Training Day
November 12th
1
8:30 AM
Registration
WED 8:30 AM - 9:00 AM
2
9:00 AM
Morning
Compliance Without Compromise: Secure Your Software Supply Chain with JFrog
Carmine Acanfora
|
Solution Architect, JFrog
Hamza Zaoui
|
Solution Engineering Manager, JFrog
https://sessionize.com/image/042b-400o400o1-wzEa11BLrB4K3NYUX4gZ7N.jpg
WED 9:00 AM - 12:30 PM
Novice
Maintaining compliance is no longer optional — it’s essential. This workshop guides you through the complexities of compliance regulations while ensuring the security and integrity of your software supply chain. Attendees will explore how JFrog tools, including Artifactory and Xray, enable organizations to not only meet regulatory requirements but also establish a culture of compliance excellence. Through hands-on experience, you’ll learn best practices for implementing compliance frameworks within your DevSecOps processes, automate compliance checks, and ensure rigorous security standards are met across the SDLC.
Key Skills Learned:
• Understand the key compliance requirements relevant to software development and deployment, including: NIST, SLSA, DORA, CRA and more
• Use JFrog Platfrom Security capabilities to manage open-source and proprietary artifacts while ensuring compliance.
• Automate compliance processes with JFrog CLI, REST APIs, and AQL to streamline workflows and reduce human errors.
• Implement proactive compliance strategies and integrate security measures early in the SDLC.
• Foster a culture of compliance excellence and improve collaboration across security, compliance, and development teams.
• Monitor and report compliance status using JFrog tools for ongoing compliance verification.
Who Should Attend:
• Compliance Officers and Risk Managers.
• DevOps Engineers and Software Developers.
• Security Engineers.
Don’t miss out on learning how JFrog can elevate your compliance strategy. Register now and secure your spot today!
3
Morning
Mastering Scalable Architectures for Global Enterprises with JFrog
Eldad Assis
|
Principal DevOps Architect, CTO Office, JFrog
Galit Nadler
|
Solution Architect, JFrog
WED 9:00 AM - 12:30 PM
Intermediate
As enterprises scale their operations globally, creating architectures that are resilient, available, and adaptable to hybrid and multi-cloud environments becomes critical. This workshop dives into designing scalable, enterprise-level SDLC architectures, leveraging JFrog tools to meet the complex needs of modern digital ecosystems. You’ll gain hands-on experience in addressing performance, redundancy, and global collaboration challenges while ensuring operational efficiency.
Key Skills Learned:
• Articulate the key components and benefits of an enterprise-scale architecture for your organization.
• Implement scalable solutions that enhance reliability and resilience across multi-cloud environments.
• Select and design deployment topologies that meet enterprise-specific requirements.
• Anticipate and address potential operational, security, and compliance challenges.
• Create a blueprint that supports operational continuity and global collaboration.
Who Should Attend:
• DevOps and IT Architects.
• Principal and Senior Engineers.
• Systems Administrators.
• Network Engineers.
• IT Decision-Makers.
Register now to secure your spot and start architecting for the future of enterprise-scale success with JFrog!
*This session is available to existing customers only.
4
Full Day
Secure & Streamline Your Software Supply Chain with JFrog
Ronny Belenitsky
|
Director of Product, DevOps Core Product, JFrog
Tal Etinger
|
Senior Strategic Solution Architect, JFrog
Eli Kopelevitch
|
Professional Services DevOps Architect, JFrog
WED 9:00 AM - 5:35 PM
Advanced
Effective Release Lifecycle Management is key to ensuring secure, traceable, and efficient software delivery. Join us for this workshop with hand-on practice to learn how JFrog’s platform can help you automate workflows, improve collaboration, and ensure security and compliance throughout your software supply chain.
Key Skills you can Expect to Learn:
• Tracking and managing software artifacts throughout the lifecycle
• Automating release processes with CI/CD pipeline integration
• Implementing immutable releases and ensuring security compliance
• Enhancing team collaboration for smoother software delivery
• Exclusive Preview of JFrog’s upcoming product features
Who Should Attend?
• DevOps & Software Engineers
• Release Managers & QA Professionals
• Security Engineers & CISOs
• Technology Leaders (CTOs, CIOs)
Don’t miss out on transforming your software delivery process. Sign up today!
*This session is available to existing customers only.
5
12:30 PM
Lunch
WED 12:30 PM - 2:00 PM
6
2:00 PM
Afternoon
Foundations of DevSecOps - Avoiding Software Supply Chain Attacks
Rodolphe Fontaine
|
Strategic Solutions Architect, JFrog
Fabien Louis
|
Professional Services DevOps Senior Engineer, JFrog
WED 2:00 PM - 5:30 PM
Novice
With software supply chain attacks on the rise, security risks have never been more critical. This hands-on workshop focuses on JFrog Security from Shift left to shift right - and how to integrate them into your DevSecOps strategy. We’ll explore how to secure your software supply chain, reduce vulnerabilities, and automate key workflows, ensuring your artifacts and dependencies are safe throughout the development lifecycle.
