AGENDA
The Annual DevOps, DevSecOps, MLOps User Conference
Prepare for the next wave of innovation with expert content from
DevOps, DevSecOps and MLOps industry leaders.
DevOps, DevSecOps and MLOps industry leaders.
September 9-11, 2024
Training Day
September 9th
Conference Day 1
September 10th
Conference Day 2
September 11th
1
7:30 AM
Registration
MON 7:30 AM - 9:00 AM
The swamp
2
8:30 AM
Full Day
DevSecOps Workshop: Secure your Software Supply Chain (Code to Runtime)
Rakesh Krishna
|
Senior Solutions Engineer, JFrog
https://sessionize.com/image/37f1-400o400o1-ENsQ64JpzYNZP8Cf7YfA4u.jpg
Experience in development, security and license compliance areas
MON 8:30 AM - 4:30 PM
Colorado Room
End-to-end supply chain security requires vigilance. This starts before the developer calls an external package, through proprietary code development, code compiling, interim builds, and the pipeline to release and distribution, all the way to production and after deployment. In this training, we’ll identify a typical Enterprise Software Supply chain and its risk for attack. We’ll also discuss ways to enable end-to-end vigilance for software supply chain risk management.
By the end of this training, you should be able to:
- Understand what software supply chain is, what it is made of and how to secure it end to end. This includes securing Open Source components, Configurations and IaC.
- How to gain visibility into the dependencies being used, packages being developed and gate keeping them based on vulnerabilities , license compliance and operational risk to ensure safety.
- Learn various tools that the JFrog Software Supply Chain security platform offers and how to onboard them.
3
Morning
JFrog Platform Essentials: Manage, Automate & Protect Your Software Supply Chain Like a Pro
Jacob Kelly
|
Sr. Solution Engineer, JFrog
https://sessionize.com/image/849f-400o400o1-TXfS6weHU9diTGXtUNoVsJ.jpg
Jacob Kelly s a Solutions Engineer at JFrog based in Nashville, TN. He has a Bachlors in Computer Science from ETSU. He is a technical leader who has over 10 years of software development, SRE, and DevOps experience starting with hands-on development to global leadership roles for large Enterprises. At JFrog, he enjoys helping customers with creative and innovative soutions to solve their DevOps-related problems. He spends his spare time with his wife playing card games, and loves Rock Climbing and hiking.
Erik Adelson
|
Senior Solution Engineer, JFrog
https://sessionize.com/image/abcd-400o400o1-Ktsv1CmcuUk4uA2BD9RM3k.png
Erik is a Solutions Engineer @ JFrog. He has been working in computing infrastructure for the past 20+ years most recently focused on Edge Computing. He is passionate about computing ranging from Raspberry PIs, gadgets of all sorts, and is a collector of vintage PCs.
MON 8:30 AM - 12:00 PM
San Jacinto Room
This training is designed to empower you and your organization on your DevSecOps journey by providing you with the essential knowledge and skills to improve the efficiency of your software supply chain.
You’ll be exposed to configure repositories, store OSS and custom artifacts using popular CI servers, scan stored artifacts, and automate CD pipelines using REST API, JFrog CLI, and JFrog AQL. Included are strategies to secure artifacts in various phases of SDLC, advance your DevSecOps journey with JFrog Xray, and integrate with JFrog Ecosystem tools to “Shift Left”.
By the end of this training, you should be able to:
- Configure repositories
- Store OSS and customized artifacts using popular CI servers
- Scan stored artifacts
- Automate CD pipelines
- Leverage REST API, JFrog CLI, and JFrog AQL to streamline your processes
We’ll explore the security features that will equip you with:
- Strategies to secure artifacts at different stages of the software development lifecycle (SDLC)
- Tools to "Shift Left"
- Proactively address security concerns
Who should attend:
DevOps, Automation, MLOps, and SRE engineers. It's also highly beneficial for security engineers who are looking to strengthen their software supply chain security using the JFrog Platform.
4
Morning
"MLOps for DevOps Engineers: Building an End-to-End MLOps workflow with your JFrog platform"
Zohar Sacks
|
Senior Director of Product, JFrog
https://sessionize.com/image/9ffa-400o400o1-wEaZpyBsfCotSgJnouNoZT.png
Zohar Sacks, Senior Director of Product at JFrog, brings over 20 years of experience in distributed systems, Cloud, SaaS, PaaS, IaaS, MLOps and MLSecOps
Before joining JFrog, Zohar was the VP of R&D of Zesty, an AI-powered Cloud Cost Optimization startup. Zohar was also CTO/Co-Founder of Disco, a revolutionary distributed computing startup serving distributed computing tools to the AI/ML market and beyond.
MON 8:30 AM - 12:00 PM
Trinity Room
The race to unlock the power of Machine Learning (ML) is on, but managing the ML lifecycle – from data to deployment – can be a complex hurdle. Break through these barriers with the JFrog Platform, your end-to-end platform for secure and efficient MLOps.
This half-day course will empower you to:
- Understand how the JFrog Platform streamlines your entire ML workflow
- Build Security into Your AI & MLOps DNA
- Manage ML Artifacts with Confidence
- Deploy your models efficiently & securely into production environments
- Gain insights into strategies for monitoring model performance and data drift for continuous improvement
5
Morning
DevOps at Scale: Multisites: How to Design an Enterprise Ready Architecture
Maharshi Patel
|
DevOps Acceleration Engineer, JFrog
https://sessionize.com/image/632a-400o400o1-31751a85-b2e4-4e27-a4f4-f8a4a51dce7b.jpg
Maharshi is an Engineer on the DevOps Acceleration Team at JFrog. Maharshi has around 12+ years of experience working across all the phases of SDLC process building web/mobile, infrastructure services. In his free time, he likes to play sports, hike, and travel.
Shubha Gururaja Rao
|
Senior Solutions Engineer, JFrog
https://sessionize.com/image/e1f0-400o400o1-HD5f7AZdcbBxRCR8iuP19k.jpg
Shubha is a Director of Solutions Engineering with JFrog. With more than a decade of experience working on different technologies and verticals, she is passionate about helping customers achieve the best. Prior to JFrog, she was a Solutions Architect helping some of the largest customers build their end to end IoT Products.
Having been trained in Indian classical Dance and Music, she loves to teach music to kids in her spare time. On the weekends, she is also a volunteer teacher at an Indian language school.
MON 8:30 AM - 12:00 PM
Llano Room
In today's globalized business landscape, managing software delivery across geographically distributed teams while ensuring data integrity & business continuity presents significant challenges. This training empowers you to overcome these hurdles by leveraging the power of JFrog.
We'll focus & implement hands-on intriguing real-life use cases such as Disaster Recovery (DR), Robust Data Federation, Distribution Strategies, Local Binary Availability, Centralized Access Control & Secure Architecture Design & others.
By the end of this training, you should be able to:
- Design and implement secure and scalable architectures for enterprise-scale deployments, fostering collaboration and efficiency.
- Utilize JFrog's capabilities to build robust DR plans and ensure data integrity, promoting business continuity and minimizing downtime risks.
