AGENDA

The Annual DevOps, DevSecOps, MLOps User Conference

Prepare for the next wave of innovation with expert content from

DevOps, DevSecOps and MLOps industry leaders.
September 9-11, 2024
Training Day
September 9th
Conference Day 1
September 10th
Conference Day 2
September 11th

1

7:30 AM
Registration
MON 7:30 AM - 9:00 AM
The swamp

2

8:30 AM
Full Day
DevSecOps Workshop: Secure your Software Supply Chain (Code to Runtime)
Rakesh Krishna | Senior Solutions Engineer, JFrog https://sessionize.com/image/37f1-400o400o1-ENsQ64JpzYNZP8Cf7YfA4u.jpg Experience in development, security and license compliance areas
MON 8:30 AM - 4:30 PM
Colorado Room
Add to calendar
End-to-end supply chain security requires vigilance. This starts before the developer calls an external package, through proprietary code development, code compiling, interim builds, and the pipeline to release and distribution, all the way to production and after deployment. In this training, we’ll identify a typical Enterprise Software Supply chain and its risk for attack. We’ll also discuss ways to enable end-to-end vigilance for software supply chain risk management. By the end of this training, you should be able to: - Understand what software supply chain is, what it is made of and how to secure it end to end. This includes securing Open Source components, Configurations and IaC. - How to gain visibility into the dependencies being used, packages being developed and gate keeping them based on vulnerabilities , license compliance and operational risk to ensure safety. - Learn various tools that the JFrog Software Supply Chain security platform offers and how to onboard them.

3

Morning
JFrog Platform Essentials: Manage, Automate & Protect Your Software Supply Chain Like a Pro
Jacob Kelly | Sr. Solution Engineer, JFrog https://sessionize.com/image/849f-400o400o1-TXfS6weHU9diTGXtUNoVsJ.jpg Jacob Kelly s a Solutions Engineer at JFrog based in Nashville, TN. He has a Bachlors in Computer Science from ETSU. He is a technical leader who has over 10 years of software development, SRE, and DevOps experience starting with hands-on development to global leadership roles for large Enterprises. At JFrog, he enjoys helping customers with creative and innovative soutions to solve their DevOps-related problems. He spends his spare time with his wife playing card games, and loves Rock Climbing and hiking.
Erik Adelson | Senior Solution Engineer, JFrog https://sessionize.com/image/abcd-400o400o1-Ktsv1CmcuUk4uA2BD9RM3k.png Erik is a Solutions Engineer @ JFrog. He has been working in computing infrastructure for the past 20+ years most recently focused on Edge Computing. He is passionate about computing ranging from Raspberry PIs, gadgets of all sorts, and is a collector of vintage PCs.
MON 8:30 AM - 12:00 PM
San Jacinto Room
Add to calendar
This training is designed to empower you and your organization on your DevSecOps journey by providing you with the essential knowledge and skills to improve the efficiency of your software supply chain. You’ll be exposed to configure repositories, store OSS and custom artifacts using popular CI servers, scan stored artifacts, and automate CD pipelines using REST API, JFrog CLI, and JFrog AQL. Included are strategies to secure artifacts in various phases of SDLC, advance your DevSecOps journey with JFrog Xray, and integrate with JFrog Ecosystem tools to “Shift Left”. By the end of this training, you should be able to: - Configure repositories - Store OSS and customized artifacts using popular CI servers - Scan stored artifacts - Automate CD pipelines - Leverage REST API, JFrog CLI, and JFrog AQL to streamline your processes We’ll explore the security features that will equip you with: - Strategies to secure artifacts at different stages of the software development lifecycle (SDLC) - Tools to "Shift Left" - Proactively address security concerns Who should attend: DevOps, Automation, MLOps, and SRE engineers. It's also highly beneficial for security engineers who are looking to strengthen their software supply chain security using the JFrog Platform.

4

Morning
"MLOps for DevOps Engineers: Building an End-to-End MLOps workflow with your JFrog platform"
Zohar Sacks | Senior Director of Product, JFrog https://sessionize.com/image/9ffa-400o400o1-wEaZpyBsfCotSgJnouNoZT.png Zohar Sacks, Senior Director of Product at JFrog, brings over 20 years of experience in distributed systems, Cloud, SaaS, PaaS, IaaS, MLOps and MLSecOps Before joining JFrog, Zohar was the VP of R&D of Zesty, an AI-powered Cloud Cost Optimization startup. Zohar was also CTO/Co-Founder of Disco, a revolutionary distributed computing startup serving distributed computing tools to the AI/ML market and beyond.
MON 8:30 AM - 12:00 PM
Trinity Room
Add to calendar
The race to unlock the power of Machine Learning (ML) is on, but managing the ML lifecycle – from data to deployment – can be a complex hurdle. Break through these barriers with the JFrog Platform, your end-to-end platform for secure and efficient MLOps. This half-day course will empower you to: - Understand how the JFrog Platform streamlines your entire ML workflow - Build Security into Your AI & MLOps DNA - Manage ML Artifacts with Confidence - Deploy your models efficiently & securely into production environments - Gain insights into strategies for monitoring model performance and data drift for continuous improvement

5

Morning
DevOps at Scale: Multisites: How to Design an Enterprise Ready Architecture
Maharshi Patel | DevOps Acceleration Engineer, JFrog https://sessionize.com/image/632a-400o400o1-31751a85-b2e4-4e27-a4f4-f8a4a51dce7b.jpg Maharshi is an Engineer on the DevOps Acceleration Team at JFrog. Maharshi has around 12+ years of experience working across all the phases of SDLC process building web/mobile, infrastructure services. In his free time, he likes to play sports, hike, and travel.
Shubha Gururaja Rao | Senior Solutions Engineer, JFrog https://sessionize.com/image/e1f0-400o400o1-HD5f7AZdcbBxRCR8iuP19k.jpg Shubha is a Director of Solutions Engineering with JFrog. With more than a decade of experience working on different technologies and verticals, she is passionate about helping customers achieve the best. Prior to JFrog, she was a Solutions Architect helping some of the largest customers build their end to end IoT Products. Having been trained in Indian classical Dance and Music, she loves to teach music to kids in her spare time. On the weekends, she is also a volunteer teacher at an Indian language school.
MON 8:30 AM - 12:00 PM
Llano Room
Add to calendar
In today's globalized business landscape, managing software delivery across geographically distributed teams while ensuring data integrity & business continuity presents significant challenges. This training empowers you to overcome these hurdles by leveraging the power of JFrog. We'll focus & implement hands-on intriguing real-life use cases such as Disaster Recovery (DR), Robust Data Federation, Distribution Strategies, Local Binary Availability, Centralized Access Control & Secure Architecture Design & others. By the end of this training, you should be able to: - Design and implement secure and scalable architectures for enterprise-scale deployments, fostering collaboration and efficiency. - Utilize JFrog's capabilities to build robust DR plans and ensure data integrity, promoting business continuity and minimizing downtime risks.

6

12:00 PM
Training Day Lunch
MON 12:00 PM - 1:00 PM
The swamp

7

1:00 PM
Afternoon
Foundations of DevSecOps - Avoiding Software Supply Chain Attacks
Kushal Madireddy | Senior Solutions Engineer, JFrog https://sessionize.com/image/f9da-400o400o1-RmigPrz1yWwDtam5gJ2VbP.jpg Before joining JFrog in 2022, Kushal was a Software Architect with Product Owner experience for more than a decade. Having played pivotal roles in establishing best practices using JFrog Platform, he brings in a unique perspective to help customers unlock the true potential of Dev-Sec-ML Ops within their organization. He’s a conference speaker, home DIYer (Austin, TX native), gadget enthusiast and enjoys automating things with the push of a button.
Jimmy Caldwell | Strategic Solution Architect, JFrog https://sessionize.com/image/3205-400o400o1-Hzqivksryo9DQsryJfQTUk.jpg Jimmy Caldwell is a Strategic Solutions Architect at JFrog. Being a developer turned architect, Jimmy has extensive experience both as a creator of software as well as an administrator of software policies to secure the SDLC. When he is not helping large enterprises with their SDLC, he is usually planning his next travel destination.
MON 1:00 PM - 4:30 PM
San Jacinto Room
Add to calendar
Securing your software supply chain is an increasingly complex problem with evolving attack methods and a mix of security point solutions. It’s easy to end up with blind spots and gaps across your supply chain. This training will focus on how JFrog Security can help with DevSecOps, how it integrates with the JFrog Platform to secure builds and artifacts, and how to create different policies for different stages of the CI/CD process. By the end of this training, you should be able to: - Understand the impact of these components on production system quality, performance, and architectural changes - How to use Xray’s integration with IDEs and CI Servers to reduce risk, speed up development, and ensure reliability in production - Identify container security, why it’s different, and how to streamline security and governance for cloud-native apps - Roll out security best practices throughout their organization