Key Skills Learned:
• Understand how JFrog security solutions accelerated your organisational DevSecOps goals and provide complete visibility from code to the production.
• Use JFrog security scan capabilities and Developer-Focused Security.
• Gain hands-on experience in configuring repositories, scanning for vulnerabilities, and automating delivery pipelines.
• Implement best practices to secure your software supply chain, reducing the risk of vulnerabilities and improving compliance.
• How to shift security left by embedding security measures early in your SDLC.
Who Should Attend:
• Engineers working across SDLC phases—Development, Automation, DevOps, and SRE.
• Security Engineers focused on securing the software supply chain with the JFrog platform.
Join us to deepen your DevSecOps knowledge and enhance your organization’s security posture with JFrog’s trusted tools. Sign Up Today!
7
Afternoon
MLOps in Action: From Experimentation to Production
Pavel Klushin
|
Senior Manager of Solution Engineering - JFrog ML , JFrog
Yann Chaysinh
|
Professional Services DevOps Architect, JFrog
WED 2:00 PM - 5:30 PM
Intermediate
Integrating machine learning with DevOps practices is essential for organizations to stay competitive. This hands-on workshop will introduce you to JFrog ML and its capabilities, empowering data scientists and DevOps teams to seamlessly manage the end-to-end machine learning lifecycle. Learn to securely build, deploy, and maintain machine learning models with JFrog’s powerful platform, while enhancing collaboration between data scientists and DevOps teams.
Key Skills Learned:
• Seamlessly manage the full ML lifecycle, from experimentation to production, on a single platform.
• Track, compare, and version model experiments for optimized decision-making.
• Leverage JFrog’s advanced security features to scan models for vulnerabilities and ensure compliance.
• Automate training, validation, and deployment processes for faster, more reliable ML results.
• Collaborate effectively between data science and DevOps teams to accelerate model development and deployment.
Who Should Attend:
• Data Scientists.
• DevOps Engineers.
• IT Professionals & Project Managers.
Don’t miss the chance to take your machine learning deployments to the next level. Register now and learn how JFrog ML can transform your MLOps processes for greater speed, security, and efficiency.
8
6:30 PM
Welcome Reception
WED 6:30 PM - 8:00 PM
9
8:30 AM
Registration & Breakfast
THU 8:30 AM - 9:15 AM
10
9:15 AM
Keynote
The Quantum Shift - Rethink Software Supply Chain
Shlomi Ben Haim,
|
Co-Founder and CEO, JFrog
Shlomi is Co-Founder and CEO of JFrog, creators of the universal DevOps platform. He brings over 20 years of experience in building profitable, high-growth information technology companies. Prior to JFrog, Shlomi was the CEO of AlphaCSP (acquired in 2005 by MalamTeam) and a Major in the Israeli Air Force. Shlomi holds an MS from Clark University (Massachusetts, USA) and a BA from Ben-Gurion University (Israel).
THU 9:15 AM - 9:30 AM
11
9:30 AM
Keynote
AI-Driven DevOps Unleashed: The Future Starts Here
Yoav Landman,
|
CTO & Co-founder, JFrog
Yoav is the visionary behind Artifactory, the universal artifact repository manager. Prior to founding JFrog, he spent over a decade as a senior consultant specializing in Distributed Computing and Enterprise Build Systems and held several senior technical roles in global organizations. Yoav holds a master’s degree in computing from RMIT University and a Bachelor of Laws (LL.B) from the University of Haifa.
THU 9:30 AM - 10:00 AM
The future of DevOps is being transformed with autonomous agents. As the world begins to focus on agentic-driven release management, we will soon experience agents driving crucial processes such as building, securing, and deploying packages alongside automated policy enforcement. These agents are not working in silos - they will (and are) communicating with one another, enabling real-time visibility and management of secure pipelines. In this landmark technical keynote, we will reveal how JFrog is empowering teams to implement this modern approach to agentic software delivery - with minimal manual intervention, and with enhanced security – all in a streamlined release process without losing control!
12
10:00 AM
Keynote
Reimagining Trust in Software Releases: A New Approach to Supply Chain Integrity
Eyal Dyment,
|
VP Security, JFrog
Eyal Dyment leads Security at JFrog, where he is responsible for driving the company’s security product strategy and innovation across the software supply chain. With a deep background in AI, machine learning, and data-driven product development, Eyal brings a unique blend of technical expertise and business acumen to the evolving DevSecOps landscape.
Yossi Shaul,
|
SVP DevOps, JFrog
Yossi Shaul is the Senior Vice President of DevOps Core at JFrog, where he leads the development of the company's core DevOps platform. With a career spanning over two decades in software engineering and leadership, Yossi has been instrumental in shaping JFrog's comprehensive solutions that integrate DevOps, DevSecOps, and MLOps practices.
