-chain-security","category-sb-spotlight","tag-sboms","tag-shift-left","tag-supply-chain-security","tag-zero-trust"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v23.9 (Yoast SEO v23.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Securing the Software Supply Chain: Checkmarx One Expands its Offerings - Security Boulevard<\/title>\n<meta name=\"description\" content=\"By leveraging these tools and adopting best practices, organizations can build resilient supply chains that withstand today\u2019s cyberthreats.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Securing the Software Supply Chain: Checkmarx One Expands its Offerings\" \/>\n<meta property=\"og:description\" content=\"The software supply chain is under siege. Threat actors increasingly exploit weaknesses in code repositories, dependencies and mismanaged secrets to\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Boulevard\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/groups\/24445075146\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-20T18:56:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"330\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Alan Shimel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@securityblvd\" \/>\n<meta name=\"twitter:site\" content=\"@securityblvd\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/\",\"url\":\"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/\",\"name\":\"Securing the Software Supply Chain: Checkmarx One Expands its Offerings - Security Boulevard\",\"isPartOf\":{\"@id\":\"https:\/\/securityboulevard.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg\",\"datePublished\":\"2024-11-20T18:56:52+00:00\",\"dateModified\":\"2024-11-20T18:56:52+00:00\",\"author\":{\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/61f1f4f5a3a5eddcda0639c6523e3827\"},\"description\":\"By leveraging these tools and adopting best practices, organizations can build resilient supply chains that withstand today\u2019s cyberthreats.\",\"breadcrumb\":{\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/#primaryimage\",\"url\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg\",\"contentUrl\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg\",\"width\":770,\"height\":330,\"caption\":\"supply, chain, Blue Yonder, secure, Checkmarx Abnormal Security cyberattack supply chain cybersecurity\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securityboulevard.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Boulevard (Original)\",\"item\":\"https:\/\/securityboulevard.com\/category\/sb\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Securing the Software Supply Chain: Checkmarx One Expands its Offerings\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securityboulevard.com\/#website\",\"url\":\"https:\/\/securityboulevard.com\/\",\"name\":\"Security Boulevard\",\"description\":\"The Home of the Security Bloggers Network\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securityboulevard.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/61f1f4f5a3a5eddcda0639c6523e3827\",\"name\":\"Alan Shimel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2013\/05\/alan-86x96.jpg\",\"contentUrl\":\"https:\/\/securityboulevard.com\/wp-content\/uploads\/2013\/05\/alan-86x96.jpg\",\"caption\":\"Alan Shimel\"},\"description\":\"Throughout his career spanning over 25 years in the IT industry, Alan Shimel has been at the forefront of leading technology change. From hosting and infrastructure, to security and now DevOps, Shimel is an industry leader whose opinions and views are widely sought after. Alan\u2019s entrepreneurial ventures have seen him found or co-found several technology related companies including TriStar Web, StillSecure, The CISO Group, MediaOps, Inc., DevOps.com and the DevOps Institute. He has also helped several companies grow from startup to public entities and beyond. He has held a variety of executive roles around Business and Corporate Development, Sales, Marketing, Product and Strategy. Alan is also the founder of the Security Bloggers Network, the Security Bloggers Meetups and awards which run at various Security conferences and Security Boulevard. Most recently Shimel saw the impact that DevOps and related technologies were going to have on the Software Development Lifecycle and the entire IT stack. He founded DevOps.com and then the DevOps Institute. DevOps.com is the leading destination for all things DevOps, as well as the producers of multiple DevOps events called DevOps Connect. DevOps Connect produces DevSecOps and Rugged DevOps tracks and events at leading security conferences such as RSA Conference, InfoSec Europe and InfoSec World. The DevOps Institute is the leading provider of DevOps education, training and certification. Alan has a BA in Government and Politics from St Johns University, a JD from New York Law School and a lifetime of business experience. His legal education, long experience in the field, and New York street smarts combine to form a unique personality that is always in demand to appear at conferences and events.\",\"url\":\"https:\/\/securityboulevard.com\/author\/alan\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Securing the Software Supply Chain: Checkmarx One Expands its Offerings - Security Boulevard","description":"By leveraging these tools and adopting best practices, organizations can build resilient supply chains that withstand today\u2019s cyberthreats.