8

Afternoon
End-to-End Release Lifecycle Management: Streamline Your RLM Workflow
Selva Sabapathy | Solutions Architect, JFrog https://sessionize.com/image/03a2-400o400o1-hCc1f38V3eXNo9ztAea8uB.jpg Started as a Software Engineer, Selva spent the past 2 decades in distributed enterprise application and devops architectures. Currently partnering with Enterprise customers in their DevSecOps journey as a trusted advisor.
MON 1:00 PM - 4:30 PM
Trinity Room
Add to calendar
The tracking of the software maturing process consistency from dev to production is becoming crucial for all software organizations, the JFrog Release Lifecycle Management initiative introduces a new comprehensive approach to meet this goal. In this training, you will gain practical knowledge on how to successfully implement this approach using the JFrog Platform. By the end of this training, you should be able to: - Understand how the JFrog Platform streamlines your entire RLM workflow. - Integrate your RLM with Xray and Distribution ensuring Security & Compliance throughout your SW Supply Chain - Instantly gain insights on your RLM by using JFrog's Platform RLM Kanban view and audit timeline - Design for Enterprise: learn hands-on, how to scale your architecture by integrating JFrog RLM with JFrog Projects and JFrog Federation capabilities

9

Afternoon
Software Supply Chain Platform Automation: Create, Distribute, and Automate at Scale
Anantha Kalusivalingam | Solutions Architect, JFrog https://sessionize.com/image/d688-400o400o1-KpEcZMdNkGZ78BjWG1irC8.jpg Industry experience which spans multiple decades. Work closely with customer's leadership team to understand the business goals and architect strategic, long term DevSecOps process to meet the customer's needs
Roshan Kadasani | Senior Solutions Engineer, JFrog https://sessionize.com/image/9e4f-400o400o1-TGJwVTqftAkCMtRcNNTHCZ.jpg Experienced DevSecOps enthusiast and a strong advocate of cloud-native technologies and robust automation that drive enterprises to deliver highly scalable and resilient solutions at a large scale.
MON 1:00 PM - 4:30 PM
Llano Room
Add to calendar
Whether you're a platform administrator, developer, or part of a security team, this hands-on training empowers you with the knowledge and tools to streamline your workflows. You’ll discover best practices followed by enterprise organizations to secure their software supply chain through automation. During this interactive session, you'll learn to: - Leverage the power of REST API, JFrog CLI, or Terraform provider to automate various processes in Artifactory, Xray, and Distribution - Optimize your operations, from configuring repositories and role-based mechanisms to integrating Artifactory with build servers and pushing artifacts to higher environments - Create policies for security, licensing, and operations - Scan artifacts and builds - Generate comprehensive reports on vulnerabilities, compliance, and operational risks By the end of this training, you'll have the skills to: - Create release bundles in JFrog Distribution and distribute them as immutable objects to the edge - Empower JFrog platform administrators to efficiently manage platform configurations through automation processes - Enable developers to seamlessly pull OSS artifacts from the JFrog platform and address vulnerabilities or compliance risks during the development phase - Equip security teams with the ability to create automated processes based on specific criteria and generate insightful reports on vulnerabilities, compliance, and SBOM.

10

4:30 PM
Welcome Reception
MON 4:30 PM - 6:00 PM
The swamp

11

7:30 AM
Registration
TUE 7:30 AM - 8:45 AM
The swamp

12

8:45 AM
Keynote
EveryOps Matters
Shlomi Ben Haim | CEO & Co-founder, JFrog https://sessionize.com/image/0e22-400o400o1-smB72VYUetSN5E1uhkvENB.jpg Shlomi is CEO and co-founder of JFrog, creators of the universal DevOps platform. He brings over 20 years of experience in building profitable, high-growth information technology companies. Prior to JFrog, Shlomi was the CEO of AlphaCSP (acquired in 2005 by MalamTeam) and was a Major in the Israeli Air Force. Shlomi holds an MS from Clark University (Massachusetts) and a BA from Ben-Gurion University (Israel).
TUE 8:45 AM - 9:15 AM
Brazos Grand Ballroom
Add to calendar
Developers used to code. Now they manage, import, secure, build, package, deliver and monitor… the list of every “Ops” is ever-growing. As if this wasn’t enough, they are now being asked by the C-suite to work with data science and machine learning teams in a gold rush of AI and ML-enabled application delivery. In our annual swampUP kickoff, join JFrog Co-founder and CEO Shlomi Ben Haim - alongside a special guest - as we explore how developers may still start with code and CI, but are increasingly asked to hold the reins of EveryOps; building, securing and delivering alongside the machines and systems they created.

13

9:15 AM
Keynote
JFrog Platform Innovation: Reloading Development Teams
Yoav Landman | CTO & Co-founder, JFrog https://sessionize.com/image/d761-400o400o1-NduZbWwQ2MW1vdqL3kEAWV.jpg Yoav is a devout engineer, the creator of Artifactory, and a Co-founder and Chief Technology Officer of JFrog. With over 20 years of experience as a Software Architect of enterprise applications, he plays a significant role in the evolution of DevOps. In 2006, Yoav created Artifactory as an open source project paving the way for the software community to a new domain of managing binaries. Prior to JFrog, Yoav created many production solutions as a consultant in the fields of Continuous Integration and Distributed Systems. He is also an accredited speaker and a Java Rockstar.
TUE 9:15 AM - 9:40 AM
Brazos Grand Ballroom
Add to calendar
Enterprises are increasingly focused on end-to-end visibility and governance of the entire software supply chain in order to meet development team goals, security requirements and compliance needs. As efficiency across the software lifecycle becomes an issue, customers tell us that tooling consolidation via holistic platforms is the path for many companies. Join this annual, landmark technology keynote to see the advancements in the JFrog Platform across EveryOps, and how an integrated platform is key to tomorrow’s development success. Includes secret announcements that change the way software delivery is managed!

14

9:40 AM
Keynote
From Vulnerabilities to Vigilance: JFrog’s Security Focus
Eyal Dyment | VP of Product, JFrog https://sessionize.com/image/9ed1-400o400o1-JCcRLZyE9sThjck41dDRe6.jpg
TUE 9:40 AM - 10:05 AM
Brazos Grand Ballroom
Add to calendar
Did you know that many companies have 10 or more DevSecOps tools that scan their code and binaries? Join us to explore unique advancements in the JFrog Platform that cut security down to size; pinpointed, contextual remediation advice, consolidating tools to reduce cost and duplication, providing intensive, research-backed threat results and putting all of your DevSecOps initiatives into a holistic approach from end to end. Fresh demos, unique threat and attack vector discoveries, major product announcements, and forward-looking capabilities will keep you at the crossroads of DevOps and software supply chain security.

15

10:05 AM
Keynote
From Silos to Synergy: MLOps & Developers Unified
Yuval Fernbach | VP & CTO, JFrog MLOps https://sessionize.com/image/520b-400o400o1-ULL2iU8ehjHa8xLE3PP8sH.jpg
TUE 10:05 AM - 10:30 AM
Brazos Grand Ballroom
Add to calendar
The software supply chain increasingly incorporates elements of machine learning and AI that must be developed, trained, experimented upon and delivered into production. Join Yuval Fernbach, CTO of JFrog MLOps, to learn how the joint technologies of JFrog and the recently-acquired Qwak AI platform streamline a trusted AI supply chain and unify DevSecOps best practices with the world of machine learning to help companies deliver intelligent software fast.