THU 10:00 AM - 10:45 AM
Only secure, verified, compliant software should reach production. Full stop. With increasing pressure on modern development teams to deliver across security and compliance requirements, a fully-secured, attestable pipeline demands complete visibility and control across the entire release lifecycle in a single solution. In this can’t-miss swampUP keynote session, we’ll look at new innovations across JFrog security and platform teams, as well as industry advancements that enable a not just connected, but fully-integrated and robust software supply chain security solution that meets the modern needs of a security-focused, EveryOps reality. Join us for an exclusive look at how this tectonic security shift reshapes what you thought you knew about application security and governance, helping you unlock new levels of confidence in every release.
13
10:45 AM
Coffee Break
THU 10:45 AM - 11:15 AM
14
11:15 AM
Keynote
Trusted AI at Scale: Secure Governance and Scalable Management for Your AI Models
Ran Romano,
|
VP of P&E, JFrog
https://sessionize.com/image/27ae-400o400o1-fkzUHxyySXGJXGdHQiZscf.png
THU 11:15 AM - 12:00 PM
As AI becomes an indispensable part of modern software applications, managing machine learning models with the same rigor as code and binaries is essential. Yet most organizations still treat models as ad-hoc assets: scattered, untracked, and inconsistently governed, creating potentially serious risks around security, compliance, and operational trust. Reminding us of yesterday’s OSS package gold rush, today’s ML/AI Models can originate from many sources: custom-built, open-source, and third-party APIs, each with different risks, ownership boundaries, and lifecycle considerations. In this session, we’ll explore these emerging challenges, and show how advancements in JFrog ML and platform technologies are helping solve them. By treating every type of model as a first-class software artifact, you’ll learn how to integrate model management into your existing DevSecOps pipeline, enable trust by providing visibility, traceability, and evidence-based policy enforcement, and bring the same governance and trust to AI that you already rely on for your software supply chain. It’s time to take back control of AI!
15
12:00 PM
Frog-Proof Security: Streamlining The Sec In DevSecOps
THU 12:00 PM - 12:30 PM
16
12:30 PM
Lunch
THU 12:30 PM - 1:45 PM
17
1:45 PM
Session
Measuring Engineering Success - Metrics in the age of AI
Amos Haviv
|
Senior Engineering Manager, Booking.com
https://sessionize.com/image/d0f3-400o400o1-XAZnPQfZuaJC1UjjJxs7qH.jpg
Amos Haviv is a seasoned engineering leader with nearly two decades of experience in successfully building and deploying medium to large-scale software applications. For the past decade, he has focused on establishing and leading development teams across diverse industries and environments. Amos is also the co-creator of MEAN, an open-source project, and author of two best-selling books on the subject. He is passionate about new technologies and committed to
THU 1:45 PM - 2:25 PM
All Levels
A practical guide to measuring engineering success and barrier in the age of AI. In this presentation I will tell the story of Booking.com's journey in measuring our developer experience, productivity and barriers for executions. I will then talk about how this connected with the huge rise in AI usage for coding and our foundational work helped us measure the impact this had on our teams.
18
Session
Deploy Artifacts (Even Order Pizza!) with MCP
Yonatan Arbel
|
Developer Advocate @ JFrog
https://sessionize.com/image/c75f-400o400o1-QaKF9bmuex8BpZ21xDibk3.jpg
a software developer with rich experience spanning over 12 years. For the past 7.5 years, I have been a valuable member of the JFrog team, a prominent tech company. Over the years, I progressed through the organization and eventually found my place within the Infrastructure group.
I have a genuine passion for technology, which has been a guiding force throughout my 12-year career. My work at JFrog has included significant contributions to the development of the JFrog Platform.
My journey is a testament to my dedication and the opportunities that the tech industry offers to those who are eager to learn and grow. As a speaker, I am excited to share my experiences and insights with others in the tech community.
THU 1:45 PM - 2:25 PM
Novice
What if you could deploy software, manage running images, and even order your favorite pizza—all through an AI-powered chat? Meet MCP (Model Context Protocol), the ultimate gateway for companies looking to become AI-friendly and provide seamless interactions through an exposed MCP server.
In this session, we’ll explore:
✅ What MCP is and how it enables AI-driven automation
✅ How MCP simplifies data fetching and environment management
✅ Real-world use cases, from DevOps workflows to AI-assisted user experiences
✅ A live demo: see how easy it is to integrate MCP into your workflows—yes, even for ordering pizza! 🍕
By the end of this session, you’ll have a solid understanding of MCP and why you should start leveraging its power today. Whether you're a developer, DevOps engineer, or product innovator, MCP is your key to unlocking AI-enhanced automation.
19
2:25 PM
Breakout Sessions
THU 2:25 PM - 6:05 PM
Dive deep with customers and industry leaders into the real-world challenges and innovative solutions defining the quantum shift in software. These sessions offer practical strategies across AI, ML, DevSecOps, and compliance, helping you enhance code quality, accelerate secure delivery, and mitigate supply chain risks.
