{"id":52247,"date":"2023-09-11T14:29:55","date_gmt":"2023-09-11T18:29:55","guid":{"rendered":"https:\/\/sdtimes.com\/?p=52247"},"modified":"2023-10-27T14:00:31","modified_gmt":"2023-10-27T18:00:31","slug":"nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines","status":"publish","type":"post","link":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/","title":{"rendered":"NIST publishes new draft framework for integrating supply chain security into CI\/CD pipelines"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">The National Institute of Standards and Technology (NIST) published a new draft document that outlines strategies for integrating software supply chain security measures into CI\/CD pipelines.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cloud-native applications typically use a microservices architecture with a centralized infrastructure like a service mesh. These applications are often developed using DevSecOps, which uses CI\/CD pipelines to guide software through stages like build, test, package, and deploy, akin to a software supply chain, according to the <\/span><a href=\"https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-204D.ipd.pdf\"><span style=\"font-weight: 400;\">document<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u201cThis breakdown is very helpful for development organizations, as it provides more concrete guidance on how to secure their environments and processes. One thing that stands out is the emphasis on the definition of roles and, closely related, the identification of granular authorizations for user and service accounts,\u201d said Henrik Plate, security researcher at Endor Labs. \u201cThis is necessary to implement access controls for all activities and interactions in the context of CI\/CD pipelines according to least-privilege and need-to-know principles. However, the management of all those authorizations across the numerous systems and services invoked during pipeline execution can be challenging.\u201d<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Recent analyses of software attacks and vulnerabilities have prompted governments and private-sector organizations in software development, deployment, and integration to prioritize the entire software development lifecycle (SDLC).\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The security of the software supply chain (SSC) relies on the integrity of stages like build, test, package, and deploy, and threats can emerge from malicious actors&#8217; attack vectors as well as from defects introduced when proper diligence is not followed during the SDLC, according to the NIST draft.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u201cIt\u2019s not surprising that the document acknowledges that the \u2018extensive set of steps needed for SSC security cannot be implemented all at once in the SDLC of all enterprises without a great deal of disruption to underlying business processes and operations costs,\u201d Plate explained.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This highlights the timeliness of providing guidance to organizations on implementing high-level recommendations like the Secure Software Development Framework (SSDF), which is a set of fundamental, sound, and secure software development practices based on established secure software development practice documents from organizations such as BSA, OWASP, and SAFECode, according to the NIST draft.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The NIST draft addresses the upcoming self-attestation requirement for software suppliers to declare adherence to SSDF secure development practices for federal agencies. The document aims to clarify expectations in the context of DevSecOps and CI\/CD pipelines regarding what is considered necessary, according to Plate.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Plate added that one major concern with the draft is that tools that can improve the SSC like Sigstore and in-toto are not yet widely adopted with only a few open-source ecosystems including npm and select commercial services, having integrated it.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u201cIt will require some time until those technologies are adopted more broadly in various open-source ecosystems and among open-source end users,\u201d Plate added.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Organizations should go beyond simply detecting open-source software defects after they occur. They should also proactively manage open-source dependency risks by considering factors like code quality, project activity, and other risk indicators. A holistic approach to open-source risk management helps reduce both security and operational risks, as outlined in the Top 10 Open Source Dependency Risks, according to Plate.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This new draft by NIST is intended for a broad group of practitioners in the software industry, including site reliability engineers, software engineers, project and product managers, and security architects and engineers. The public comment period is open through Oct. 13, 2023. See the <\/span><a href=\"https:\/\/csrc.nist.gov\/pubs\/sp\/800\/204\/d\/ipd\"><span style=\"font-weight: 400;\">publication details<\/span><\/a><span style=\"font-weight: 400;\"> for a copy of the draft and instructions for submitting comments.<\/span><\/p>\n<!-- AddThis Advanced Settings generic via filter on the_content --><!-- AddThis Share Buttons generic via filter on the_content -->","protected":false},"excerpt":{"rendered":"<p>The National Institute of Standards and Technology (NIST) published a new draft document that outlines strategies for integrating software supply chain security measures into CI\/CD pipelines.\u00a0 Cloud-native applications typically use a microservices architecture with a centralized infrastructure like a service mesh. These applications are often developed using DevSecOps, which uses CI\/CD pipelines to guide software  &hellip; <a class=\"read-more\" href=\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/\">continue reading<\/a><!