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/","og_locale":"en_US","og_type":"article","og_title":"Securing the Software Supply Chain: Checkmarx One Expands its Offerings","og_description":"The software supply chain is under siege. Threat actors increasingly exploit weaknesses in code repositories, dependencies and mismanaged secrets to","og_url":"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/","og_site_name":"Security Boulevard","article_publisher":"https:\/\/www.facebook.com\/groups\/24445075146\/","article_published_time":"2024-11-20T18:56:52+00:00","og_image":[{"width":770,"height":330,"url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg","type":"image\/jpeg"}],"author":"Alan Shimel","twitter_card":"summary_large_image","twitter_creator":"@securityblvd","twitter_site":"@securityblvd","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/","url":"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/","name":"Securing the Software Supply Chain: Checkmarx One Expands its Offerings - Security Boulevard","isPartOf":{"@id":"https:\/\/securityboulevard.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/#primaryimage"},"image":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/#primaryimage"},"thumbnailUrl":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg","datePublished":"2024-11-20T18:56:52+00:00","dateModified":"2024-11-20T18:56:52+00:00","author":{"@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/61f1f4f5a3a5eddcda0639c6523e3827"},"description":"By leveraging these tools and adopting best practices, organizations can build resilient supply chains that withstand today\u2019s cyberthreats.","breadcrumb":{"@id":"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/#primaryimage","url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg","contentUrl":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg","width":770,"height":330,"caption":"supply, chain, Blue Yonder, secure, Checkmarx Abnormal Security cyberattack supply chain cybersecurity"},{"@type":"BreadcrumbList","@id":"https:\/\/securityboulevard.com\/2024\/11\/securing-the-software-supply-chain-checkmarx-one-expands-its-offerings\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securityboulevard.com\/"},{"@type":"ListItem","position":2,"name":"Security Boulevard (Original)","item":"https:\/\/securityboulevard.com\/category\/sb\/"},{"@type":"ListItem","position":3,"name":"Securing the Software Supply Chain: Checkmarx One Expands its Offerings"}]},{"@type":"WebSite","@id":"https:\/\/securityboulevard.com\/#website","url":"https:\/\/securityboulevard.com\/","name":"Security Boulevard","description":"The Home of the Security Bloggers Network","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securityboulevard.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/61f1f4f5a3a5eddcda0639c6523e3827","name":"Alan Shimel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityboulevard.com\/#\/schema\/person\/image\/","url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2013\/05\/alan-86x96.jpg","contentUrl":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2013\/05\/alan-86x96.jpg","caption":"Alan Shimel"},"description":"Throughout his career spanning over 25 years in the IT industry, Alan Shimel has been at the forefront of leading technology change. From hosting and infrastructure, to security and now DevOps, Shimel is an industry leader whose opinions and views are widely sought after. Alan\u2019s entrepreneurial ventures have seen him found or co-found several technology related companies including TriStar Web, StillSecure, The CISO Group, MediaOps, Inc., DevOps.com and the DevOps Institute. He has also helped several companies grow from startup to public entities and beyond. He has held a variety of executive roles around Business and Corporate Development, Sales, Marketing, Product and Strategy. Alan is also the founder of the Security Bloggers Network, the Security Bloggers Meetups and awards which run at various Security conferences and Security Boulevard. Most recently Shimel saw the impact that DevOps and related technologies were going to have on the Software Development Lifecycle and the entire IT stack. He founded DevOps.com and then the DevOps Institute. DevOps.com is the leading destination for all things DevOps, as well as the producers of multiple DevOps events called DevOps Connect. DevOps Connect produces DevSecOps and Rugged DevOps tracks and events at leading security conferences such as RSA Conference, InfoSec Europe and InfoSec World. The DevOps Institute is the leading provider of DevOps education, training and certification. Alan has a BA in Government and Politics from St Johns University, a JD from New York Law School and a lifetime of business experience. His legal education, long experience in the field, and New York street smarts combine to form a unique personality that is always in demand to appear at conferences and events.","url":"https:\/\/securityboulevard.com\/author\/alan\/"}]}},"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/securityboulevard.com\/wp-content\/uploads\/2018\/11\/Sandbox-Proof-Concept.jpg","jetpack_shortlink":"https:\/\/wp.me\/p91vu9-8xVZ","_links":{"self":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037071","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/users\/5992"}],"replies":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/comments?post=2037071"}],"version-history":[{"count":3,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037071\/revisions"}],"predecessor-version":[{"id":2037093,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/posts\/2037071\/revisions\/2037093"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/media\/1792073"}],"wp:attachment":[{"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/media?parent=2037071"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/categories?post=2037071"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securityboulevard.com\/wp-json\/wp\/v2\/tags?post=2037071"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}