20
2:35 PM
Session
Compliance: The Holy Grail
Yaniv Feldman
|
Director of Solutions Engineering, JFrog
https://sessionize.com/image/e499-400o400o1-P6G3vYc8gEnrvCwRb95PwX.jpg
Yaniv is Director of Solutions Engineering at JFrog and has been helping various organizations in Europe to modernize and scale their DevSecOps focusing on shifting-left their application security processes and adhering their software products to compliance. Prior to that Yaniv led Splunk’s Customer Success team in Australia enabling enterprise customers to scale their observability platforms, driving application performance efficiency gains and maturing SecOps.
THU 2:35 PM - 3:15 PM
Intermediate
In this session, we'll explore why compliance remains one of the most elusive challenges in modern software supply chains and what's finally evolving.
You'll learn the most common compliance requirements, why tracking them across fast-moving DevSecOps environments is so complex, and why legacy approaches often fall short.
We'll share practical strategies from SBOM generation to automated evidence collection that help meet compliance goals without slowing down innovation.
We'll also look ahead to what's next: continuous compliance posture monitoring, integrated trust signals, and how embedding security into the SDLC can eliminate the need for reactive patching to help you build secure, compliant software from the start.
21
3:15 PM
Coffee Break
THU 3:15 PM - 3:45 PM
22
3:45 PM
Session
Empower Your Organization with Smarter Retention Policies
Petro Flomin,
|
Director of Solution Engineering, JFrog
THU 3:45 PM - 4:25 PM
All Levels
Learn how JFrog’s Retention Policies — Cleanup and Archival — help optimize storage, reduce costs, and ensure compliance without compromising developer productivity. This session will cover best practices for managing dev and production artifacts, automating cleanup and archival, and aligning storage strategies with business goals. Walk away with actionable insights to implement smarter, more efficient retention policies.
23
4:35 PM
Session
Taming the Monolith: Unifying Vulnerability Scanning at Adyen with JFrog
Supun Vidana Pathiranage
|
DevSecOps Specialist, Adyen
https://sessionize.com/image/60db-400o400o1-4FpS8QdHNtPquLts8dn6Vh.jpg
https://linkedin.com/in/vpsupun
THU 4:35 PM - 5:15 PM
All Levels
At Adyen, our core platform is a massive, multi-language monolith—an intricate ecosystem of interconnected modules written in Java, TypeScript, and Python. While this architecture accelerates development, it presented a monumental security challenge: our complex, custom build mechanism made it nearly impossible to effectively identify and track dependencies. This created a critical visibility gap, preventing us from leveraging the full power of the JFrog Platform for vulnerability scanning.
In this session, I will showcase the innovative strategy we engineered to overcome this hurdle. You'll learn how we decoupled dependency resolution from the core build process by creating a system to independently identify dependencies for each language. I'll then demonstrate the custom tooling we built to aggregate this data, publish it as comprehensive build-info to JFrog Artifactory, and finally unlock deep, accurate scanning with JFrog Xray.
Finally, I'll walk you through how we integrated this entire workflow into our development lifecycle. See how we now automatically scan every merge request for new vulnerabilities in both new and existing packages, empowering our developers to shift-left and stop threats before they ever reach our production environment.
Key Takeaways for Attendees:
- Strategies for tackling dependency management in complex, multi-language monorepos.
- A practical blueprint for integrating custom build systems with JFrog Artifactory and Xray.
- Actionable techniques for implementing automated security scans on merge requests to provide developers with immediate feedback.
24
7:00 PM
Gala Dinner
THU 7:00 PM - 10:00 PM
Prepare to be amazed by the mind-blowing show of Lior Souchard at the swampUP Gala Dinner. This is your prime opportunity to cap off a day of groundbreaking insights and expand your network within the community of engineers, DevOps pros, and security leaders driving the quantum shift in software.
25
10:00 PM
Post Gala Open Bar
THU 10:00 PM - 12:00 AM
26
9:00 AM
Registration & Breakfast
FRI 9:00 AM - 9:30 AM
27
9:30 AM
Keynotes
FRI 9:30 AM - 10:50 AM
Kickstart your day with visionary Keynotes from industry leaders. Gain critical insights into the future of AI, ML, DevSecOps, and compliance, and learn how to navigate the quantum shift to securely build, deploy, and scale intelligent software.