6
12:00 PM
Training Day Lunch
MON 12:00 PM - 1:00 PM
The swamp
7
1:00 PM
Afternoon
Foundations of DevSecOps - Avoiding Software Supply Chain Attacks
Kushal Madireddy
|
Senior Solutions Engineer, JFrog
https://sessionize.com/image/f9da-400o400o1-RmigPrz1yWwDtam5gJ2VbP.jpg
Before joining JFrog in 2022, Kushal was a Software Architect with Product Owner experience for more than a decade. Having played pivotal roles in establishing best practices using JFrog Platform, he brings in a unique perspective to help customers unlock the true potential of Dev-Sec-ML Ops within their organization. He’s a conference speaker, home DIYer (Austin, TX native), gadget enthusiast and enjoys automating things with the push of a button.
Asim Parekh
|
Solutions Engineer, JFrog
https://sessionize.com/image/e868-400o400o1-ws7KuLKBzmjwo7YUKhvdES.jpg
Asim Parekh is a Solutions Engineer@JFrog based in San Ramon, CA. He has a Masters in Engineering from SJSU and Bachelor's in Computer Science from University of Houston. He is a creative (2 patents under his belt) technical leader who has 20+ years of software development experience starting with hands-on development to global leadership roles for large Enterprises. While working in JFrog, he loves helping customers with creative ideas in solving their DevOps related problems. In his spare time, he spends time with his wife and kids. He loves outdoor activities like hiking, stargazing, and playing sports.
MON 1:00 PM - 4:30 PM
San Jacinto Room
Securing your software supply chain is an increasingly complex problem with evolving attack methods and a mix of security point solutions. It’s easy to end up with blind spots and gaps across your supply chain.
This training will focus on how JFrog Security can help with DevSecOps, how it integrates with the JFrog Platform to secure builds and artifacts, and how to create different policies for different stages of the CI/CD process.
By the end of this training, you should be able to:
- Understand the impact of these components on production system quality, performance, and architectural changes
- How to use Xray’s integration with IDEs and CI Servers to reduce risk, speed up development, and ensure reliability in production
- Identify container security, why it’s different, and how to streamline security and governance for cloud-native apps
- Roll out security best practices throughout their organization
8
Afternoon
End-to-End Release Lifecycle Management: Streamline Your RLM Workflow
Selva Sabapathy
|
Solutions Architect, JFrog
https://sessionize.com/image/03a2-400o400o1-hCc1f38V3eXNo9ztAea8uB.jpg
Started as a Software Engineer, Selva spent the past 2 decades in distributed enterprise application and devops architectures. Currently partnering with Enterprise customers in their DevSecOps journey as a trusted advisor.
MON 1:00 PM - 4:30 PM
Trinity Room
The tracking of the software maturing process consistency from dev to production is becoming crucial for all software organizations, the JFrog Release Lifecycle Management initiative introduces a new comprehensive approach to meet this goal. In this training, you will gain practical knowledge on how to successfully implement this approach using the JFrog Platform.
By the end of this training, you should be able to:
- Understand how the JFrog Platform streamlines your entire RLM workflow.
- Integrate your RLM with Xray and Distribution ensuring Security & Compliance throughout your SW Supply Chain
- Instantly gain insights on your RLM by using JFrog's Platform RLM Kanban view and audit timeline
- Design for Enterprise: learn hands-on, how to scale your architecture by integrating JFrog RLM with JFrog Projects and JFrog Federation capabilities
9
Afternoon
Software Supply Chain Platform Automation: Create, Distribute, and Automate at Scale
Anantha Kalusivalingam
|
Solutions Architect, JFrog
https://sessionize.com/image/d688-400o400o1-KpEcZMdNkGZ78BjWG1irC8.jpg
Industry experience which spans multiple decades. Work closely with customer's leadership team to understand the business goals and architect strategic, long term DevSecOps process to meet the customer's needs
Roshan Kadasani
|
Senior Solutions Engineer, JFrog
https://sessionize.com/image/9e4f-400o400o1-TGJwVTqftAkCMtRcNNTHCZ.jpg
Experienced DevSecOps enthusiast and a strong advocate of cloud-native technologies and robust automation that drive enterprises to deliver highly scalable and resilient solutions at a large scale.
MON 1:00 PM - 4:30 PM
Llano Room
Whether you're a platform administrator, developer, or part of a security team, this hands-on training empowers you with the knowledge and tools to streamline your workflows. You’ll discover best practices followed by enterprise organizations to secure their software supply chain through automation.
During this interactive session, you'll learn to:
- Leverage the power of REST API, JFrog CLI, or Terraform provider to automate various processes in Artifactory, Xray, and Distribution
- Optimize your operations, from configuring repositories and role-based mechanisms to integrating Artifactory with build servers and pushing artifacts to higher environments
- Create policies for security, licensing, and operations
- Scan artifacts and builds
- Generate comprehensive reports on vulnerabilities, compliance, and operational risks
By the end of this training, you'll have the skills to:
- Create release bundles in JFrog Distribution and distribute them as immutable objects to the edge
- Empower JFrog platform administrators to efficiently manage platform configurations through automation processes
- Enable developers to seamlessly pull OSS artifacts from the JFrog platform and address vulnerabilities or compliance risks during the development phase
- Equip security teams with the ability to create automated processes based on specific criteria and generate insightful reports on vulnerabilities, compliance, and SBOM.
10
4:30 PM
Welcome Reception
MON 4:30 PM - 6:00 PM
The swamp
11
7:30 AM
Registration
TUE 7:30 AM - 8:45 AM
The swamp
12
8:45 AM
Keynote
From Coding to Cognition: Developers’ EveryOps Evolution
Shlomi Ben Haim
|
CEO & Co-founder, JFrog
https://sessionize.com/image/0e22-400o400o1-smB72VYUetSN5E1uhkvENB.jpg
Shlomi is CEO and co-founder of JFrog, creators of the universal DevOps platform. He brings over 20 years of experience in building profitable, high-growth information technology companies. Prior to JFrog, Shlomi was the CEO of AlphaCSP (acquired in 2005 by MalamTeam) and was a Major in the Israeli Air Force. Shlomi holds an MS from Clark University (Massachusetts) and a BA from Ben-Gurion University (Israel).
TUE 8:45 AM - 9:00 AM
Brazos Grand Ballroom
Developers used to code. Now they manage, import, secure, build, package, deliver and monitor… the list of every “Ops” is ever-growing. As if this wasn’t enough, they are now being asked to work with data science and machine learning teams in a gold rush of AI and ML-enabled application delivery. In our annual swampUP kickoff, join JFrog Co-founder and CEO Shlomi Ben Haim, as we explore how developers may still start with code and CI, but are increasingly ending up holding the reins of EveryOps, building, securing and delivering alongside the machines and systems they created.
13
9:00 AM
Keynote
JFrog Platform Innovation: Reloading Development Teams
Yoav Landman
|
CTO & Co-founder, JFrog
https://sessionize.com/image/d761-400o400o1-NduZbWwQ2MW1vdqL3kEAWV.jpg
Yoav is a devout engineer, the creator of Artifactory, and a Co-founder and Chief Technology Officer of JFrog. With over 20 years of experience as a Software Architect of enterprise applications, he plays a significant role in the evolution of DevOps. In 2006, Yoav created Artifactory as an open source project paving the way for the software community to a new domain of managing binaries. Prior to JFrog, Yoav created many production solutions as a consultant in the fields of Continuous Integration and Distributed Systems. He is also an accredited speaker and a Java Rockstar.