16

10:30 AM
Coffee Break
TUE 10:30 AM - 10:45 AM
The swamp

17

10:45 AM
Keynote
Elevating Innovation: GitHub & JFrog Paving the Way Forward
Brian A. Randell | Staff Developer Advocate, GitHub https://sessionize.com/image/a77e-400o400o1-HN1kQAu6nemmWAqCJPoomy.jpg Brian A. Randell is a Staff Developer Advocate at GitHub where he works to ensure GitHub can help everyone deliver solutions faster and more securely. For more than 30 years, he has been building software solutions. As a Partner at MCW Technologies, he educated teams on Microsoft technologies via writing and training—both in-person and on-demand. He’s been a consultant for companies small and large, worldwide, including Fortune 100 companies like Microsoft. Brian is a passionate software craftsman who still enjoys coding as he helps teams to improve their processes from idea to release. He was a Microsoft MVP for 18 years and has co-authored books, written magazine articles, and more. When not working, Brian enjoys spending time with his wife, two children, dog, and extended family.
Yonatan Arbel | Developer Advocate, JFrog https://sessionize.com/image/44e0-400o400o1-RonnPgTxX1X8RKzrQrw1ex.png a software developer with rich experience spanning over 12 years. For the past 7.5 years, I have been a valuable member of the JFrog team, a prominent tech company. Over the years, I progressed through the organization and eventually found my place within the Infrastructure group. I have a genuine passion for technology, which has been a guiding force throughout my 12-year career. My work at JFrog has included significant contributions to the development of the JFrog Platform. My journey is a testament to my dedication and the opportunities that the tech industry offers to those who are eager to learn and grow. As a speaker, I am excited to share my experiences and insights with others in the tech community.
TUE 10:45 AM - 11:30 AM
Brazos Grand Ballroom
Add to calendar
What happens when the leaders in code management and GenAI join forces with the binary management and software supply chain security experts? Join us to discover game-changing advances in the world’s top DevOps and DevSecOps platforms and how together, JFrog and GitHub are creating tectonic shifts in the development landscape.

18

11:35 AM
Keynote
Operationalizing genAI applications with DevOps practices
Patrick Debois | Founder of DevOps https://sessionize.com/image/3c04-400o400o1-p7hsau7E9qsJGj2S52pHnf.jpg Patrick Debois is a versatile technologist with a breadth of experience across Dev, Sec, and Ops. Known for his aptitude in harnessing emerging ideas , he skillfully guides teams and advises businesses ranging from startups to enterprises in their journey. Recognized as a trusted ally among dev, sec, ops communities, and beyond, he is currently immersing himself in the world of AI & Machine Learning continuously pushing the boundaries of his technical expertise. While Patrick’s technical appetite is vast, his affinity for people is equally profound. He possesses the rare ability to bridge perspectives, effortlessly switching between management and individual contributor levels and roles. This unique experience has led him organising the first Devopsdays in 2009. He is attributed to coining the term DevOps and co-author of the widely known Devops Handbook. In the past Patrick has worked together with renowned tech organizations such as Atlassian and Snyk. He currently wears both hats of VP of Engineering and Distinguished Engineer at Showpad. He thrives in sharing knowledge, organizing numerous community events, and presenting at many more. He believes in transforming his learnings into shareable lessons, using this feedback loop to hone his skills and broaden his perspectives. Through open sharing and lateral thinking, Patrick is not just enhancing his professional growth but also contributing significantly to the evolution of the field. You can enjoy his past talks on his youtube channel https://www.youtube.com/@jedi4ever/videos. Or follow the firehose of learnings he shares on Twitter https://twitter.com/patrickdebois
TUE 11:35 AM - 12:10 PM
Brazos Grand Ballroom
Add to calendar
How does this new world of genAI applications fit into the traditional SDLC? In this fast paced talk we'll walk you through: - Components a typical genAI is made off and how versioning works - Challenges we face during testing to deal with its non deterministic nature - New genAI infrastructure stack that is emerging - New security aspects you need to be aware of - How observability and end user feedback is vital as we can only see certain behaviors in prod - How that all fits into platform engineering and the socio-technical aspect impact To conclude, we reflect on the business implications of these advancements and their significance in the ever-evolving landscape of technology. Can't wait to share and can't wait to learn from your journey too!

19

12:15 PM
Lunch
TUE 12:15 PM - 1:15 PM
The swamp

20

1:20 PM
Session
JFrog Workers In Action
Ravit Shapira | Senior Product Manager, JFrog https://sessionize.com/image/a501-400o400o1-GzeSVDqWc4bev2Bt157T4T.png Ravit Shapira has 25 years of experience working in the high-tech industry. During her career, she has held various positions, including SW developer at Microsoft and a Product Manager at Amdocs. For the past 3 years, Ravit has been working at JFrog as a Platform Product Manager, leading various JFrog Cross Product Services, such as Access, Webhooks and Workers.
TUE 1:20 PM - 2:00 PM
Brazos E
Add to calendar
JFrog Workers is a service in the JFrog Platform that provides a serverless execution environment. You can create Workers that react to events in the JFrog Platform similar to AWS Lambda services. Workers service provides more flexibility to accomplish your use cases. You can use these workers to perform certain tasks that extend the capabilities of the JFrog Platform according to your requirements. In this session, we'll introduce the new JFrog Workers service of the JFrog Platform. Through a series of use cases, we'll demonstrate a range of capabilities this service offers. Our demos will focus on four main areas: * Event-driven workflow automation * Security * Auditing * Customize platform APIs

21

Session
Deciphering Artifactory Infrastructure: Optimizing Engineering Dependencies at Credit Karma
Amit Mishra | Engineering Manager, Credit Karma https://sessionize.com/image/5267-400o400o1-NvVwqjJnMJB1bi5mNU1ooF.jpg I am a technology leader with extensive hands on experience on various continuous integration tools, well versed with builds and deployment life cycle of software applications with in depth exposure to DevOPS practices. I have shared my knowledge at various platforms like technology conferences and meet ups.
TUE 1:20 PM - 2:00 PM
Brazos F
Add to calendar
As Developers bear the responsibility of crafting and delivering top-tier products to propel company's critical initiatives, lets do a deep dive into Artifactory Infrastructure and how it plays a pivotal role in the daily operations, serving as a backbone in the development pipeline while maintaining the secure and scalable posture supporting across multiple regions/Data centers.

22

Session
Accelerate Developer Productivity by integrating JFrog and GitHub
Dave Burnison | Senior Enterprise Advocate - GitHub https://sessionize.com/image/9745-400o400o1-VG1Lx9onQDLuBGq8Gp4MT1.jpg Dave is a Senior Enterprise Advocate on the GitHub & Azure DevOps Teams. He is very passionate about DevOps and application modernization. He is a link between the product group and customers. Dave joined Microsoft in January 2016. He has spent time as a consultant and in technical sales prior to joining the product group. He has been focused on DevOps the entire time. Dave has worked in the software development industry his entire career. Having worked for both startups and large companies, his strength is his view and knowledge of the overall software development lifecycle paired with technical skills which allow him to manage DevOps culture, processes & tools that enable software development teams to become as innovative, efficient and productive as possible. In 2022 Dave was awarded the Microsoft Executive Briefing Center’s (EBC) Distinguished Speaker award. Distinguished Speaker is the highest achievement Microsoft has at the EBC. This award recognizes speakers who embody all attributes of EBC and customer engagement best practices. See http://aka.ms/DaveBurnison2022EBCAward
TUE 1:20 PM - 2:00 PM
Brazos G
Add to calendar
GitHub has become the backbone of thousands of enterprises’ DevOps tools chains with first class integrations with best-in-breed tools like JFrog, Docker, Jira, Slack, Sentry and many, many more. Understand how developers can stay in the flow to move quickly, efficiently, and confidently with less context switching by working with the GitHub’s & GitHub Copilot’s integrations with JFrog tools.