28
10:45 AM
Keynote
Ensuring Reliable Evaluation Systems for Your ML
Demetrios Brinkmann,
|
Founder, MLOps Community
https://sessionize.com/image/f003-400o400o1-9KkwzVujWbUCra9Lr34bSj.jpg
Demetrios founded the largest community dealing with productionizing AI and ML models. In April 2020 he fell into leading the MLOps community (more than 75k ML practitioners come together to learn and share experiences) which aims to bring clarity around the operational side of Machine Learning. Since diving into the nitty gritty of Machine Learning he has felt a strong calling to explore the ethical issues surrounding the new tech he covers. In his free time he can be found building stone stackings in the woods with his daughters
FRI 10:45 AM - 11:30 AM
All Levels
Standard benchmarks often fall short and can be misleading. Leaderboards can erode trust in model claims, as they rarely address specific, real-world needs. In this talk, Demetrios Brinkmann will detail how MLOps engineers and developers can build and continuously update their own evaluation systems to create a strong competitive advantage. He’ll cover how to build a reliable “golden dataset,” optimize data collection, labeling, and utilize the right tools to ensure evaluations truly reflect their intended use case.
29
11:30 AM
Keynotes
FRI 11:30 AM - 12:00 PM
30
12:00 PM
Key Takeaways & Wrap-Up
FRI 12:00 PM - 12:15 PM
31
12:15 PM
Lunch
FRI 12:15 PM - 2:15 PM
32
12:58 AM
Session
50 shades of PR
Avishag Sahar
|
Engineering Tech Leader, LinearB
https://sessionize.com/image/3408-400o400o1-hBjJ2Fj8NaRKdH73shj25o.jpg
Avishag began her tech journey at just 18, starting as a Business Intelligence Developer. She later joined Allscripts Healthcare Solutions as a software engineer, followed by Cisco, where she contributed to developing features for Cisco Umbrella’s SWG. A few years ago, Avishag joined LinearB, where she works on the web app platform, WorkerB, GitStream and more, leads engineering teams, and champions new technologies.
FRI 12:58 AM - 12:58 AM
Intermediate
In this a fun talk (yes it’ll be fun!) - Avishag Sahar laments about the top blockers of PRs, but cheer up - because I’ll also provide insights into how to unblock them.
33
Session
Accelerating GenAI Development: Seamless Integration with Hugging Face,NVIDIA via JFrog Artifactory
Saurabh Mishra
|
DevOps Lead
https://sessionize.com/image/f872-400o400o1-LmpfhAmLn85XrC8N2dKxgM.jpg
Saurabh is a Cloud Architect with a deep passion for DevOps and automation. Saurabh actively engages with the tech community, sharing insights on cloud-native technologies, security, and multi-cloud strategies. As a speaker at various conferences, meetups, and workshops, Saurabh helps teams enhance their cloud adoption and optimization efforts.
FRI 12:58 AM - 12:58 AM
Intermediate
Practical demonstration of how JFrog Artifactory can proxy public AI model repositories like Hugging Face, and integrate with NVIDIA Inference Microservices (NIM), ensuring security, performance, and governance for enterprise GenAI development, all while leveraging JFrog Xray for security scanning
34
Session
AI for Decision-Makers & Non-Techies: The baseline for survival
Marin Niehues
|
Founder & Principal Consultant
https://sessionize.com/image/7d76-400o400o1-XHtujJimCuK5okxwNxFRv8.jpg
Marin Niehues is an independent consultant with a track record of over 20 client projects and two startups of his own. He works with VC-backed scaleups and DAX40 companies alike, advising on organizational design, operational performance, and management structures that actually scale.
In the past three years, Marin has been a featured speaker at conferences in more than ten countries across three continents - including repeated invitations from Google and Microsoft.
FRI 12:58 AM - 12:58 AM
Novice
While everyone's talking about AI, most people outside the tech world still don't know how to actually use it.
You've sat through countless presentations filled with buzzwords and vague promises,
but you're still unclear on what AI can realistically do for your organization and what it can't.
This isn't another theoretical or technical AI overview.
This session delivers practical clarity for anyone who needs to understand AI well enough to make smart decisions and stay relevant in their role.
We'll break down technical concepts into something you can actually understand and relate to, no matter your background.
Drawing from my hands-on experience leading AI implementations across enterprises, SMEs, and startups, I'll show you exactly what separates successful AI initiatives from expensive failures.
You'll see concrete examples from multiple industries and learn to spot the difference between genuine AI opportunities and oversold solutions.
You'll discover how to think about AI not just as a technical gimmick but as a tool for today's problems and tomorrow's opportunities.
You’ll walk away knowing:
-> How to talk about AI confidently without faking it.
-> What AI can actually achieve (no magical promises here).
-> Real, practical examples of companies making AI genuinely useful.
-> How to introduce AI effectively, without wasting your budget.
-> Exactly what AI needs to deliver actual results (spoiler: it’s not magic).
35
Session
AI Is Easy - until you add people: Inside the Chaos of Implementing AI
Marin Niehues
|
Founder & Principal Consultant
https://sessionize.com/image/7d76-400o400o1-XHtujJimCuK5okxwNxFRv8.jpg
Marin Niehues is an independent consultant with a track record of over 20 client projects and two startups of his own. He works with VC-backed scaleups and DAX40 companies alike, advising on organizational design, operational performance, and management structures that actually scale.