TUE 9:00 AM - 9:30 AM
Brazos Grand Ballroom
Enterprises are increasingly focused on end-to-end visibility and governance of the entire software supply chain in order to meet development team goals, security requirements and compliance needs. As efficiency across the software lifecycle becomes an issue, customers tell us that tooling consolidation via holistic platforms is the path for many companies. Join this annual, landmark technology keynote to see the advancements in the JFrog Platform across EveryOps, and how an integrated platform is key to tomorrow’s development success. Includes secret announcements that change the way software delivery is managed!
14
9:30 AM
Keynote
DevOps Renaissance: The Unified Platform Odyssey
Yossi Shaul
|
SVP of R&D, JFrog
https://sessionize.com/image/ee07-400o400o1-Le6K84RsyDc8CiV6fcPW3n.jpg
Yossi joined JFrog in 2010 as the Development Manger and has risen over the years to Senior Vice President of R&D. He has vast hands-on Java experience and Artifactory development, knowledge, and practice. Previously, Yossi worked at AlphaCSP and has been involved in numerous projects for various small and large clients such as Viola Networks, NITE, IDI, Cisco, and others. Yossi leads development teams and has gained experience with enterprise-scale applications, build technologies, software engineering, and agile methodologies, and is an active committer in several open-source projects.
Gali Zisman
|
VP of Product, JFrog
https://sessionize.com/image/ed16-400o400o1-EBNRfwyAnyCS5rhfcDhBVx.png
TUE 9:30 AM - 10:00 AM
Brazos Grand Ballroom
New requirements demand new methods across the software supply chain. The only way to deliver on your company’s DevOps, DevSecOps and MLOps promises is through automation and attestation in a complete platform. Join us to explore JFrog’s new compliance-oriented approaches to your entire pipeline, allowing you to operate fast while addressing emerging needs across development, operations, security and compliance. Includes never-before-seen demonstrations and key product announcements designed to make EveryOps run more smoothly.
15
10:00 AM
Keynote
From Vulnerabilities to Vigilance: JFrog’s Security Focus
Asaf Karas
|
CTO Security, JFrog
https://sessionize.com/image/8579-400o400o1-PVe54isQjKPqH1cv4wNVM4.jpg
Asaf is Chief Technology Officer for JFrog Security. A seasoned security expert, Karas has extensive experience in reverse engineering, device debugging, network forensics, malware analysis, big data, and anomaly detection. Prior to JFrog, Karas served as CTO of Vdoo, which delivered an integrated security platform designed for connected, IoT, and embedded devices. Vdoo was acquired by JFrog in June 2021. Karas also spent several years working with international military organizations. Asaf spent almost 15 years leading security research at the Israeli Defense Forces, where he served as branch leader for over 100 cyber specialists.
Eyal Dyment
|
VP of Product, JFrog
https://sessionize.com/image/9ed1-400o400o1-JCcRLZyE9sThjck41dDRe6.jpg
TUE 10:00 AM - 10:30 AM
Brazos Grand Ballroom
Did you know that many companies have 10 or more DevSecOps tools that scan their code and binaries? Join us to explore unique advancements in the JFrog Platform that cut security down to size; pinpointed, contextual remediation advice, consolidating tools to reduce cost and duplication, providing intensive, research-backed threat results and putting all of your DevSecOps initiatives into a holistic approach from end to end. Fresh demos, unique threat and attack vector discoveries, major product announcements, and forward-looking capabilities will keep you at the crossroads of DevOps and software supply chain security.
16
10:30 AM
Coffee Break
TUE 10:30 AM - 10:45 AM
The swamp
17
10:45 AM
Keynote
Elevating Innovation: GitHub & JFrog Paving the Way Forward
Brian A. Randell
|
Staff Developer Advocate, GitHub
https://sessionize.com/image/a77e-400o400o1-HN1kQAu6nemmWAqCJPoomy.jpg
Brian A. Randell is a Staff Developer Advocate at GitHub where he works to ensure GitHub can help everyone deliver solutions faster and more securely. For more than 30 years, he has been building software solutions. As a Partner at MCW Technologies, he educated teams on Microsoft technologies via writing and training—both in-person and on-demand. He’s been a consultant for companies small and large, worldwide, including Fortune 100 companies like Microsoft. Brian is a passionate software craftsman who still enjoys coding as he helps teams to improve their processes from idea to release. He was a Microsoft MVP for 18 years and has co-authored books, written magazine articles, and more. When not working, Brian enjoys spending time with his wife, two children, dog, and extended family.
Yonatan Arbel
|
Developer Advocate, JFrog
https://sessionize.com/image/44e0-400o400o1-RonnPgTxX1X8RKzrQrw1ex.png
a software developer with rich experience spanning over 12 years. For the past 7.5 years, I have been a valuable member of the JFrog team, a prominent tech company. Over the years, I progressed through the organization and eventually found my place within the Infrastructure group.
I have a genuine passion for technology, which has been a guiding force throughout my 12-year career. My work at JFrog has included significant contributions to the development of the JFrog Platform.
My journey is a testament to my dedication and the opportunities that the tech industry offers to those who are eager to learn and grow. As a speaker, I am excited to share my experiences and insights with others in the tech community.
TUE 10:45 AM - 11:30 AM
Brazos Grand Ballroom
What happens when the leaders in code management and GenAI join forces with the binary management and software supply chain security experts? Join us to discover game-changing advances in the world’s top DevOps and DevSecOps platforms and how together, JFrog and GitHub are creating tectonic shifts in the development landscape.
18
11:35 AM
Keynote
Operationalizing genAI applications with DevOps practices
Patrick Debois
|
Founder of DevOps
https://sessionize.com/image/3c04-400o400o1-p7hsau7E9qsJGj2S52pHnf.jpg
Patrick Debois is a versatile technologist with a breadth of experience across Dev, Sec, and Ops. Known for his aptitude in harnessing emerging ideas , he skillfully guides teams and advises businesses ranging from startups to enterprises in their journey. Recognized as a trusted ally among dev, sec, ops communities, and beyond, he is currently immersing himself in the world of AI & Machine Learning continuously pushing the boundaries of his technical expertise.
While Patrick’s technical appetite is vast, his affinity for people is equally profound. He possesses the rare ability to bridge perspectives, effortlessly switching between management and individual contributor levels and roles. This unique experience has led him organising the first Devopsdays in 2009. He is attributed to coining the term DevOps and co-author of the widely known Devops Handbook. In the past Patrick has worked together with renowned tech organizations such as Atlassian and Snyk. He currently wears both hats of VP of Engineering and Distinguished Engineer at Showpad.
He thrives in sharing knowledge, organizing numerous community events, and presenting at many more. He believes in transforming his learnings into shareable lessons, using this feedback loop to hone his skills and broaden his perspectives. Through open sharing and lateral thinking, Patrick is not just enhancing his professional growth but also contributing significantly to the evolution of the field.
You can enjoy his past talks on his youtube channel https://www.youtube.com/@jedi4ever/videos. Or follow the firehose of learnings he shares on Twitter https://twitter.com/patrickdebois
TUE 11:35 AM - 12:10 PM
Brazos Grand Ballroom
How does this new world of genAI applications fit into the traditional SDLC?