-- AddThis Advanced Settings generic via filter on get_the_excerpt --><!-- AddThis Share Buttons generic via filter on get_the_excerpt --><\/p>\n","protected":false},"author":871,"featured_media":52248,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"om_disable_all_campaigns":false,"cybocfi_hide_featured_image":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[1],"tags":[10716,2190,2237,2610,45,16715,16101],"coauthors":[14818],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>NIST publishes new draft framework for integrating supply chain security into CI\/CD pipelines - SD Times<\/title>\n<meta name=\"description\" content=\"The National Institute of Standards and Technology (NIST) published a new draft that outlines strategies for integrating 54 SSC security measures into CI\/CD pipelines.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NIST publishes new draft framework for integrating supply chain security into CI\/CD pipelines - SD Times\" \/>\n<meta property=\"og:description\" content=\"The National Institute of Standards and Technology (NIST) published a new draft that outlines strategies for integrating 54 SSC security measures into CI\/CD pipelines.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/\" \/>\n<meta property=\"og:site_name\" content=\"SD Times\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/SDTimesD2\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-11T18:29:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-10-27T18:00:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sdtimes.com\/wp-content\/uploads\/2023\/09\/Screen-Shot-2023-09-11-at-2.29.39-PM.png\" \/>\n\t<meta property=\"og:image:width\" content=\"187\" \/>\n\t<meta property=\"og:image:height\" content=\"121\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Jakub Lewkowicz\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@sdtimes\" \/>\n<meta name=\"twitter:site\" content=\"@sdtimes\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jakub Lewkowicz\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/\"},\"author\":{\"name\":\"Jakub Lewkowicz\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/0ccf41924f263cbae6638a4df0210f42\"},\"headline\":\"NIST publishes new draft framework for integrating supply chain security into CI\/CD pipelines\",\"datePublished\":\"2023-09-11T18:29:55+00:00\",\"dateModified\":\"2023-10-27T18:00:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/\"},\"wordCount\":586,\"publisher\":{\"@id\":\"https:\/\/sdtimes.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2023\/09\/Screen-Shot-2023-09-11-at-2.29.39-PM.png\",\"keywords\":[\"cloud native\",\"cybersecurity\",\"NIST\",\"SDLC\",\"security\",\"SSC\",\"Supply Chain Security\"],\"articleSection\":[\"Latest News\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/\",\"url\":\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/\",\"name\":\"NIST publishes new draft framework for integrating supply chain security into CI\/CD pipelines - SD Times\",\"isPartOf\":{\"@id\":\"https:\/\/sdtimes.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2023\/09\/Screen-Shot-2023-09-11-at-2.29.39-PM.png\",\"datePublished\":\"2023-09-11T18:29:55+00:00\",\"dateModified\":\"2023-10-27T18:00:31+00:00\",\"description\":\"The National Institute of Standards and Technology (NIST) published a new draft that outlines strategies for integrating 54 SSC security measures into CI\/CD pipelines.\",\"breadcrumb\":{\"@id\":\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#primaryimage\",\"url\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2023\/09\/Screen-Shot-2023-09-11-at-2.29.39-PM.png\",\"contentUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2023\/09\/Screen-Shot-2023-09-11-at-2.29.39-PM.png\",\"width\":187,\"height\":121},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/sdtimes.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NIST publishes new draft framework for integrating supply chain security into CI\/CD pipelines\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/sdtimes.com\/#website\",\"url\":\"https:\/\/sdtimes.com\/\",\"name\":\"SD Times\",\"description\":\"Software Development News\",\"publisher\":{\"@id\":\"https:\/\/sdtimes.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/sdtimes.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/sdtimes.com\/#organization\",\"name\":\"SD Times\",\"url\":\"https:\/\/sdtimes.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png\",\"contentUrl\":\"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png\",\"width\":225,\"height\":90,\"caption\":\"SD Times\"},\"image\":{\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/SDTimesD2\",\"https:\/\/x.com\/sdtimes\",\"https:\/\/www.linkedin.com\/company\/sdtimes\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/0ccf41924f263cbae6638a4df0210f42\",\"name\":\"Jakub Lewkowicz\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sdtimes.com\/#\/schema\/person\/image\/a061823dfc0b893ed859b59dc9554372\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/fec6c7c06cf379ac99029d9c59940dab?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/fec6c7c06cf379ac99029d9c59940dab?s=96&d=mm&r=g\",\"caption\":\"Jakub Lewkowicz\"},\"description\":\"Jakub Lewkowicz is a multimedia journalist who loves all things tech. Polish-born and Long Island-bred, he is an Online and Social Media Editor for SD Times. He is also a Carnegie Hall pianist and music producer.\",\"url\":\"https:\/\/sdtimes.com\/author\/jakub-lewkowicz\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NIST publishes new draft framework for integrating supply chain security into CI\/CD pipelines - SD Times","description":"The National Institute of Standards and Technology (NIST) published a new draft that outlines strategies for integrating 54 SSC security measures into CI\/CD pipelines.