In the past three years, Marin has been a featured speaker at conferences in more than ten countries across three continents - including repeated invitations from Google and Microsoft.
FRI 12:58 AM - 12:58 AM
Novice
AI is supposed to be the future. At least, that's what all the PowerPoint decks say.
The pitch always sounds great - smarter production lines, real-time process optimization, predictive everything.
And then you actually try to make it happen.
It turns out that AI isn't the hard part - everything else is. The biggest blockers? Legacy systems that refuse to cooperate, missing data that no one realized was missing, skeptical engineers who don't trust "some algorithm," and processes designed for a world that existed long before AI.
But most of all, it’s the people and the organization. Most companies like the idea of AI far more than the change it actually requires
Roles, responsibilities, decision paths -none of it fits. And no one wants to be the first to do things differently.
This is the inside story of embedding AI in a global manufacturer, a project I led from start to finish. The goal was ambitious, the potential was huge, but reality had other plans. I'll walk you through what actually happened-the unexpected resistance, the messy pivots, and the moments that nearly killed the project.
What you'll walk away with...
... a real-world AI case study-not the polished version, but the unfiltered reality.
... why AI isn't just about technology - it's about people, processes, and organizational politics.
... how to deal with resistance, broken data, and invisible roadblocks.
... lessons from the trenches. What works, what doesn't, and what to avoid.
... how to avoid AI mistakes before they derail your next big thing.
36
Session
AI-Powered Slopsquatting: Is Your Software Supply Chain Compromised?
Kalle Sirkesalo
|
CTO of Managed Services
https://sessionize.com/image/b45d-400o400o1-fMvaJ3e7B3SXXRDFBRj7b3.jpg
Kalle works as CTO of Managed Services, making sure Eficode delivers the best possible offering for our service customers. Having worked in the Eficode Managed Services team for many years his experience is wide and deep; he is familiar with maintenance, upgrades and migrations of services to cloud as well as the challenges related to adopting new ways of working.
FRI 12:58 AM - 12:58 AM
Intermediate
Manual dependency checks are no longer sufficient. The software supply chain faces an evolved threat: Slopsquatting. In this talk I’ll expose the nature of AI-driven Slopsquatting, a technique exploiting subtle naming variations and developer habits to inject malicious code.
I will dissect why this threat vector is particularly insidious, how AI enhances its effectiveness, and the high probability that your current practices leave you vulnerable.
In this talk I’ll show concrete examples from the real world on how to counter this behaviour.
Learn how to integrate automated checks, enhance vetting processes, and adopt DevSecOps strategies crucial for safeguarding your applications and understanding the collective responsibility we share in securing the open-source landscape.
Define Slopsquatting and how AI transforms it into a scalable, sophisticated threat.
Analyze the specific vulnerabilities exploited by AI-driven Slopsquatting.
Evaluate the risks associated with inadequate dependency management in CI/CD pipelines.
Implement robust, automated strategies to counter Slopsquatting threats.
Understand the broader implications for software supply chain security.
37
Session
Architecting Smarter Systems: Leveraging Semantic Kernel and Autogen in .NET
Neel Bhatt
|
Chapter Lead & Solutions Architect at RTL
https://sessionize.com/image/0873-400o400o1-EmB78EgZx2STYJw2eC5mz.jpg
Neel is a tech enthusiast, blogger, writer, speaker, and solutions architect. He has 10 years of professional experience. Apart from being a developer, he is an award-winning tech blogger. He likes to stay up-to-date with the latest technology stack, and he likes to share his knowledge with the community. He often arranges RTL meetups to share knowledge. He is a DZone MVB and Top 4% overall on the StackOverflow site. You can find him at his site: https://neelbhatt.com
FRI 12:58 AM - 12:58 AM
Intermediate
In an era where software systems need to be more adaptive, intelligent, and autonomous than ever before, .NET, combined with cutting-edge tools like Semantic Kernel and Autogen, is empowering developers to build the future of intelligent agents. This talk dives deep into the principles and practical applications of creating smarter, agentic systems with these technologies.
Key takeaways from the session include:
- Semantic Kernel: How to leverage its powerful AI orchestration capabilities for natural language understanding, decision-making, and context-driven interactions.
- Autogen: Simplifying multi-agent collaboration to create systems that communicate, collaborate, and solve complex problems autonomously.
- .NET Integration: How the rich ecosystem of .NET 9 streamlines the development and deployment of agentic AI systems.
- Architectural Insights: Designing scalable, maintainable systems that harness the power of intelligent agents, while ensuring accountability, transparency, and ethical compliance.
This session will feature real-world examples and live demos, showcasing how developers can build smarter applications and systems by blending the flexibility of .NET with the power of agentic AI frameworks. Whether you're a seasoned developer or new to AI, this talk will equip you with the tools and strategies to architect smarter systems for the next generation.
