As Editor-in-chief of DevOps.com and Container Journal, Alan Shimel is attuned to the world of technology. Alan has founded and helped several technology ventures, including StillSecure, where he guided the company in bringing innovative and effective networking and security solutions to the marketplace. Shimel is an often-cited personality in the security and technology community and is a sought-after speaker at industry and government conferences and events. In addition to his writing on DevOps.com and Network World, his commentary about the state of technology is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.

Kubernetes, observability, tracing, kubernetes observability, Grafana labs, kubernetes, observe, tool, Datadog, data, observability, kubernetes Docker Granulate observability

Bridging Observability & Security in Kubernetes: Beyond Just Metrics

Kubernetes has expanded agility but also the attack surface. Alan argues that observability and security can no longer live in silos — metrics, logs, and traces already hold critical security signals, while ...

GitOps, Red Hat, Civo Flux ,GitOps. Weaveworks Sysdig AI

GitOps at Fleet Scale: Decentralization vs. Control

Alan unpacks Red Hat’s agent-based GitOps architecture for OpenShift and what it means for scaling GitOps across fleets of Kubernetes clusters. From central control to decentralized agents, discover how balance drives the ...

Alan Shimel | September 26, 2025 | CNCF GitOps standards, decentralized GitOps, federated GitOps model, GitOps scalability, Kubernetes GitOps scaling, OpenShift GitOps preview, Red Hat agent-based GitOps

CNCF, Kubernetes, SUSECON, SUSE, cloud-native, stack, CNCF, cert manager, guidance, patent, cloud native, CNCF Advances Linkerd Service Mesh cloud-native

CNCF and Docker: The Next Phase of Cloud Native Supply Chain Evolution

The CNCF–Docker partnership strengthens cloud native supply chain security with verified namespaces, SBOMs, and signed images. Trust becomes the new baseline ...

Alan Shimel | September 24, 2025 | cloud native security, CNCF Docker partnership, container image provenance, Docker Hub namespaces, Kubernetes trust, OSS Sponsored Program, platform engineering security, SBOM generation, signed container images, software supply chain

The Cloud-Native Frontier is at the Edge

The future of cloud-native is hybrid and edge. Learn how WebAssembly (WASM) complements containers to power next-gen workloads with speed, security and agility ...

Alan Shimel | September 23, 2025 | cloud native, cloud native security, CNCF WASM, distributed workloads, edge computing, hybrid cloud, hybrid cloud strategy, Kubernetes at the edge, WASM vs containers, WebAssembly WASM

OpenTofu, Terraform, IaC, StackGen, Argo, IaC, IaC code, AI, GenAI, Quali OutSystems Spectro Cloud IaC Kubernetes audit

OpenTofu and the New Era of Infrastructure as Code

Terraform’s license shift sparked OpenTofu’s rise. Alan explores how IaC now thrives with both HashiCorp’s Terraform and CNCF’s OpenTofu shaping the future ...

Supply Chain Security: Cloud Native’s Weakest Link?

For years, the conversation in security revolved around networks, firewalls, and endpoints. The perimeter was king. But in the cloud-native era, the old perimeter has dissolved into microservices, APIs, and pipelines. What’s ...

Alan Shimel | September 17, 2025 | cloud native, CNAPP, Log4j, SolarWinds, supply chain

visibility, runtime, eBPF Packet-Level Visibility to Workloads

Runtime Visibility: The Missing Layer in Cloud-Native Security

Cloud-native security can’t rely on old perimeter defenses. With workloads spinning up in seconds, runtime visibility is now the missing layer leaders must prioritize. Learn why observability is security, how tools like ...

Alan Shimel | September 16, 2025 | cloud native security, cloud workload protection, CNAPP, container runtime monitoring, DevSecOps, eBPF observability, Kubernetes security, real-time anomaly detection, runtime visibility, security observability

Security Tool Sprawl: The New Breach Vector for Cloud Native

“More is better” has always been a dangerous assumption in tech. In security, it’s downright reckless. Across the cloud-native ecosystem, organizations are drowning in their own defenses: dozens of overlapping tools, agents, ...

Alan Shimel | September 15, 2025 | cloud native, kubernetes, security, shift-left, tool sprawl

eBPF: The Silent Power Behind Cloud Native’s Next Phase

eBPF is quietly reshaping cloud native computing, powering service meshes, observability, networking, and security directly in the Linux kernel. By reducing sidecar overhead, enabling zero-instrumentation telemetry, and enhancing runtime protection, eBPF is ...

Alan Shimel | September 10, 2025 | Cilium eBPF, cloud native 2.0, eBPF, eBPF in DevOps, eBPF networking, eBPF performance monitoring, eBPF security, extended Berkeley Packet Filter, Falco eBPF, Istio Ambient Mesh eBPF, kernel-level programmability, Kubernetes eBPF, Linux kernel observability, Pixie observability, service mesh without sidecars, Tetragon runtime security, zero-instrumentation observability

KubeCon, cloud native, ai, cloud-native,

Shimmy’s Early Look: Can’t-Miss Sessions at KubeCon + CloudNativeCon North America 2025

CNCF turns 10 as KubeCon + CloudNativeCon North America 2025 heads to Atlanta this November. With 300+ sessions on Kubernetes, AI, platform engineering, security, and observability, the event showcases the next decade ...