In this fast paced talk we'll walk you through:
the components a typical genAI is made off and how versioning works
the challenges we face during testing to deal with its non deterministic nature
the new genAI infrastructure stack that is emerging
new security aspects you need to be aware of
how observability and end user feedback is vital as we can only see certain behaviors in prod
and how that all fits into platform engineering and the socio-technical aspect impact
To conclude, we reflect on the business implications of these advancements and their significance in the ever-evolving landscape of technology. Can't wait to share and can't wait to learn from your journey too!
19
12:15 PM
Lunch
TUE 12:15 PM - 1:15 PM
The swamp
20
1:20 PM
Session
JFrog Workers In Action
Ravit Shapira
|
Senior Product Manager, JFrog
https://sessionize.com/image/a501-400o400o1-GzeSVDqWc4bev2Bt157T4T.png
Ravit Shapira has 25 years of experience working in the high-tech industry. During her career, she has held various positions, including SW developer at Microsoft and a Product Manager at Amdocs. For the past 3 years, Ravit has been working at JFrog as a Platform Product Manager, leading various JFrog Cross Product Services, such as Access, Webhooks and Workers.
TUE 1:20 PM - 2:00 PM
Brazos E
JFrog Workers is a service in the JFrog Platform that provides a serverless execution environment.
You can create Workers that react to events in the JFrog Platform similar to AWS Lambda services.
Workers service provides more flexibility to accomplish your use cases. You can use these workers to perform certain tasks that extend the capabilities of the JFrog Platform according to your requirements.
In this session, we'll introduce the new JFrog Workers service of the JFrog Platform.
Through a series of use cases, we'll demonstrate a range of capabilities this service offers.
Our demos will focus on four main areas:
* Event-driven workflow automation
* Security
* Auditing
* Customize platform APIs
21
Session
Deciphering Artifactory Infrastructure: Optimizing Engineering Dependencies at Credit Karma
Amit Mishra
|
Engineering Manager, Credit Karma
https://sessionize.com/image/5267-400o400o1-NvVwqjJnMJB1bi5mNU1ooF.jpg
I am a technology leader with extensive hands on experience on various continuous integration tools, well versed with builds and deployment life cycle of software applications with in depth exposure to DevOPS practices. I have shared my knowledge at various platforms like technology conferences and meet ups.
TUE 1:20 PM - 2:00 PM
Brazos F
As Developers bear the responsibility of crafting and delivering top-tier products to propel company's critical initiatives, lets do a deep dive into Artifactory Infrastructure and how it plays a pivotal role in the daily operations, serving as a backbone in the development pipeline while maintaining the secure and scalable posture supporting across multiple regions/Data centers.
22
Session
Using AI to Improve Quality and to Write Better Software, Faster
Muktesh Mishra
|
A Curious Engineer | Explorer | Open Source Advocate💥
https://sessionize.com/image/8797-400o400o1-sHsfz1P52YDJk4H1FBHQEi.jpg
Muktesh is currently working as a Sr. Staff Software Engineer for Adobe. He is an open-source contributor to 20+ projects and enjoys programming in polyglot. Primarily he is more interested and contributes to Microservices, Cloud Computing, Containerization, Architectures, Reliability and Distributed Systems. However, lately his focus shifted on a lot of automation and machine learning as well. In his free time, he likes photography, solving coding challenges, learning from online resources and cooking. He is a conference junkie. He has attended and spoken in various conferences across the world (Java One (AKA Code One), GDG Conf, API World, InMemory Summit, API Strategy Conference, Docker Con, SwampUp, Open Source Summit to name a few). He is heavily involved in the development and teaching people in various communities (Apache Groups, OpenSource Forums, Docker Mentoring and Java User groups). He is also a CD Foundation Ambassador and started Sunnyvale Java User group and NorCal Java User group. In his own words,” I am a distinguished engineer, with ::: willingness to learn and curious to know::: attitude. I can code, cook, cheer and care. In short, “nothing special but passionately curious” is my jam”.
TUE 1:20 PM - 2:00 PM
Brazos G
How can we use Gen AI and ancillary tools to improve testing quality for K8 operators, CICD pipelines and take necessary actions. So developer can get just in time feedback and write better software faster with more confidence.
Through a series of code snippets and demos I will introduce the right balance of open source based tools to make developer. experience better.
Technologies: Argo, K8, Numa Proj, K8GPT, Kuttl
23
2:05 PM
Session
Monitoring Artifactory Through New Relic Like a Pro
Levani Khidisheli
|
Software Engineer, Capital One
https://sessionize.com/image/da26-400o400o1-3b6qE8r354kZtoCsf3KT9T.png
Levani has been working in the Delivery Experience, at Capital One for almost 2 years, working on maintaining the Artifactory Platform. Levani has worked on optimizing and improving CI/CD pipelines responsible for deploying Artifactory in production. Has worked on testing the resiliency of the Artifactory platform to ensure continuous availability of the platform.
Andre Dang
|
Associate Software Engineer, Capital One
https://sessionize.com/image/4902-400o400o1-MMakQiDvnebnqanCeq9JLV.jpg
Andre has been an Associate Software Engineer at Capital One for 1 year. He works in Delivery Experience, helping maintain the Artifactory platform at Capital One and working to continuously improve its resiliency and ease of use for developers. He is passionate about optimizing the processes required to maintain a platform, and optimizing the monitoring solutions required for troubleshooting. Through solving these operational issues, he has helped make our systems more reliable, and our troubleshooting easier. He has a user-centric view of problems and has worked to make Artifactory at Capital One a more robust application.
TUE 2:05 PM - 2:45 PM
Brazos E
The importance of detailed monitoring as we look to continuously use Artifactory to serve our developers cannot be understated. This is why we decided to use the New Relic-Jfrog Integration. The process of setting this up was not easy as there were a myriad of issues, as the process of authenticating into both systems had a lot of unforseen and hard-to-detect issues. We also needed to make sure not to disrupt existing systems. This session will go through the process of setting this integration up, the challenges we encountered, but also the use and importance of this tool because when things inevitably go wrong, detailed monitoring solutions help us resolve the issues faster.
24
Session
Diagnosing DevOps: Exploring Artifactory’s Binary Store Gems
Avishay Halpren
|
R&D Manager and Architect, JFrog
https://sessionize.com/image/5f68-400o400o1-YX2omkhN84MXXon7KEf7vy.png
Software Architect with over 20 years of experience as an architect & R&D manager. I have vast knowledge and understanding of the development needs, production HA and problem solving.
My all time movie series is "Back to the Future" and I believe that If you put your mind to it, you can accomplish anything.
Yonatan Arbel
|
Developer Advocate, JFrog
https://sessionize.com/image/44e0-400o400o1-RonnPgTxX1X8RKzrQrw1ex.png
a software developer with rich experience spanning over 12 years. For the past 7.5 years, I have been a valuable member of the JFrog team, a prominent tech company. Over the years, I progressed through the organization and eventually found my place within the Infrastructure group.
I have a genuine passion for technology, which has been a guiding force throughout my 12-year career. My work at JFrog has included significant contributions to the development of the JFrog Platform.