38
Session
Are Your Engineering Teams Really Prepared for the GenAI Revolution?!
Yishai Beeri
|
CTO at LinearB
https://sessionize.com/image/6320-400o400o1-QED4u9jJrj6fWphGr88ieU.jpg
Yishai Beeri likes to solve problems, and that’s why he was so fascinated with programming when first encountered Logo back in the 80s, where the possibilities seemed endless.
He has made it a focus of his career to solve complex programming problems, both as a consultant and entrepreneur. In 2014 he joined the CTO office of a fast-moving cloud security startup, which later was acquired by a networking giant. At this startup he also met Ori Keren and Dan Lines, now co-founders of LinearB. He joined them shortly after the company was established, in order to get back to what he loves most about engineering, solving big challenges, and this time he is focusing on the world of Dev Productivity and Experience. He is also the host of the very successful Hebrew Podcast - Dev Interrupted.
FRI 12:58 AM - 12:58 AM
Intermediate
GenAI has gone from generally available, novel technology to widely adopted in a matter of months. Most engineering organizations are using GenAI to generate code, write tests, and assist in code reviews. New code is becoming dirt cheap to write - but our delivery pipelines remain miserably unprepared for the tsunami of new code flowing at a much more rapid pace.
Our current pipelines need a hard reset to prepare us for the GenAI revolution - and engineering managers need to get started TODAY.
This talk will dive into where GenAI is starting to break down our delivery pipelines. While scaling CI/CD is easy, and we can always add a few more workers, scaling the humans in the process is the hard part. This talk will demonstrate how massive amounts of new machine-generated code will impact our pipelines, in ways that will require either greater headcount, or smarter, automated pipelines. You'll come away with ideas for how to modernize your delivery pipeline so you can fully embrace the GenAI revolution.
39
Morning
Augment Your Kubernetes with AI Agents Using Kagent
Ant(on) Weiss
|
Software Delivery Futurist
https://sessionize.com/image/d579-400o400o1-TSUFf1L4csmWMxb1en3HiB.png
20 years in tech, marketing and leadership roles. All about software delivery optimization. 5 years in technical and executive training. Expert in DevOps, Lean, Systems Thinking, Continuous Delivery, Cloud Native and Decentralized Systems. Coder, speaker, writer. Fixated on improving the ways humans collaborate by telling mind-provoking stories.
FRI 12:58 AM - 12:58 AM
Intermediate
Kubernetes can be a great platform for building and running your own AI agents with the use of Kagent - the open source framework for DevOps and platform engineers to automate complex operations and troubleshoot workloads.
In this workshop we'll deploy Kagent in our lab clusters, create AI agents and enrich them with our own tools. We'll see how agents help us with managing and troubleshooting Kubernetes workloads. We'll also get a taste of self-hosting LLMs backing our agents using either Ollama or Kaito, and discuss the cost and performance considerations of this approach.
It's time to make your clusters agentic!
40
Session
Beyond Automation: When Pipelines Learn to Say ‘No’
Igor Gumush
|
Jfrog | Senior R&D
https://sessionize.com/image/00b1-400o400o1-3Htc1Vgytu6gk5kDNsjWkh.jpg
Senior software engineer with a background spanning SoCs, Linux drivers, cybersecurity, and microservices on Kubernetes. Over the years, he has built and optimized complex systems across industries, with a focus on scalable architectures, cloud infrastructure, and automation.
At JFrog, drives innovation by integrating AI. One of the key initiatives helped achieve a 30% reduction in unnecessary builds, significantly improving developer productivity and reducing operational costs.
holds an AWS Certified Solutions Architect – Associate certification and has a strong track record of bridging the gap between cutting-edge technologies and real-world, production-ready systems.
FRI 12:58 AM - 12:58 AM
All Levels
What if your CI/CD pipelines could think twice before building? In a world where every commit spins up expensive builds, we asked: can we teach pipelines to be smarter — and just say no?
In this session, we’ll reveal how we infused AI into our CI/CD workflows, giving pipelines the power to detect when builds are truly needed. The result? A 30% cut in build volume, faster feedback for developers, and significant cost savings.
Join us for a deep dive into the architecture, challenges, and real-world results — and walk away with a blueprint to add intelligence to your pipelines in just days.
41
Session
Beyond the Screen: Unlocking Team Agility with Lessons from Our Feline Friends
Olha Pyvko
|
Agile Delivery Coordinator & Scrum Master
https://sessionize.com/image/1263-400o400o1-MSSBj73AsUHgmyprbr3BVt.jpg
Ukrainian living in Sweden, applying engineering mindset for processes creation.
I am always fascinated about solving tricky puzzles and coming up with new ways to look for the problem.
I got a master degree in Telecommunications in 2016 and started my career in IT as a data conversion specialist, working with databases and customers. I got experience from working as a customer support manager, tech writer for user guides and manuals and then as a product specialist, before coming to work close with Agile as a Product Owner. I enjoyed building the right thing as much as building the thing right and fast. My Scrum Master journey started in 2020 and grew from 2 co-located teams to 8 distributed teams working on the same product with LeSS. And it's just the beginning!