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/","og_locale":"en_US","og_type":"article","og_title":"NIST publishes new draft framework for integrating supply chain security into CI\/CD pipelines - SD Times","og_description":"The National Institute of Standards and Technology (NIST) published a new draft that outlines strategies for integrating 54 SSC security measures into CI\/CD pipelines.","og_url":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/","og_site_name":"SD Times","article_publisher":"https:\/\/www.facebook.com\/SDTimesD2","article_published_time":"2023-09-11T18:29:55+00:00","article_modified_time":"2023-10-27T18:00:31+00:00","og_image":[{"width":187,"height":121,"url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2023\/09\/Screen-Shot-2023-09-11-at-2.29.39-PM.png","type":"image\/png"}],"author":"Jakub Lewkowicz","twitter_card":"summary_large_image","twitter_creator":"@sdtimes","twitter_site":"@sdtimes","twitter_misc":{"Written by":"Jakub Lewkowicz","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#article","isPartOf":{"@id":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/"},"author":{"name":"Jakub Lewkowicz","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/0ccf41924f263cbae6638a4df0210f42"},"headline":"NIST publishes new draft framework for integrating supply chain security into CI\/CD pipelines","datePublished":"2023-09-11T18:29:55+00:00","dateModified":"2023-10-27T18:00:31+00:00","mainEntityOfPage":{"@id":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/"},"wordCount":586,"publisher":{"@id":"https:\/\/sdtimes.com\/#organization"},"image":{"@id":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#primaryimage"},"thumbnailUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2023\/09\/Screen-Shot-2023-09-11-at-2.29.39-PM.png","keywords":["cloud native","cybersecurity","NIST","SDLC","security","SSC","Supply Chain Security"],"articleSection":["Latest News"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/","url":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/","name":"NIST publishes new draft framework for integrating supply chain security into CI\/CD pipelines - SD Times","isPartOf":{"@id":"https:\/\/sdtimes.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#primaryimage"},"image":{"@id":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#primaryimage"},"thumbnailUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2023\/09\/Screen-Shot-2023-09-11-at-2.29.39-PM.png","datePublished":"2023-09-11T18:29:55+00:00","dateModified":"2023-10-27T18:00:31+00:00","description":"The National Institute of Standards and Technology (NIST) published a new draft that outlines strategies for integrating 54 SSC security measures into CI\/CD pipelines.","breadcrumb":{"@id":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#primaryimage","url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2023\/09\/Screen-Shot-2023-09-11-at-2.29.39-PM.png","contentUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2023\/09\/Screen-Shot-2023-09-11-at-2.29.39-PM.png","width":187,"height":121},{"@type":"BreadcrumbList","@id":"https:\/\/sdtimes.com\/security\/nist-publishes-new-draft-framework-for-integrating-supply-chain-security-into-ci-cd-pipelines\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sdtimes.com\/"},{"@type":"ListItem","position":2,"name":"NIST publishes new draft framework for integrating supply chain security into CI\/CD pipelines"}]},{"@type":"WebSite","@id":"https:\/\/sdtimes.com\/#website","url":"https:\/\/sdtimes.com\/","name":"SD Times","description":"Software Development News","publisher":{"@id":"https:\/\/sdtimes.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sdtimes.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sdtimes.com\/#organization","name":"SD Times","url":"https:\/\/sdtimes.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/","url":"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png","contentUrl":"https:\/\/sdtimes.com\/wp-content\/uploads\/2014\/05\/deafaultlogo.png","width":225,"height":90,"caption":"SD Times"},"image":{"@id":"https:\/\/sdtimes.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/SDTimesD2","https:\/\/x.com\/sdtimes","https:\/\/www.linkedin.com\/company\/sdtimes\/"]},{"@type":"Person","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/0ccf41924f263cbae6638a4df0210f42","name":"Jakub Lewkowicz","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sdtimes.com\/#\/schema\/person\/image\/a061823dfc0b893ed859b59dc9554372","url":"https:\/\/secure.gravatar.com\/avatar\/fec6c7c06cf379ac99029d9c59940dab?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fec6c7c06cf379ac99029d9c59940dab?s=96&d=mm&r=g","caption":"Jakub Lewkowicz"},"description":"Jakub Lewkowicz is a multimedia journalist who loves all things tech. Polish-born and Long Island-bred, he is an Online and Social Media Editor for SD Times. He is also a Carnegie Hall pianist and music producer.","url":"https:\/\/sdtimes.com\/author\/jakub-lewkowicz\/"}]}},"_links":{"self":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/52247"}],"collection":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/users\/871"}],"replies":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/comments?post=52247"}],"version-history":[{"count":1,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/52247\/revisions"}],"predecessor-version":[{"id":52249,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/posts\/52247\/revisions\/52249"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/media\/52248"}],"wp:attachment":[{"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/media?parent=52247"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/categories?post=52247"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/tags?post=52247"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/sdtimes.com\/wp-json\/wp\/v2\/coauthors?post=52247"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}