My journey is a testament to my dedication and the opportunities that the tech industry offers to those who are eager to learn and grow. As a speaker, I am excited to share my experiences and insights with others in the tech community.
TUE 2:05 PM - 2:45 PM
Brazos G
Join us to explore the Binary Store Architecture and much more. If you have never heard about the binary store before or just want to find the hidden gems of JFrog Artifactory join this session.
I would love to share with you my four years of experience as part of the development team, exploring tips and techniques to improve and monitor Artifactory service
Speaking about storage is a crucial aspect of software development. We'll discuss about Artifactory's binary store and show how we are managing heavy traffic and scalability. How it's possible to move from self-hosted to SaaS when we are talking about PB of data. We’ll also cover topics like internal caching layers, optimizing downloads with S3 and CDN redirects and addressing the AI-ML demands associated with uploading huge files via multipart support.
25
2:45 PM
Coffee Break
TUE 2:45 PM - 3:00 PM
The swamp
26
3:05 PM
Session
Kubernetes Security: A Multi-layer Approach
Abdel Sghiouar
|
Cloud Developer Advocate, Google
https://sessionize.com/image/138d-400o400o1-f5-e8b9-4b4b-a8e4-4f5c6c61158f.fc62390d-0d7e-4a29-b526-9806b570af55.jpg
Abdel Sghiouar is a senior Cloud Developer Advocate @Google Cloud. A co-host of the Kubernetes Podcast by Google and a CNCF Ambassador. His focused areas are GKE/Kubernetes, Service Mesh and Serverless. Abdel started his career in datacenters and infrastructure in Morocco where he is originally. Before moving to Google's largest EU datacenter in Belgium. Then in Sweden he joined Google Cloud Professional Services and spent 5 years working with Google Cloud customers on architecting and designing large scale distributed systems before turning to advocacy and community work.
TUE 3:05 PM - 3:45 PM
Brazos E
:K8s gained so much traction in the last couple of years and it become almost a defacto solution to run containerized applications.However it's a complex system that aims to abstract how containers are orchestrated from the developers and operators and if deployed without caution could have some serious security problems. Come listen to few practical approaches to secure a Kubernetes deployment.
27
Session
Open Platform for Enterprise AI
Arun Gupta
|
VP of Open Ecosystem Initiatives, Intel Corporation
https://sessionize.com/image/a54f-400o400o1-Xa5zKMDfjpNpuKVfHUjjNZ.png
Arun Gupta is vice president and general manager of Open Ecosystem Initiatives at Intel Corporation. He is an open source strategist, advocate, and practitioner for over two decades. He has taken companies such as Apple, Amazon, and Sun Microsystems through systemic changes to embrace open source principles, contribute and collaborate effectively.
As an elected chair of the Cloud Native Computing Foundation (CNCF) Governing Board, Arun works with CNCF leadership and member companies to grow cloud native ecosystem. He also participates in the Open Source Security Foundation (OpenSSF) and Linux Foundation Governing Boards. He has delivered technical talks in 45+ countries, authored multiple books, and is a Docker Captain, Java Champion, and Java User Group leader. He also founded the Devoxx4Kids chapter in the U.S. and continues to promote technology education among children.
TUE 3:05 PM - 3:45 PM
Brazos G
Enterprises face myriad challenges when it comes to developing and deploying Gen AI solutions. The development of new models, algorithms, fine-tuning techniques, detecting and resolving bias, and how we deploy large solutions at scale continues to evolve rapidly. There is a lack of standardized software tools and technologies to choose from. Additionally, enterprises want the flexibility to innovate rapidly, and extend the functionality to meet their business needs while ensuring the solution is secure and trustworthy. This talk introduces Open Platform for Enterprise AI (OPEA), a new project under LF AI & Data Foundation. The mission of OPEA is to create an open platform project that enables the creation of open, multi-provider, robust and composable GenAI solutions that harness the best innovation across the ecosystem. You will learn more about the mission, how the project is going to solve it, see reference RAG implementations in action, partners, roadmap and how you can join and contribute to this effort.
28
3:50 PM
Session
MLOps + DevOps + Kubernetes = ❤️
Annie Talvasto
|
CMO, VSHN | CNCF Ambassador | Azure MVP
https://sessionize.com/image/015d-400o400o1-M4qUyk65FH2wKbPVpkEaKv.jpg
Annie Talvasto is an award-winning international technology speaker and leader. She has spoken at over 60 technology conferences worldwide, including KubeCon + CloudNativeCon and Microsoft Build & Ignite. She has been recognized with the CNCF Ambassador and Azure MVP awards. Annie is the creator of TechCraft Show, where she and her guests talk tech while playing MineCraft (potentially) badly. She has co-organized the Kubernetes & CNCF Finland meetup since 2017. In the past, she has also served as a track chair for KubeCon + CloudNativeCon and has been hosting Cloud Native Live, a weekly livestream by CNCF, since 2021.
TUE 3:50 PM - 4:30 PM
Brazos E
Combining the power of DevOps, Kubernetes and MLOps brings scalability, reliability, and reproducibility to AI and ML workflows. In this session, we will explore how Kubernetes enables the orchestration of distributed AI training and inference pipelines, while MLOps practices ensure efficient model development, deployment, and monitoring. Join Annie to discover how this combination empowers organizations to unlock the full potential of generative AI while achieving seamless scalability and operational excellence.
29
Session
Sociotechnical Platform Engineering
Chris Corriere
|
Sociotechnological Mathematician
https://sessionize.com/image/5c2f-400o400o1-4cXDeaYBWyVBeTJ8QtZ6nh.jpg
Chris Corriere has been working with data, phones, networks and writing software for over 20 years. His background in mathematics and engineering has allowed him to adapt to new and industry specific technologies and provided many unique consulting opportunities. As a devOps practitioner Chris is committed to culture, automation, learning, sharing, and having a good time while getting work done.
TUE 3:50 PM - 4:30 PM
Brazos F
DevOps practices help reduce friction to production for technologists. Once an application has user traffic, user experience should become a priority, but at what cost?
This talk will connect human centered DevOps & SRE practices across a value stream to explore how platforms balance developer experience against production stability over time, and how process dependencies factor into overall platform success.
This talk will explore:
- How pipelines are value streams
- A general-purpose value stream map for platforms
- Dependency (wardley) maps for platform processes
- Aligning SLIs, SLOs, & SLAs across our platform VSM
- Establishing Error Budgets
- Chaos Engineering & Complexity Science
30
Session
From DevEx Disaster to Delight: How to Champion a DevEx Revolution in Your Organization
Jeremy Meiss
|
Developer Experience & Community Leader
https://sessionize.com/image/1f95-400o400o1-SMXXHoVnzy6h19Y4Cu54Ec.png
Jeremy is a seasoned Developer Experience and Community leader, formerly the Director of DevRel & Community at CircleCI, and previously at Solace, Auth0, and XDA. With almost 30 years in Tech, covering just about every functional area including support, system and database administration, application and web development, project management, program management, and systems analysis, Jeremy is active in the DevRel and DevOps communities, and is a co-creator of DevOpsPartyGames.com. A lover of all things coffee, community, open source, and tech, he’s a husband and father, and is also house-broken, and (generally) plays well with others.
