Back
Carmit Hershman - Headshot

Carmit Hershman

JFrog Senior Software Architect, CTO Office

Carmit is a Software Architect at JFrog and an integral part of the CTO Architects team, focused on building secure and trusted SDLC processes. She is passionate about finding innovative ways to accelerate release lifecycles while keeping them protected and controlled, so teams can focus on delivering business value instead of governance overhead or dealing with security breaches.

The Latest From Carmit Hershman

  • The Agent Has Entered the Supply Chain
    | 9 min read

    Software Delivery in the Age of Agents The way software gets built has fundamentally shifted. AI coding agents are no longer just autocomplete on steroids; they're resolving packages, configuring environments, selecting tools, and in some cases running the entire development lifecycle, with or without a human in the loop. But here's the problem: the tools…

    Read More

  • Automate NIST SSDF Compliance: A Technical Guide to Policy as Code in JFrog AppTrust
    | 7 min read

    For many engineering and security teams, NIST SP 800-218 (Secure Software Development Framework, or SSDF) compliance feels like a hurdle that is too difficult to overcome. To meet these and other emerging regulations and be effective in today’s DevSecOps environment, organizations are moving toward codifying these standards into machine-readable rules, also known as Policy as…

    Read More