23

2:05 PM
Session
Monitoring Artifactory Through New Relic Like a Pro
Levani Khidisheli | Software Engineer, Capital One https://sessionize.com/image/da26-400o400o1-3b6qE8r354kZtoCsf3KT9T.png Levani has been working in the Delivery Experience, at Capital One for almost 2 years, working on maintaining the Artifactory Platform. Levani has worked on optimizing and improving CI/CD pipelines responsible for deploying Artifactory in production. Has worked on testing the resiliency of the Artifactory platform to ensure continuous availability of the platform.
Andre Dang | Associate Software Engineer, Capital One https://sessionize.com/image/4902-400o400o1-MMakQiDvnebnqanCeq9JLV.jpg Andre has been an Associate Software Engineer at Capital One for 1 year. He works in Delivery Experience, helping maintain the Artifactory platform at Capital One and working to continuously improve its resiliency and ease of use for developers. He is passionate about optimizing the processes required to maintain a platform, and optimizing the monitoring solutions required for troubleshooting. Through solving these operational issues, he has helped make our systems more reliable, and our troubleshooting easier. He has a user-centric view of problems and has worked to make Artifactory at Capital One a more robust application.
TUE 2:05 PM - 2:45 PM
Brazos E
Add to calendar
The importance of detailed monitoring as we look to continuously use Artifactory to serve our developers cannot be understated. This is why we decided to use the New Relic-Jfrog Integration. The process of setting this up was not easy as there were a myriad of issues, as the process of authenticating into both systems had a lot of unforseen and hard-to-detect issues. We also needed to make sure not to disrupt existing systems. This session will go through the process of setting this integration up, the challenges we encountered, but also the use and importance of this tool because when things inevitably go wrong, detailed monitoring solutions help us resolve the issues faster.

24

Session
The Origin of End to End MLOps
Hudson Buzby | Solutions Architect at Qwak/JFrogML https://sessionize.com/image/76ed-400o400o1-KkLaHKqiCg8bgrsgGsHGG6.jpg Hudson Buzby is a Solutions Architect, helping customers build and design Machine Learning systems on the Qwak Platform. Prior to Qwak, Hudson spent a number of years in the Data Engineering space, particularly in the world of Apache Spark, Kafka, and distributed systems.
TUE 2:05 PM - 2:45 PM
Brazos F
Add to calendar
How does an MLOPs platform develop and evolve? Why do so many organizations struggle to get a sane, scalable MLOps system in place? In this talk, Hudson Buzby will discuss the origins and motivations of the Qwak platform, the challenges and struggles Qwak seeks to eliminate, and the pitfalls many organizations experience when building a robust machine learning environment.

25

Session
Diagnosing DevOps: Exploring Artifactory’s Binary Store Gems
Avishay Halpren | R&D Manager and Architect, JFrog https://sessionize.com/image/5f68-400o400o1-YX2omkhN84MXXon7KEf7vy.png Software Architect with over 20 years of experience as an architect & R&D manager. I have vast knowledge and understanding of the development needs, production HA and problem solving. My all time movie series is "Back to the Future" and I believe that If you put your mind to it, you can accomplish anything.
TUE 2:05 PM - 2:45 PM
Brazos G
Add to calendar
Join us to explore the Binary Store Architecture and much more. If you have never heard about the binary store before or just want to find the hidden gems of JFrog Artifactory join this session. I would love to share with you my four years of experience as part of the development team, exploring tips and techniques to improve and monitor Artifactory service Speaking about storage is a crucial aspect of software development. We'll discuss about Artifactory's binary store and show how we are managing heavy traffic and scalability. How it's possible to move from self-hosted to SaaS when we are talking about PB of data. We’ll also cover topics like internal caching layers, optimizing downloads with S3 and CDN redirects and addressing the AI-ML demands associated with uploading huge files via multipart support.

26

2:45 PM
Coffee Break
TUE 2:45 PM - 3:00 PM
The swamp

27

3:05 PM
Session
Kubernetes Security: A Multi-layer Approach
Abdel Sghiouar | Cloud Developer Advocate, Google https://sessionize.com/image/138d-400o400o1-f5-e8b9-4b4b-a8e4-4f5c6c61158f.fc62390d-0d7e-4a29-b526-9806b570af55.jpg Abdel Sghiouar is a senior Cloud Developer Advocate @Google Cloud. A co-host of the Kubernetes Podcast by Google and a CNCF Ambassador. His focused areas are GKE/Kubernetes, Service Mesh and Serverless. Abdel started his career in datacenters and infrastructure in Morocco where he is originally. Before moving to Google's largest EU datacenter in Belgium. Then in Sweden he joined Google Cloud Professional Services and spent 5 years working with Google Cloud customers on architecting and designing large scale distributed systems before turning to advocacy and community work.
TUE 3:05 PM - 3:45 PM
Brazos E
Add to calendar
:K8s gained so much traction in the last couple of years and it become almost a defacto solution to run containerized applications.However it's a complex system that aims to abstract how containers are orchestrated from the developers and operators and if deployed without caution could have some serious security problems. Come listen to few practical approaches to secure a Kubernetes deployment.

28

Session
Building Effective High Performance Generative AI
Jeremy Krinitt | Strategic Alliances Manager, Nvidia https://sessionize.com/image/1a59-400o400o1-aZWA98m49HRDz7b7i8WgoM.jpg Jeremy Krinitt leads key Generative AI and LLMOps partnerships at NVIDIA. Jeremy has also driven NVIDIA's ecosystems in the areas of Visual Generative AI, Professional Broadcast, Video Conferencing, Virtual Prodcution and Streaming. Jeremy has more than 25 years of experience in AI, video and 3D graphics technologies, much of it driving software and hardware product development and partnerships. Prior to joining NVIDIA, Jeremy was Vice President of Business Development at BriefCam, a leader in AI video analytics, acquired by Canon in 2018. Jeremy has founded two companies, REACT Systems, an emergency communications company, and Frontier Security, a physical security solution provider.
TUE 3:05 PM - 3:45 PM
Brazos F
Add to calendar
We will discuss current techniques and technologies to consider in building Generative AI applications and services. Choosing a model, fine tuning, RAG and scalable/cost effective solutions will be key areas of focus during this discussion.

29

Session
Open Platform for Enterprise AI
Arun Gupta | VP of Open Ecosystem Initiatives, Intel Corporation https://sessionize.com/image/a54f-400o400o1-Xa5zKMDfjpNpuKVfHUjjNZ.png Arun Gupta is vice president and general manager of Open Ecosystem Initiatives at Intel Corporation. He is an open source strategist, advocate, and practitioner for over two decades. He has taken companies such as Apple, Amazon, and Sun Microsystems through systemic changes to embrace open source principles, contribute and collaborate effectively. As an elected chair of the Cloud Native Computing Foundation (CNCF) Governing Board, Arun works with CNCF leadership and member companies to grow cloud native ecosystem. He also participates in the Open Source Security Foundation (OpenSSF) and Linux Foundation Governing Boards. He has delivered technical talks in 45+ countries, authored multiple books, and is a Docker Captain, Java Champion, and Java User Group leader. He also founded the Devoxx4Kids chapter in the U.S. and continues to promote technology education among children.
TUE 3:05 PM - 3:45 PM
Brazos G
Add to calendar
Enterprises face myriad challenges when it comes to developing and deploying Gen AI solutions. The development of new models, algorithms, fine-tuning techniques, detecting and resolving bias, and how we deploy large solutions at scale continues to evolve rapidly. There is a lack of standardized software tools and technologies to choose from. Additionally, enterprises want the flexibility to innovate rapidly, and extend the functionality to meet their business needs while ensuring the solution is secure and trustworthy. This talk introduces Open Platform for Enterprise AI (OPEA), a new project under LF AI & Data Foundation. The mission of OPEA is to create an open platform project that enables the creation of open, multi-provider, robust and composable GenAI solutions that harness the best innovation across the ecosystem. You will learn more about the mission, how the project is going to solve it, see reference RAG implementations in action, partners, roadmap and how you can join and contribute to this effort.