TUE 3:50 PM - 4:30 PM
Brazos G
Is your development team drowning in a sea of bugs, clunky tools, and morale-sapping processes? Are you tired of hearing your developers utter phrases like "I hate this deployment process" and "This codebase is a crime against humanity"? Well, fret no more! This talk will be your hilarious and informative guide to transforming your organization's Developer Experience (DevEx) from a disaster zone to a developer utopia.
We'll delve into the what, why, and how of DevEx, exploring practical strategies you can implement to make your developers' lives easier and more productive. We'll cover everything from tooling and automation to fostering a culture of collaboration and feedback. By the end of this talk, you'll be armed with the knowledge and practical tips to become a DevEx champion in your organization, all while avoiding the wrath of your CTO (hopefully).
So buckle up, grab your favorite stress ball (you might need it), and get ready to learn how to turn your developer frowns upside down!
31
4:35 PM
Session
Data Ethics: How to Avoid Tech Horror Stories and U.S. Senate Hearings
Nyah Macklin
|
Developer Relations | Keynote Speaker | Community Builder
https://sessionize.com/image/e40c-400o400o1-rs3tG1tT8128yZt4C7F2Yf.jpg
Nyah Macklin is a Senior Developer Advocate who cares deeply about the ethical use of data, data privacy & security, and ethical artificial intelligence. Nyah has a non-traditional engineering background, with a degree in African & Afro-American Studies and a career in civil service and community organizing. This background gave them the expertise to decipher the ways systems within tech perpetuate the exclusion of historically underrepresented communities, and implement policies to counteract that fact. Nyah cares about making technology and software accessible to as many communities as possible. Find them on Twitter: @NyahMacklinDev
TUE 4:35 PM - 5:15 PM
Brazos E
Has your engineering team ever talked about ethics during the development process? Don't be ashamed, we didn't either. As software engineers, it's not our problem right? I get it. Let me take you through "story time" where we will dissect tech horror stories that could have been solved by centering ethics in the software development life cycle. Today, you'll come away with tangible tools and frameworks to implement into your engineering team's sprint to ensure ethical data handling, and avoid becoming the next tech company sitting in front of the U.S. Senate.
32
5:15 PM
Booth Crawl / Happy Hour
TUE 5:15 PM - 6:30 PM
The swamp
33
6:30 PM
Community Gala Dinner
TUE 6:30 PM - 10:00 PM
Brazos Grand Ballroom
34
7:30 AM
Registration
WED 7:30 AM - 8:30 AM
The swamp
35
8:30 AM
Keynote
Opening Keynote
Micheline Nijmeh
|
CMO, JFrog
https://sessionize.com/image/2199-400o400o1-Pg1HQVYzvXEVKQMQSGHhCa.png
Micheline is the Chief Marketing Officer at JFrog. She’s a transformational leader who brings over 20 years of technology Marketing experience leading and implementing successful global marketing strategies at high-growth software companies. She loves technology that just works and makes life easier.
WED 8:30 AM - 8:35 AM
Brazos Grand Ballroom
36
8:35 AM
Keynote
Responsible AI: Policy Solutions for DevSecOps
Victoria A. Espinel
|
CEO, BSA
https://sessionize.com/image/085d-400o400o1-X5iyY9DNjgEcCawH7dCpQH.jpg
As CEO of BSA | The Software Alliance, Victoria has significantly expanded the organization's global influence, establishing it as a leader for enterprise software companies on key issues such as artificial intelligence, privacy, cybersecurity, and digital trade. She initiated the Digital Transformation Network and the Global Data Alliance to enhance BSA’s partnerships with various industry sectors worldwide. Victoria also founded Software.org, a nonprofit that educates policymakers and the public about the software industry's impact and career opportunities. Additionally, she serves on President Biden’s National Artificial Intelligence Advisory Committee and has held prominent roles with the President’s USTR Advisory Committee for Trade Policy and Negotiations, the World Economic Forum, and the Council on Foreign Relations.
Victoria has testified before the US Congress and the European Parliament over a dozen times and frequently speaks on AI, cybersecurity, and STEM education to various organizations and institutions. Her insights have been featured in major media outlets such as the New York Times, Washington Post, and NPR. Recognized as one of Washingtonian magazine's “Most Influential People” and a “Tech Titan,” she has a distinguished career in public service, including roles as the first White House “IP Czar” and the chief US trade negotiator for intellectual property under the Bush Administration. Victoria holds advanced degrees from the London School of Economics and Georgetown University and serves on the board of Girls Who Code and ChIPs. She also owns the award-winning restaurant Jewel of the South in New Orleans.
WED 8:35 AM - 9:15 AM
Brazos Grand Ballroom
Artificial intelligence (AI) is revolutionizing problem-solving and innovation in DevSecOps. Leveraging AI responsibly is essential for building secure, trustworthy systems. Governments are crafting policies to ensure AI's benefits while mitigating risks. BSA’s Policy Solutions for Building Responsible AI provides a framework to achieve these goals, focusing on governance, innovation, and transparency.
37
9:15 AM
Keynote
Building the Bridge Between DevOps and MLOps in a GenAI world
Luke Marsden
|
CEO, Helix.ml
https://sessionize.com/image/08da-400o400o1-L3xYt6nUV54vqpJ1fmGXrt.jpg
Hacker and entrepreneur, Luke works at the intersection of DevOps and ML; building out end-to-end MLOps capabilities across enterprises, fine-tuning LLMs and enabling GenAI capabilities. Previously helped launch Docker plugins and co-authored kubeadm for K8s.
WED 9:15 AM - 9:55 AM
Brazos Grand Ballroom
DevOps and MLOps intersect in ways never before considered in today’s AI-driven reality. With expertise in DevOps, MLOps, LLMs, Kubernetes, Docker and more, Luke Marsden will explore how to build bridges, adopt best practices, and pitfalls to avoid as we all strive to make AI really work.
38
9:55 AM
Keynote
JPMorganChase: Mastering DevOps at Scale
Gopinath Gopalsamy
|
Managing Director, JP Morgan Chase
https://sessionize.com/image/8d0b-400o400o1-RPx2dQyAUa7sQ7WBZ1ovdk.png
WED 9:55 AM - 10:25 AM
Brazos Grand Ballroom
With an unprecedented number of artifacts generated monthly, the scale of one of the world's largest digital organizations is unmatched. Join JPMC's Executive Director Gopi Gopalsamy to get a peek inside the pipelines of one of the world's most influential organizations.
39
10:30 AM
Coffee Break
WED 10:30 AM - 10:45 AM
The swamp
40
10:50 AM
Session
Give Your LLMs a Left Brain
Stephen Chin
|
VP of Developer Relations, Neo4j
https://sessionize.com/image/bb41-400o400o1-EHvMKwbfP43RYxL9qJMwGv.jpg
Stephen Chin is VP of Developer Relations at Neo4j and author of The Definitive Guide to Modern Client Development, Raspberry Pi with Java, Pro JavaFX Platform, and the DevOps Tools for Java Developers title from O'Reilly. He has keynoted numerous conferences around the world including Devoxx, DevNexus, JNation, JavaOne, Joker, swampUP, and Open Source India. Stephen is an avid motorcyclist who has done evangelism tours in Europe, Japan, and Brazil, interviewing hackers in their natural habitat. When he is not traveling, he enjoys teaching kids how to do AI, embedded, and robot programming together with his daughters.
