As Editor-in-chief of DevOps.com and Container Journal, Alan Shimel is attuned to the world of technology. Alan has founded and helped several technology ventures, including StillSecure, where he guided the company in bringing innovative and effective networking and security solutions to the marketplace. Shimel is an often-cited personality in the security and technology community and is a sought-after speaker at industry and government conferences and events. In addition to his writing on DevOps.com and Network World, his commentary about the state of technology is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.

Supply Chain Security: Cloud Native’s Weakest Link?

For years, the conversation in security revolved around networks, firewalls, and endpoints. The perimeter was king. But in the cloud-native era, the old perimeter has dissolved into microservices, APIs, and pipelines. What’s ...

Alan Shimel | September 17, 2025 | cloud native, CNAPP, Log4j, SolarWinds, supply chain

visibility, runtime, eBPF Packet-Level Visibility to Workloads

Runtime Visibility: The Missing Layer in Cloud-Native Security

Cloud-native security can’t rely on old perimeter defenses. With workloads spinning up in seconds, runtime visibility is now the missing layer leaders must prioritize. Learn why observability is security, how tools like ...

Alan Shimel | September 16, 2025 | cloud native security, cloud workload protection, CNAPP, container runtime monitoring, DevSecOps, eBPF observability, Kubernetes security, real-time anomaly detection, runtime visibility, security observability

Security Tool Sprawl: The New Breach Vector for Cloud Native

“More is better” has always been a dangerous assumption in tech. In security, it’s downright reckless. Across the cloud-native ecosystem, organizations are drowning in their own defenses: dozens of overlapping tools, agents, ...

Alan Shimel | September 15, 2025 | cloud native, kubernetes, security, shift-left, tool sprawl

eBPF: The Silent Power Behind Cloud Native’s Next Phase

eBPF is quietly reshaping cloud native computing, powering service meshes, observability, networking, and security directly in the Linux kernel. By reducing sidecar overhead, enabling zero-instrumentation telemetry, and enhancing runtime protection, eBPF is ...

Alan Shimel | September 10, 2025 | Cilium eBPF, cloud native 2.0, eBPF, eBPF in DevOps, eBPF networking, eBPF performance monitoring, eBPF security, extended Berkeley Packet Filter, Falco eBPF, Istio Ambient Mesh eBPF, kernel-level programmability, Kubernetes eBPF, Linux kernel observability, Pixie observability, service mesh without sidecars, Tetragon runtime security, zero-instrumentation observability

KubeCon, cloud native, ai, cloud-native,

Shimmy’s Early Look: Can’t-Miss Sessions at KubeCon + CloudNativeCon North America 2025

CNCF turns 10 as KubeCon + CloudNativeCon North America 2025 heads to Atlanta this November. With 300+ sessions on Kubernetes, AI, platform engineering, security, and observability, the event showcases the next decade ...

Alan Shimel | September 9, 2025 | AI workloads on Kubernetes, cloud native AI, cloud native events, CloudNativeCon 2025, CNCF community, DevOps conferences 2025, KubeCon 2025, KubeCon keynotes, Kubernetes conference Atlanta, Kubernetes security, multi-cluster orchestration, observability Kubernetes, platform engineering, supply chain security

Fitting Square Kubernetes Into the Round AI-Native Apps

Kubernetes tamed cloud-native workloads, but AI-native apps push its limits. Can it evolve for GPU-first, data-intensive AI — or is it time for new control planes? ...

Kubernetes, observability, tracing, kubernetes observability, Grafana labs, kubernetes, observe, tool, Datadog, data, observability, kubernetes Docker Granulate observability

From Observability to Actionability: Why Metrics Alone Aren’t Enough

Observability has plateaued. The next step is actionable observability—using AI, automation, and SLOs to turn telemetry into reliable outcomes ...

Alan Shimel | September 5, 2025 | actionable observability, AIOps, anomaly detection, auto-remediation, cloud native, continuous verification, devops, ELK stack, golden paths, internal developer platforms, metrics logs traces, observability, OpenTelemetry, platform engineering, SLO-driven operations, SRE, telemetry automation

Apple Buys Styra Brains, OPA Remains Open

In what may be the most Apple-esque move in recent memory—quiet, strategic, and totally on-brand—the tech giant has apparently executed an “acquihire without the acquisition” by scooping up the co-founders and core ...

Alan Shimel | September 3, 2025 | Apple, kubernetes, OPA, Styra

GitOps, Red Hat, Civo Flux ,GitOps. Weaveworks Sysdig AI

The GitOps Plateau – Have We Stopped Innovating?

GitOps adoption is steady but innovation has slowed. AI-native GitOps could be the breakthrough that makes Kubernetes delivery smarter, safer, and scalable ...

Alan Shimel | September 3, 2025 | AI-native GitOps, ArgoCD GitOps, event-driven GitOps, Flux GitOps, GitOps and AI, GitOps automation, GitOps for multi-cloud, GitOps future, GitOps innovation, GitOps plateau, GitOps platform engineering, GitOps reconciliation, Kubernetes delivery, Kubernetes YAML automation, policy-as-code GitOps

GitOps, pipelines, Jenkins, kubernetes, kpack, buildpacks, CI/CD, Codefresh, Komodor, AI, clusters, kubernetes, generative AI Kubernetes Argo container security continuous SQL Server Windocks Tekton Kubeflow Red Hat CI/CD

GitOps Under Fire: Resilience Lessons from GitProtect’s Mid-Year 2025 Incident Report

GitOps may power cloud-native delivery, but rising outages and breaches across GitHub, GitLab, Jira, and Azure DevOps expose just how fragile today’s pipelines really are ...