30

3:50 PM
Session
MLOps + DevOps + Kubernetes = ❤️
Annie Talvasto | CMO, VSHN | CNCF Ambassador | Azure MVP https://sessionize.com/image/015d-400o400o1-M4qUyk65FH2wKbPVpkEaKv.jpg Annie Talvasto is an award-winning international technology speaker and leader. She has spoken at over 60 technology conferences worldwide, including KubeCon + CloudNativeCon and Microsoft Build & Ignite. She has been recognized with the CNCF Ambassador and Azure MVP awards. Annie is the creator of TechCraft Show, where she and her guests talk tech while playing MineCraft (potentially) badly. She has co-organized the Kubernetes & CNCF Finland meetup since 2017. In the past, she has also served as a track chair for KubeCon + CloudNativeCon and has been hosting Cloud Native Live, a weekly livestream by CNCF, since 2021.
TUE 3:50 PM - 4:30 PM
Brazos E
Add to calendar
Combining the power of DevOps, Kubernetes and MLOps brings scalability, reliability, and reproducibility to AI and ML workflows. In this session, we will explore how Kubernetes enables the orchestration of distributed AI training and inference pipelines, while MLOps practices ensure efficient model development, deployment, and monitoring. Join Annie to discover how this combination empowers organizations to unlock the full potential of generative AI while achieving seamless scalability and operational excellence.

31

panel
AI & ML in Practice: Toy vs Enterprise Use Cases
Baruch Sadogursky | Principal Developer Productivity Engineering Advocate, Gradle https://sessionize.com/image/6857-400o400o1-JXocy3YoRTEqmNrjJd2d7Y.png Baruch Sadogursky (@jbaruch) did Java before it had generics, DevOps before there was Docker, and DevRel before it had a name. He started DevRel at JFrog when it was ten people and took it all the way to a successful $6B IPO by helping engineers solve problems. Now Baruch keeps helping engineers solve problems but also helps companies help engineers solve problems. He is a co-author of the "Liquid Software" and "DevOps Tools for Java Developers" books, serves on multiple conference program committees, and regularly speaks at numerous most prestigious industry conferences, including Kubecon, JavaOne (RIP), Devoxx, QCon, DevRelCon, DevOpsDays (all over), DevOops (not a typo) and others. After a tenure of eleven years in JFrog DevRel, Baruch is the Principal Developer Productivity Engineering Advocate at Gradle.
Ran Romano | VP of Product & Engineering, JFrog ML https://sessionize.com/image/e458-400o400o1-9GkU5DHG49U7sQrudoi1Tx.png Ran Romano is a seasoned leader in the machine learning and data engineering space, currently serving as the VP of Product & Engineering at JFrog ML after JFrog’s recent acquisition of Qwak. As a co-founder and Chief Product Officer at Qwak, Ran led the development of the Qwak MLOps Platform, which enables companies to seamlessly build, deploy, and monitor machine learning models at scale. Prior to that, he held key roles at Wix, where he built their internal ML platform and managed their data collection system, handling billions of daily events. Ran has a strong technical background, having managed cross-functional teams and developed cutting-edge solutions for large-scale production systems.
Damian Curry | Community and Alliances Technical Director - NGINX https://sessionize.com/image/7cdc-400o400o1-RCLGsMDJUGiEVYbDezCss4.jpg After many years of managing infrastructure for multiple companies, Damian now heads up all things technical for Community and Alliances for NGINX. Damian is a long time NGINX user, and it has played a key role in almost every environment he has managed.
Melissa McKay | Head of Developer Relations, JFrog https://sessionize.com/image/efa4-400o400o1-B5NA5187XjfNpZP8cCBpfr.jpg Melissa is passionate about Java, DevOps and Continuous Delivery. She is currently Head of Developer Relations for JFrog, and serves on the CNCF governing board. She shares her knowledge with the community as a developer, speaker, and author. Melissa has been recognized as a Java Champion and Docker Captain, is an international speaker at numerous events including KubeCon and DockerCon, and is co-author of the O'Reilly title, DevOps Tools for Java Developers.
Brian A. Randell | Staff Developer Advocate, GitHub https://sessionize.com/image/a77e-400o400o1-HN1kQAu6nemmWAqCJPoomy.jpg Brian A. Randell is a Staff Developer Advocate at GitHub where he works to ensure GitHub can help everyone deliver solutions faster and more securely. For more than 30 years, he has been building software solutions. As a Partner at MCW Technologies, he educated teams on Microsoft technologies via writing and training—both in-person and on-demand. He’s been a consultant for companies small and large, worldwide, including Fortune 100 companies like Microsoft. Brian is a passionate software craftsman who still enjoys coding as he helps teams to improve their processes from idea to release. He was a Microsoft MVP for 18 years and has co-authored books, written magazine articles, and more. When not working, Brian enjoys spending time with his wife, two children, dog, and extended family.
TUE 3:50 PM - 4:30 PM
Brazos F
Add to calendar
Artificial Intelligence and Machine Learning are current buzzwords, and organizations are jumping at the chance to cash in on new opportunities afforded by new developments in this space. Gartner estimates 90% of NEW apps will contain AI by 2027. But what exactly are we developing? How do we actively integrate AI and ML technologies in ways that are beneficial to developers, our organizations, and our customers? What kinds of applications have an ROI that makes sense and what proof of concepts turn out to be toys that never make it to production? Join this expert panel discussion about relevant use cases to pursue and perhaps some to avoid or that may require more thought before implementation.

32

Session
From DevEx Disaster to Delight: How to Champion a DevEx Revolution in Your Organization
Jeremy Meiss | Developer Experience & Community Leader https://sessionize.com/image/1f95-400o400o1-SMXXHoVnzy6h19Y4Cu54Ec.png Jeremy is a seasoned Developer Experience and Community leader, formerly the Director of DevRel & Community at CircleCI, and previously at Solace, Auth0, and XDA. With almost 30 years in Tech, covering just about every functional area including support, system and database administration, application and web development, project management, program management, and systems analysis, Jeremy is active in the DevRel and DevOps communities, and is a co-creator of DevOpsPartyGames.com. A lover of all things coffee, community, open source, and tech, he’s a husband and father, and is also house-broken, and (generally) plays well with others.
TUE 3:50 PM - 4:30 PM
Brazos G
Add to calendar
Is your team drowning in a sea of bugs, clunky tools, and morale-sapping processes? Are you tired of hearing them utter phrases like "I hate this deployment process" and "This codebase is a crime against humanity"? Well, fret no more! This talk will be your guide to transforming your organization's Developer Experience (DevEx) from a disaster zone to a developer utopia. We'll delve into the what, why, and how of DevEx, exploring practical strategies you can implement to make your developers' lives easier and more productive. We'll cover everything from tooling and automation to fostering a culture of collaboration and feedback. By the end of this talk, you'll be armed with the knowledge and practical tips to become a DevEx champion in your organization, all while avoiding the wrath of your CTO (hopefully). So buckle up, grab your favorite stress ball (you might need it), and get ready to learn how to turn your developer frowns upside down!

33

4:35 PM
Session
Give Your LLMs a Left Brain
Stephen Chin | VP of Developer Relations, Neo4j https://sessionize.com/image/bb41-400o400o1-EHvMKwbfP43RYxL9qJMwGv.jpg Stephen Chin is VP of Developer Relations at Neo4j and author of The Definitive Guide to Modern Client Development, Raspberry Pi with Java, Pro JavaFX Platform, and the DevOps Tools for Java Developers title from O'Reilly. He has keynoted numerous conferences around the world including Devoxx, DevNexus, JNation, JavaOne, Joker, swampUP, and Open Source India. Stephen is an avid motorcyclist who has done evangelism tours in Europe, Japan, and Brazil, interviewing hackers in their natural habitat. When he is not traveling, he enjoys teaching kids how to do AI, embedded, and robot programming together with his daughters.
TUE 4:35 PM - 5:15 PM
Brazos E
Add to calendar
The human brain is divided into two hemispheres, each of which specializes in different types of tasks. Your right brain excels at imagination, intuition, art, rhythm, feelings, and dreams. Meanwhile, the left brain is more analytical and focused on logic, sequencing, linear thinking, and mathematics. Like a human brain, generative AI excels at certain tasks, especially those related to right-brain creative activities. However, the absence of relevant and up-to-date information produces confusing hallucinations that are not grounded in reality.  This presentation will explore how knowledge graphs built with factual and updated information can complement LLMs via retrieval augment generation (RAG) to produce more reliable results. I will show a demonstration of a knowledge graph built off of Artifactory dependency information that can be queried in natural language using ChatGPT.