WED 10:50 AM - 11:30 AM
Brazos E
The human brain is divided into two hemispheres, each of which specializes in different types of tasks. Your right brain excels at imagination, intuition, art, rhythm, feelings, and dreams. Meanwhile, the left brain is more analytical and focused on logic, sequencing, linear thinking, and mathematics. Like a human brain, generative AI excels at certain tasks, especially those related to right-brain creative activities. However, the absence of relevant and up-to-date information produces confusing hallucinations that are not grounded in reality.
This presentation will explore how knowledge graphs built with factual and updated information can complement LLMs via retrieval augment generation (RAG) to produce more reliable results. I will show a demonstration of a knowledge graph built off of Artifactory dependency information that can be queried in natural language using ChatGPT.
41
Session
Full-spectrum Security: Discover the Impact of Runtime Discoveries Across Your Pipeline
Harel Avissar
|
Director of Product, JFrog
https://sessionize.com/image/427a-400o400o1-pXHrg6G4FThXiaM4vMMPJf.png
Harel Avissar is Director of Product at JFrog, working on the next leaps in DevSecOps and particularly on how the JFrog Platform arms developers with the information and knowledge they need to build software they can trust. With over 15 years of Cyber Security and Leadership background Harel has hands on experience with the security of the software supply chain looking at each link and end to end.
WED 10:50 AM - 11:30 AM
Brazos F
Finding vulnerabilities in code is valuable. With binary scanning, expert security team remediation, and applicability advice, your pipelines are even more secure. Now it’s time to take your security posture from one end to the other, as we explore how to practically weave in runtime discoveries into your pipeline processes and create a seamless, end-to-end experience - now reaching into production! - with full visibility, traceability and evidence provided in a powerful, unified platform. In this session we will show how to verify the integrity of your production images, how to prioritize remediation based on running status and how the JFrog platform can help close the window of exposure fast by identifying the image owner. Harel will provide demonstrations, helpful tips, and real-world applications for JFrog’s newest security family member.
42
Session
Verifying Artifacts and CVEs at the Change Boundary
Bryan Oliver
|
Principal Architect, Thoughtworks | K8s Sig Network Member/Contributor
https://sessionize.com/image/f5d4-400o400o1-aWokjCm7AHSJRMWxQm9BYY.jpg
Bryan is an experienced engineer and leader who designs and builds complex distributed systems. He has spent his career developing mobile and back-end systems whilst building autonomous teams. More recently he has been focused on delivery and cloud native at Thoughtworks. In his free time he plays ice hockey and goes trail running, and tries to break into the champion rank in rocket league. https://olivercodes.com
WED 10:50 AM - 11:30 AM
Brazos G
At Thoughtworks, we talk a lot about Compliance at the Point of Change. To simplify, the core of this concept is we give developers freedom by moving all compliance checks to the admission controllers of the deployment platform. This allows devs to completely own the pipelines, and they are responsible for meeting the admission controller requirements on deployment.
In this talk, we'll look at how to write admission controllers that block deployments when an application has an invalid SBOM or high severity CVE in it's packages.
44
Session
How a Unicorn Migrated From an In-House Solution to Helm
Mey Beisaron
|
Senior Platform Engineer, Forter
https://sessionize.com/image/6adb-400o400o1-aHW9hpCg7EKnor4vLG5CPu.jpg
Mey is a Senior Platform Engineer and a public speaker who brings Star Wars geekery to everything she does. As a Backend Developer, Mey has developed in multiple programming languages, including Nodejs, Java, Python, Groovy, and her favorite, Clojure. Today Mey is a senior platform engineer at Forter, leading the complex migration of 400+ services to Kubernetes.
When she is not spending her weekends coding games or speaking at tech conferences, she experiments with algorithms or playing Super Mario Bros on the Nintendo Switch.
May the force be with you.
WED 11:35 AM - 12:15 PM
Brazos F
Creating your first Helm Chart is one thing, but migrating 400+ services - all relying on an existing solution - is a whole different story.
This is the point where "Helm 101" tutorials become irrelevant.
In this talk we will go through our unique Helm charts architecture, integrating Helm with existing systems and, finally, deployment to production. By the end of this talk you will learn a practical technique to leverage Helm while taking into consideration existing systems and boosting dev velocity in the process.
45
Session
Demystifying Platform Engineering and IDP (Internal Developer Platform)
Bill Manning
|
Solution Architect, JFrog
https://sessionize.com/image/d5e5-400o400o1-J5h4DoN6vMc6mRYpjipSXJ.jpg
William is a Solutions Engineering Manager with JFrog. He is also a mentor with TechStars (Nike Incubator), Matter, and NestGSV. He has successfully exited 3 companies and took one public in Australia. He also currently helping various startups as an advisor. In his spare time, he likes to travel with his wife and two boys. He also plays guitar, loves gadgets & IOT, lives for the beach, rides skateboards, and is an avid cyclist.
WED 11:35 AM - 12:15 PM
Brazos G
Platform Engineering is the hottest trend (besides AI, of course!) today. Many companies are looking at Platform Engineering to reduce tool sprawl, reduce cost, and consolidate. See why the JFrog Platform is the ultimate base for building your Internal Developer Platform.
46
12:15 PM
Lunch
WED 12:15 PM - 1:15 PM
The swamp
47
1:20 PM
Session
The Old, the New, and the Strange: Securing Deep Learning in 2024
Patrick Smyth
|
Staff Developer Relations Engineer, Chainguard
https://sessionize.com/image/b44a-400o400o1-L1sUA29c48cYdWHrd5DYcE.jpg
Dr. Patrick Smyth is Staff Developer Relations Engineer at Chainguard, where he shows developers how to deploy AI and other applications with 0 CVEs using Chainguard Images. Patrick has a PhD in the digital humanities and in a previous life led technical bootcamps for researchers at Columbia University. In his free time you can find Patrick swimming in a frozen lake or hanging out with his six-month-old baby.
WED 1:20 PM - 2:00 PM
Brazos E
Data poisoning. Input manipulation. Model inversion. As companies race to incorporate deep learning into production applications, we've been introduced to exciting new threats, among them exotic prompt jailbreaks and even the feared dirty pickle attack.
However, how much is totally new under the sun, and how much have we seen before? What can we learn from prior cycles of threat and mitigation in the software industry that can be applied to this new ML landscape?
In this talk, we'll approach new threats in deep learning by comparing the deployment of ML models to the deployment of conventional software artifacts. We'll take a tour of some of the stranger attack vectors for AI applications to determine which conventional mitigations will work in the world of models and which threat vectors are truly new, requiring new approaches. We'll also demo Chainguard's approach to deep learning infrastructure and model security, with particular attention to AI image bloat and upstream attacks. And, yes, we'll give you some tips on dealing with the dreaded dirty pickle.
48
Session
Mastering Supply Chain Security: Continuous Delivery is Essential
Dana Rozen
|
SecOps Engineer, JFrog
https://sessionize.com/image/d25b-400o400o1-VvCrKx5fwCa8vmpGw2q2Hn.jpg
Dana Rozen is a security engineer with vast experience in cloud monitoring, automation and incident response . In her current position, Dana is part of JFrog’s SecOps team. Prior to JFrog, Dana was at Wix specializing in security monitoring, incident response, threat intelligence and automations. Fun fact about Dana - She recently completed a 12 months culinary course specializing in Konditorei.
Batel Zohar
|
Developer Advocate, JFrog
https://sessionize.com/image/5b92-400o400o1-XnFSTRwYTbheEgJ2dufY9T.jpg
Batel Zohar is a Developer Advocate for JFrog and has a background in DevOps support engineering, web development, and embedded software engineering. Prior to this, Batel served as an Enterprise Solutions Lead on a dedicated team that accompanies and assists large customers through the architectural implementation of the JFrog platform. She loves her dogs, plays guitar, and is a fan of Marvel’s movies
WED 1:20 PM - 2:00 PM
Brazos F
Continuous Delivery is essential in today's world and protecting our data from hackers and malicious code is crucial. The first step is understanding that this is now a core function of development and can not be overlooked when deploying to production. In this session we are going to discuss how to protect your data at its core, some simple steps you can employ today and some more complicated processes that will shield your data from bad actors. We will profile attackers and what they are looking to gain access to, show you where to look to find unprotected sensitive data, we will also address key points such as the lack of security org-level policies, lack of Business Continuity Planning (BCP) & Ransom protection, lack of Least Privilege Principle, lack of Security Auditing, and lack of Resource Management for unused resources, emphasizing the importance of addressing these gaps to fortify your data protection strategies.
49
Session
C/C++ DevOps at Scale: Compliance & Efficiency in C/C++ Projects with Conan 2 & Artifactory
Diego Rodriguez-Losada Gonzalez
|
Lead Architect, JFrog | Conan Co-founder
https://sessionize.com/image/7ae2-400o400o1-axoJLoJgjsq6v3Gb1iqVsq.jpg
Diego's passions are robotics and SW engineering and development. He has developed many years in C and C++ in the Industrial, Robotics and AI fields. He was also a University (tenure track) professor and robotics researcher for 8 years, till 2012, when he quit academia to try to build a C/C++ dependency manager and co-founded a startup. Since then he mostly develops in Python. He is Conan C/C++ package manager co-creator and maintainer, now working at JFrog as Conan lead and C/C++ advocate.
Luis Caro Campos
|
SW Tech Lead (Conan), JFrog
https://sessionize.com/image/39cf-400o400o1-hgxvcYJUqvfhih6XAt21te.jpg
Luis is an Electronics and Computer Engineer, currently working a R&D Team Lead in the Conan Team at JFrog. He started his journey with C++ in university doing research in the field of Computer Vision. Since 2015 he has been based in the UK and has worked in the field of 3D Scanning, and more recently in the field of Robotics (Autonomous Driving) at Oxbotica, before joining the Conan team at JFrog in 2022.
Over the years, Luis has become concerned with the problem of enabling C++ Software Development at scale, working on the tooling and processes that enable large teams of C++ developers to focus on writing code.
WED 1:20 PM - 2:00 PM
Brazos G
C and C++ languages are the backbone of modern software infrastructure. From automotive, embedded, finance, robotics, AI and ML, space, OSs, cloud, etc, rely on C and C++. Projects in these languages can grow to have many millions of lines of code, and due to its compilation model, building them typically requires a lot of time, effort and resources. Achieving reproducible builds and managing dependencies is a very challenging task.
Furthermore, the binary model for native binaries is very complex, traditionally organizations have relied on custom home-made solutions that take a lot of time to develop, maintain and support. Making these custom solutions to manage binaries efficiently is complicated, so traditionally organizations have relied on re-building from source over and over, wasting CI time and resources and now allowing them to implement modern devops practices.
With Conan C/C++ package manager and Artifactory, it is possible to define a CI pipeline that can work efficiently at scale, saving lots of time in unnecessary rebuilds from sources and implementing and allowing good devops practices, from package immutability, dependencies reproducibility and traceability and many more.
Conan 2 also brings a whole new set of tools for compliance and security: automatic backup of sources downloaded from open source repositories for reproducible builds, storing metadata files for build logs, tests, coverage, etc, package signing, creation of SBOMs, and many more. Conan 2 enterprise-ready extensibility with custom commands, public Python APIs, better configuration management allows easy implementation and integration of organization policies.
50
2:05 PM
Session
Teledyne Controls’ Cloud Journey: Migrating from Self-Hosted to JFrog SaaS
Aiden Jang
|
DevOps Engineer, Teledyne
https://sessionize.com/image/1fde-400o400o1-7DkrttAf7Xneb9gMBHsU4X.png
My name is Aiden Jang, an experienced DevOps professional at Teledyne Controls, with a focus on cloud migration and DevOps practice. Recently, I successfully led a migration to JFrog Artifactory, optimizing artifact management in our cloud infrastructure. At Teledyne Controls, I'm dedicated to leveraging technology for innovation and efficiency, bridging development and operations to accelerate software delivery.
WED 2:05 PM - 2:45 PM
Brazos E
In this session, I would like to present my triumphs of migrating to the Cloud Artifactory. Drawing from firsthand experience, I will share insights, strategies, and practical tips garnered from our cloud migration to JFrog Artifactory.
We'll explore the foundational motivations behind our decision to migrate, examining the advantages and challenges encountered throughout the process.
Therefore, we hope that the viewers/visitors who are interested in the JFrog Cloud migration will gain valuable perspectives on the key steps, tools, and methodologies.
51
Session
Trustworthiness-centric Software Supply Chain Security: Regulations, Requirements & Solutions
Xin Qiu
|
Sr. Director, CommScope Security Solutions
https://sessionize.com/image/d856-400o400o1-DFrKkfv3jSRjKCvJhX7boh.jpg
Dr. Xin Qiu, with over 25 years of experience in Public Key Infrastructure (PKI) and device security, serves as Sr. Director at CommScope PKI Center. Leading a diverse team in product marketing, R&D, secure operations, she collaborates with global device manufacturers and network operators. With a portfolio of 80+ patents, Dr. Qiu is recognized as the mastermind behind the success of CommScope’s PKI and security service offerings for large-scale customer-focused deliverables and deployments. She was appointed as a Motorola Science Advisory Board Associate for her creative and innovative technical contributions in enabling cryptographic techniques and PKI for millions of devices. Her patent for the DFAST cryptographic technology was widely adopted and utilized in the CableCard Copy Protection standard, playing a key role in combating piracy within the cable industry. Furthermore, she was one of the primary designers for the security of the Emmy-award-winning MediaCipher Conditional Access System.
WED 2:05 PM - 2:45 PM
Brazos F
Ensuring the trustworthiness of software is pivotal in maintaining software supply chain security. While integrity and image signing are important, they alone may not meet the evolving security regulations and requirements. Increasingly, software trustworthiness, validated through trust authority attestation with supporting evidence, is becoming essential. In this session, we will explore emerging government regulations, industry demands, and the solutions being developed through the collaboration between JFrog and CommScope. We will illustrate how we enhance "JFrog Insight & Mission Control Security solutions" by introducing an additional dimension: CommScope Security Assurance Framework (SAF) for Software Trustworthiness.
52
2:45 PM
Show Closing at Expo
WED 2:45 PM - 3:30 PM
The swamp