34

Session
Model as a Package -- Breaking the MLOPs Silo
Zohar Sacks | Senior Director of Product, JFrog https://sessionize.com/image/9ffa-400o400o1-wEaZpyBsfCotSgJnouNoZT.png Zohar Sacks, Senior Director of Product at JFrog, brings over 20 years of experience in distributed systems, Cloud, SaaS, PaaS, IaaS, MLOps and MLSecOps Before joining JFrog, Zohar was the VP of R&D of Zesty, an AI-powered Cloud Cost Optimization startup. Zohar was also CTO/Co-Founder of Disco, a revolutionary distributed computing startup serving distributed computing tools to the AI/ML market and beyond.
TUE 4:35 PM - 5:15 PM
Brazos F
Add to calendar
The race to unlock the power of Machine Learning (ML) is on, but managing the ML lifecycle – from data to deployment – can be complex. In this session we will explore how JFrog, the liquid software company, is harnessing MLOps and DevOps to work collectively, to maintain trusted builds in the Machine Learning (ML) era.

35

Session
Sociotechnical Platform Engineering
Chris Corriere | Sociotechnological Mathematician https://sessionize.com/image/5c2f-400o400o1-4cXDeaYBWyVBeTJ8QtZ6nh.jpg Chris Corriere has been working with data, phones, networks and writing software for over 20 years. His background in mathematics and engineering has allowed him to adapt to new and industry specific technologies and provided many unique consulting opportunities. As a devOps practitioner Chris is committed to culture, automation, learning, sharing, and having a good time while getting work done.
TUE 4:35 PM - 5:15 PM
Brazos G
Add to calendar
DevOps practices help reduce friction to production for technologists. Once an application has user traffic, user experience should become a priority, but at what cost? This talk will connect human centered DevOps & SRE practices across a value stream to explore how platforms balance developer experience against production stability over time, and how process dependencies factor into overall platform success. This talk will explore: - How pipelines are value streams - A general-purpose value stream map for platforms - Dependency (wardley) maps for platform processes - Aligning SLIs, SLOs, & SLAs across our platform VSM - Establishing Error Budgets - Chaos Engineering & Complexity Science

36

5:15 PM
Booth Crawl / Happy Hour
TUE 5:15 PM - 6:30 PM
The swamp

37

6:30 PM
Community Gala Dinner
TUE 6:30 PM - 10:00 PM
Brazos Grand Ballroom

38

7:30 AM
Registration
WED 7:30 AM - 8:30 AM
The swamp

39

8:30 AM
Keynote
Opening Keynote
Melissa McKay | Head of Developer Relations, JFrog https://sessionize.com/image/efa4-400o400o1-B5NA5187XjfNpZP8cCBpfr.jpg Melissa is passionate about Java, DevOps and Continuous Delivery. She is currently Head of Developer Relations for JFrog, and serves on the CNCF governing board. She shares her knowledge with the community as a developer, speaker, and author. Melissa has been recognized as a Java Champion and Docker Captain, is an international speaker at numerous events including KubeCon and DockerCon, and is co-author of the O'Reilly title, DevOps Tools for Java Developers.
WED 8:30 AM - 8:35 AM
Brazos Grand Ballroom
Add to calendar

40

8:35 AM
Keynote
How to Master Your Software Supply Chain with Trust
Scott Johnston | CEO, Docker https://sessionize.com/image/d3e7-400o400o1-Ro1xVvnvZ5CXjZN5rzEX7U.jpg Scott Johnston leads Docker, the company behind the open-source Docker project and the global container ecosystem of people, products, platforms, and partners revolutionizing how modern apps are built, shared, and run. Scott joined Docker in 2014 as its first product manager and went on to serve as COO and CPO before being named CEO in November 2019. Scott began his career as a software engineer and subsequently served in operational and leadership roles in product, business development, operations, and marketing with industry-leading companies such as Sun Microsystems, Cisco, Netscape, Puppet, and Loudcloud (parent of Opsware). Scott lives in Palo Alto with his wife and three children and holds degrees in engineering and business from Stanford University.
Shlomi Ben Haim | CEO & Co-founder, JFrog https://sessionize.com/image/0e22-400o400o1-smB72VYUetSN5E1uhkvENB.jpg Shlomi is CEO and co-founder of JFrog, creators of the universal DevOps platform. He brings over 20 years of experience in building profitable, high-growth information technology companies. Prior to JFrog, Shlomi was the CEO of AlphaCSP (acquired in 2005 by MalamTeam) and was a Major in the Israeli Air Force. Shlomi holds an MS from Clark University (Massachusetts) and a BA from Ben-Gurion University (Israel).
WED 8:35 AM - 9:05 AM
Brazos Grand Ballroom
Add to calendar
The importance of a consolidated, end-to-end trusted software supply chain spans from public hubs through trusted pipeline source code repositories and software package registries as a single source of truth. Safeguarding this flow requires the right tools for developers for SSC security to protect against risks or mistakes before software is being updated on the edge. In this session we’ll hold an open dialogue on stage between today’s market leaders, discussing what consolidation looks like and what it takes to set the standards and shape the future of DevOps and DevSecOps.

41

9:05 AM
Keynote
JPMorganChase: Mastering DevOps at Scale
Gopinath Gopalsamy | Managing Director, JP Morgan Chase https://sessionize.com/image/8d0b-400o400o1-RPx2dQyAUa7sQ7WBZ1ovdk.png
WED 9:05 AM - 9:35 AM
Brazos Grand Ballroom
Add to calendar
With an unprecedented number of artifacts generated monthly, the scale of one of the world's largest digital organizations is unmatched. Join JPMC's Executive Director Gopi Gopalsamy to get a peek inside the pipelines of one of the world's most influential organizations.

42

9:35 AM
Coffee Break
WED 9:35 AM - 9:50 AM
The swamp

43

9:55 AM
Keynote
Building the Bridge Between DevOps and MLOps in a GenAI world
Luke Marsden | CEO, Helix.ml https://sessionize.com/image/08da-400o400o1-L3xYt6nUV54vqpJ1fmGXrt.jpg Hacker and entrepreneur, Luke works at the intersection of DevOps and ML; building out end-to-end MLOps capabilities across enterprises, fine-tuning LLMs and enabling GenAI capabilities. Previously helped launch Docker plugins and co-authored kubeadm for K8s.
WED 9:55 AM - 10:35 AM
Brazos Grand Ballroom
Add to calendar
DevOps and MLOps intersect in ways never before considered in today’s AI-driven reality. With expertise in DevOps, MLOps, LLMs, Kubernetes, Docker and more, Luke Marsden will explore how to build bridges, adopt best practices, and pitfalls to avoid as we all strive to make AI really work.

44

10:35 AM
Keynote
Responsible AI: Policy Solutions for DevSecOps
Victoria A. Espinel | CEO, BSA https://sessionize.com/image/085d-400o400o1-X5iyY9DNjgEcCawH7dCpQH.jpg As CEO of BSA | The Software Alliance, Victoria has significantly expanded the organization's global influence, establishing it as a leader for enterprise software companies on key issues such as artificial intelligence, privacy, cybersecurity, and digital trade. She initiated the Digital Transformation Network and the Global Data Alliance to enhance BSA’s partnerships with various industry sectors worldwide. Victoria also founded Software.org, a nonprofit that educates policymakers and the public about the software industry's impact and career opportunities. Additionally, she serves on President Biden’s National Artificial Intelligence Advisory Committee and has held prominent roles with the President’s USTR Advisory Committee for Trade Policy and Negotiations, the World Economic Forum, and the Council on Foreign Relations. Victoria has testified before the US Congress and the European Parliament over a dozen times and frequently speaks on AI, cybersecurity, and STEM education to various organizations and institutions. Her insights have been featured in major media outlets such as the New York Times, Washington Post, and NPR. Recognized as one of Washingtonian magazine's “Most Influential People” and a “Tech Titan,” she has a distinguished career in public service, including roles as the first White House “IP Czar” and the chief US trade negotiator for intellectual property under the Bush Administration. Victoria holds advanced degrees from the London School of Economics and Georgetown University and serves on the board of Girls Who Code and ChIPs. She also owns the award-winning restaurant Jewel of the South in New Orleans.
Jens Eckels | VP Product Marketing, JFrog https://sessionize.com/image/1ea8-400o400o1-4476nbSPwNGBQqY2rVFufx.png
WED 10:35 AM - 11:05 AM
Brazos Grand Ballroom
Add to calendar
Artificial intelligence (AI) is revolutionizing problem-solving and innovation in DevSecOps. Leveraging AI responsibly is essential for building secure, trustworthy systems. Governments are crafting policies to ensure AI's benefits while mitigating risks. BSA’s Policy Solutions for Building Responsible AI provides a framework to achieve these goals, focusing on governance, innovation, and transparency.

45

11:20 AM
Session
Data Ethics: How to Avoid Tech Horror Stories and U.S. Senate Hearings
Nyah Macklin | Developer Relations | Keynote Speaker | Community Builder https://sessionize.com/image/e40c-400o400o1-rs3tG1tT8128yZt4C7F2Yf.jpg Nyah Macklin is a Senior Developer Advocate who cares deeply about the ethical use of data, data privacy & security, and ethical artificial intelligence. Nyah has a non-traditional engineering background, with a degree in African & Afro-American Studies and a career in civil service and community organizing. This background gave them the expertise to decipher the ways systems within tech perpetuate the exclusion of historically underrepresented communities, and implement policies to counteract that fact. Nyah cares about making technology and software accessible to as many communities as possible. Find them on Twitter: @NyahMacklinDev
WED 11:20 AM - 12:00 PM
Brazos E
Add to calendar
Has your engineering team ever talked about ethics during the development process? Don't be ashamed, we didn't either. As software engineers, it's not our problem right? I get it. Let me take you through "story time" where we will dissect tech horror stories that could have been solved by centering ethics in the software development life cycle. Today, you'll come away with tangible tools and frameworks to implement into your engineering team's sprint to ensure ethical data handling, and avoid becoming the next tech company sitting in front of the U.S. Senate.

46

Session
Full-spectrum Security: Discover the Impact of Runtime Discoveries Across Your Pipeline
Harel Avissar | Director of Product, JFrog https://sessionize.com/image/427a-400o400o1-pXHrg6G4FThXiaM4vMMPJf.png Harel Avissar is Director of Product at JFrog, working on the next leaps in DevSecOps and particularly on how the JFrog Platform arms developers with the information and knowledge they need to build software they can trust. With over 15 years of Cyber Security and Leadership background Harel has hands on experience with the security of the software supply chain looking at each link and end to end.
WED 11:20 AM - 12:00 PM
Brazos F
Add to calendar
Finding vulnerabilities in code is valuable. With binary scanning, expert security team remediation, and applicability advice, your pipelines are even more secure. Now it’s time to take your security posture from one end to the other, as we explore how to practically weave in runtime discoveries into your pipeline processes and create a seamless, end-to-end experience - now reaching into production! - with full visibility, traceability and evidence provided in a powerful, unified platform. In this session we will show how to verify the integrity of your production images, how to prioritize remediation based on running status and how the JFrog platform can help close the window of exposure fast by identifying the image owner. Harel will provide demonstrations, helpful tips, and real-world applications for JFrog’s newest security family member.

47

Session
Verifying Artifacts and CVEs at the Change Boundary
Bryan Oliver | Principal Architect, Thoughtworks | K8s Sig Network Member/Contributor https://sessionize.com/image/f5d4-400o400o1-aWokjCm7AHSJRMWxQm9BYY.jpg Bryan is an experienced engineer and leader who designs and builds complex distributed systems. He has spent his career developing mobile and back-end systems whilst building autonomous teams. More recently he has been focused on delivery and cloud native at Thoughtworks. In his free time he plays ice hockey and goes trail running, and tries to break into the champion rank in rocket league. https://olivercodes.com
WED 11:20 AM - 12:00 PM
Brazos G
Add to calendar
At Thoughtworks, we talk a lot about Compliance at the Point of Change. To simplify, the core of this concept is we give developers freedom by moving all compliance checks to the admission controllers of the deployment platform. This allows devs to completely own the pipelines, and they are responsible for meeting the admission controller requirements on deployment. In this talk, we'll look at how to write admission controllers that block deployments when an application has an invalid SBOM or high severity CVE in it's packages.

48

12:00 PM
Lunch
WED 12:00 PM - 1:00 PM
The swamp

50

Session
How a Unicorn Migrated From an In-House Solution to Helm
Mey Beisaron | Senior Platform Engineer, Forter https://sessionize.com/image/6adb-400o400o1-aHW9hpCg7EKnor4vLG5CPu.jpg Mey is a Senior Platform Engineer and a public speaker who brings Star Wars geekery to everything she does. As a Backend Developer, Mey has developed in multiple programming languages, including Nodejs, Java, Python, Groovy, and her favorite, Clojure. Today Mey is a senior platform engineer at Forter, leading the complex migration of 400+ services to Kubernetes. When she is not spending her weekends coding games or speaking at tech conferences, she experiments with algorithms or playing Super Mario Bros on the Nintendo Switch. May the force be with you.
WED 1:05 PM - 1:45 PM
Brazos F
Add to calendar
Creating your first Helm Chart is one thing, but migrating 400+ services - all relying on an existing solution - is a whole different story. This is the point where "Helm 101" tutorials become irrelevant. In this talk we will go through our unique Helm charts architecture, integrating Helm with existing systems and, finally, deployment to production. By the end of this talk you will learn a practical technique to leverage Helm while taking into consideration existing systems and boosting dev velocity in the process.

51

Session
Demystifying Platform Engineering and IDP (Internal Developer Platform)
Bill Manning | Solution Architect, JFrog https://sessionize.com/image/d5e5-400o400o1-J5h4DoN6vMc6mRYpjipSXJ.jpg William is a Solutions Engineering Manager with JFrog. He is also a mentor with TechStars (Nike Incubator), Matter, and NestGSV. He has successfully exited 3 companies and took one public in Australia. He also currently helping various startups as an advisor. In his spare time, he likes to travel with his wife and two boys. He also plays guitar, loves gadgets & IOT, lives for the beach, rides skateboards, and is an avid cyclist.
WED 1:05 PM - 1:45 PM
Brazos G
Add to calendar
Platform Engineering is the hottest trend (besides AI, of course!) today. Many companies are looking at Platform Engineering to reduce tool sprawl, reduce cost, and consolidate. See why the JFrog Platform is the ultimate base for building your Internal Developer Platform.

52

1:50 PM
Session
The Old, the New, and the Strange: Securing Deep Learning in 2024
Patrick Smyth | Staff Developer Relations Engineer, Chainguard https://sessionize.com/image/b44a-400o400o1-L1sUA29c48cYdWHrd5DYcE.jpg Dr. Patrick Smyth is Staff Developer Relations Engineer at Chainguard, where he shows developers how to deploy AI and other applications with 0 CVEs using Chainguard Images. Patrick has a PhD in the digital humanities and in a previous life led technical bootcamps for researchers at Columbia University. In his free time you can find Patrick swimming in a frozen lake or hanging out with his six-month-old baby.
WED 1:50 PM - 2:30 PM
Brazos E
Add to calendar
Data poisoning. Input manipulation. Model inversion. As companies race to incorporate deep learning into production applications, we've been introduced to exciting new threats, among them exotic prompt jailbreaks and even the feared dirty pickle attack. However, how much is totally new under the sun, and how much have we seen before? What can we learn from prior cycles of threat and mitigation in the software industry that can be applied to this new ML landscape? In this talk, we'll approach new threats in deep learning by comparing the deployment of ML models to the deployment of conventional software artifacts. We'll take a tour of some of the stranger attack vectors for AI applications to determine which conventional mitigations will work in the world of models and which threat vectors are truly new, requiring new approaches. We'll also demo Chainguard's approach to deep learning infrastructure and model security, with particular attention to AI image bloat and upstream attacks. And, yes, we'll give you some tips on dealing with the dreaded dirty pickle.

53

Session
Supply Chain Security: Policies at Scale
Shimi Bandiel | JFrog https://sessionize.com/image/3852-400o400o1-EXWoVmcEdBw2yAWmektL8T.jpeg Shimi is an experienced consultant and developer who specializes in building performant DevOps CI/CD pipelines. Before his current role as a Strategic DevOps Acceleration Solution Architect @ JFrog, Shimi was the CTO of Trainologic responsible for high profile consulting and training about DevOps, architecture and performance tuning.
WED 1:50 PM - 2:30 PM
Brazos F
Add to calendar
In this session we will review the challenges of enacting SSC policies in large enterprises. We will discuss the relationship between policies and ownership and describe the technical challenges and tradeoffs applied to large organizations. We will cover categorization of applications and the challenges in waiver management, sandbox testing and no known fixes for CVEs. We will also discuss active/active setups and its implications for policy management and automated actions.

54

Session
C/C++ DevOps at Scale: Compliance & Efficiency in C/C++ Projects with Conan 2 & Artifactory
Diego Rodriguez-Losada Gonzalez | Lead Architect, JFrog | Conan Co-founder https://sessionize.com/image/7ae2-400o400o1-axoJLoJgjsq6v3Gb1iqVsq.jpg Diego's passions are robotics and SW engineering and development. He has developed many years in C and C++ in the Industrial, Robotics and AI fields. He was also a University (tenure track) professor and robotics researcher for 8 years, till 2012, when he quit academia to try to build a C/C++ dependency manager and co-founded a startup. Since then he mostly develops in Python. He is Conan C/C++ package manager co-creator and maintainer, now working at JFrog as Conan lead and C/C++ advocate.
Luis Caro Campos | SW Tech Lead (Conan), JFrog https://sessionize.com/image/39cf-400o400o1-hgxvcYJUqvfhih6XAt21te.jpg Luis is an Electronics and Computer Engineer, currently working a R&D Team Lead in the Conan Team at JFrog. He started his journey with C++ in university doing research in the field of Computer Vision. Since 2015 he has been based in the UK and has worked in the field of 3D Scanning, and more recently in the field of Robotics (Autonomous Driving) at Oxbotica, before joining the Conan team at JFrog in 2022. Over the years, Luis has become concerned with the problem of enabling C++ Software Development at scale, working on the tooling and processes that enable large teams of C++ developers to focus on writing code.
WED 1:50 PM - 2:30 PM
Brazos G
Add to calendar
C and C++ languages are the backbone of modern software infrastructure. From automotive, embedded, finance, robotics, AI and ML, space, OSs, cloud, etc, rely on C and C++. Projects in these languages can grow to have many millions of lines of code, and due to its compilation model, building them typically requires a lot of time, effort and resources. Achieving reproducible builds and managing dependencies is a very challenging task. Furthermore, the binary model for native binaries is very complex, traditionally organizations have relied on custom home-made solutions that take a lot of time to develop, maintain and support. Making these custom solutions to manage binaries efficiently is complicated, so traditionally organizations have relied on re-building from source over and over, wasting CI time and resources and now allowing them to implement modern devops practices. With Conan C/C++ package manager and Artifactory, it is possible to define a CI pipeline that can work efficiently at scale, saving lots of time in unnecessary rebuilds from sources and implementing and allowing good devops practices, from package immutability, dependencies reproducibility and traceability and many more. Conan 2 also brings a whole new set of tools for compliance and security: automatic backup of sources downloaded from open source repositories for reproducible builds, storing metadata files for build logs, tests, coverage, etc, package signing, creation of SBOMs, and many more. Conan 2 enterprise-ready extensibility with custom commands, public Python APIs, better configuration management allows easy implementation and integration of organization policies.

55

2:30 PM
Coffee Break
WED 2:30 PM - 2:40 PM
The swamp

56

2:45 PM
Session
Teledyne Controls’ Cloud Journey: Migrating from Self-Hosted to JFrog SaaS
Aiden Jang | DevOps Engineer, Teledyne https://sessionize.com/image/1fde-400o400o1-7DkrttAf7Xneb9gMBHsU4X.png My name is Aiden Jang, an experienced DevOps professional at Teledyne Controls, with a focus on cloud migration and DevOps practice. Recently, I successfully led a migration to JFrog Artifactory, optimizing artifact management in our cloud infrastructure. At Teledyne Controls, I'm dedicated to leveraging technology for innovation and efficiency, bridging development and operations to accelerate software delivery.
WED 2:45 PM - 3:25 PM
Brazos E
Add to calendar
In this session, I would like to present my triumphs of migrating to the Cloud Artifactory. Drawing from firsthand experience, I will share insights, strategies, and practical tips garnered from our cloud migration to JFrog Artifactory. We'll explore the foundational motivations behind our decision to migrate, examining the advantages and challenges encountered throughout the process. Therefore, we hope that the viewers/visitors who are interested in the JFrog Cloud migration will gain valuable perspectives on the key steps, tools, and methodologies.

57

Session
Trustworthiness-centric Software Supply Chain Security: Regulations, Requirements & Solutions
Xin Qiu | Sr. Director, CommScope Security Solutions https://sessionize.com/image/d856-400o400o1-DFrKkfv3jSRjKCvJhX7boh.jpg Dr. Xin Qiu, with over 25 years of experience in Public Key Infrastructure (PKI) and device security, serves as Sr. Director at CommScope PKI Center. Leading a diverse team in product marketing, R&D, secure operations, she collaborates with global device manufacturers and network operators. With a portfolio of 80+ patents, Dr. Qiu is recognized as the mastermind behind the success of CommScope’s PKI and security service offerings for large-scale customer-focused deliverables and deployments. She was appointed as a Motorola Science Advisory Board Associate for her creative and innovative technical contributions in enabling cryptographic techniques and PKI for millions of devices. Her patent for the DFAST cryptographic technology was widely adopted and utilized in the CableCard Copy Protection standard, playing a key role in combating piracy within the cable industry. Furthermore, she was one of the primary designers for the security of the Emmy-award-winning MediaCipher Conditional Access System.
WED 2:45 PM - 3:25 PM
Brazos F
Add to calendar
Ensuring the trustworthiness of software is pivotal in maintaining software supply chain security. While integrity and image signing are important, they alone may not meet the evolving security regulations and requirements. Increasingly, software trustworthiness, validated through trust authority attestation with supporting evidence, is becoming essential. In this session, we will explore emerging government regulations, industry demands, and the solutions being developed through the collaboration between JFrog and CommScope. We will illustrate how we enhance "JFrog Insight & Mission Control Security solutions" by introducing an additional dimension: CommScope Security Assurance Framework (SAF) for Software Trustworthiness.

58

Session
Mastering the Art of Scaling: Best Practices for Tomorrow's Workloads
Marcus Hogue | JFrog, Sr. Director Solutions Engineering https://sessionize.com/image/8686-400o400o1-KHj1geNzZV4kKyGMz7GdKA.png Marcus Hogue brings over 25 years of experience in the IT industry, specializing in software development, application performance, cloud security, and enterprise automation. He has held leadership roles in solutions engineering at several high-profile companies including JFrog, Heap Analytics, Lacework, AppDynamics, and BMC Software. Previously, Marcus served as a consultant at Compuware and an enterprise performance engineer at Allstate Insurance.
WED 2:45 PM - 3:25 PM
Brazos G
Add to calendar
The landscape of DevOps is rapidly evolving. Continuous Integration/Continuous Deployment (CI/CD) pipelines have advanced from daily runs to hundreds of executions per day, with some now even driven by machine learning models. In this dynamic environment, inadequate infrastructure can lead to broken builds or, worse, the disruption of critical systems. At JFrog, we've gathered insights from countless customers to develop a performance-oriented, scalable infrastructure. Join us to explore best practices, reference architectures, and scaling requirements essential for building a robust, highly available environment that can seamlessly support the next generation of workloads.

59

3:25 PM
Show Closing at Expo
WED 3:25 PM - 3:45 PM
The swamp
No matching sessions were found

Thank You!

Thank you for inquiring about sponsoring swampUP 2024. We’ll be in touch shortly!
Become a Sponsor

swampUP

September 9-11 | Omni Resort & Spa  | Austin, TX
(All the fields are required)