FRI 12:58 AM - 12:58 AM
All Levels
We all know the feeling: you could watch a crackling fire, a flowing stream, or a cat just being a cat for hours. There's a universal fascination with these incredible creatures, and honestly, I think they can share some profound secrets for high-performing teams.
Think about it: cats effortlessly switch between being laser-focused hunters, perfectly relaxed "loafs", insatiably curious explorers, and yes, occasionally, demanding little beasts. They embody a fluid mastery of different states that many of us humans (and our teams) often struggle to achieve.
Cats possess an innate clarity of purpose – they know what they want, and they pursue it with an almost stubborn determination, rarely settling for less. How often do our teams drift without a clear goal, or jump at the first "good enough" solution?
Here's the kicker: While they might not have a clue about the Agile Manifesto, cats live agile principles every single day through their actions. Their adaptability, their focus on value (usually food!), their ability to quickly change direction – it's all there!
Want a team that's not just productive, but genuinely mesmerizing in their ability to deliver and adapt? While I can't promise a mandatory office cat (though, I think that would be awesome!), I can share actionable insights.
Join me to explore my top 5 takeaways on building successful, empowered teams, directly inspired by the most naturally agile creatures on the planet!
42
Session
Binary Management Platform - Gaining Vision with Open Telemetry and Grafana
Tiago Galvao Viegas
|
Lead Developer | Senior Key Engineer | Siemens AG
https://sessionize.com/image/4511-400o400o1-sUEADEEf7yP7ZpU3hPrBS2.png
Tiago is a Senior Key Engineer on Siemens AG, focusing on DevOps and Software Development.
He started as a Full-stack developer in a Portuguese healthcare company. He then joined Siemens in 2020 also as a Fullstack developer. He moved responsibilities inside Siemens, becoming a Team Lead and then more recently recognized as a Senior Key Engineer.
Alex Stoy
|
IT Product Owner, Siemens AG
https://sessionize.com/image/e562-400o400o1-TBucpAm4K8HZd9MMMyy2Nn.jpg
Alex is the product owner at their IT department for the Siemens Binary Management Platform Service, He started as a working student in 2014 for Siemens where he gathered a lot of knowledge regarding build and development for the Siemens products. Here first he supported the incident management and got later to the position of a build/server administrator. Later on in 2016 he joined the company as a regular employee and proceeded on smaller projects where he developed his knowledge about build processes and pipelines. But also did some migration topics where he got a deep dive into the processes of the business. In 2017 he started to work with Artifactory. After they have successfully tested a PoC, decided to set Artifactory on a productive environment up. In his role of solution architect he was responsible for the whole infrastructure set up and all dependencies regarding the needs of the business. The Artifactory service has been set up, has been gone live and the service was born in April 2018. In May 2018, he left the Artifactory team and started working on Software Clearing topics as solution manager, server administrator, service desk and solution architect all in one person. After a while he became a project manager for the software clearing projects to improve the current service… Until he gained the role of Service Owner for the Artifactory service!
Jonathan Beller
|
Siemens AG, Solution Architect
https://sessionize.com/image/2e7d-400o400o1-UUyWVwr94duSMJTsJH2Zk5.png
I have studied computer science and business informatics at the Karlsruhe Institute of Technology.
I started working at Siemens as working student in 2016 and supported the newly set up Polarion service with scripting and development of extensions, integrating various IT systems. Since October 2021, I am the solution expert of the Binary Management Platform service that offers an array of Artifactory instances to Siemens-internal customers.
FRI 12:58 AM - 12:58 AM
Intermediate
Find out how we migrated our monitoring from a paid proprietary monitoring service to a self-managed cost-effective solution using well-known open-source components. By using Open Telemetry, we gained access to additional monitoring capabilities, which allowed us to get rid of resource consumption and misconfiguration blind spots for our world-wide self-hosted JFrog Platform landscape.
43
Session
Conan 2: security features for enterprise-grade C++ projects
Luis Caro Campos
|
Conan @ JFrog
https://sessionize.com/image/39cf-400o400o1-hgxvcYJUqvfhih6XAt21te.jpg
Luis is an Electronics and Computer Engineer, currently working a R&D Team Lead in the Conan Team at JFrog. He started his journey with C++ in university doing research in the field of Computer Vision. Since 2015 he has been based in the UK and has worked in the field of 3D Scanning, and more recently in the field of Robotics (Autonomous Driving) at Oxbotica, before joining the Conan team at JFrog in 2022.
Over the years, Luis has become concerned with the problem of enabling C++ Software Development at scale, working on the tooling and processes that enable large teams of C++ developers to focus on writing code.
FRI 12:58 AM - 12:58 AM
Intermediate
Memory safety issues have long been a common cause of security vulnerabilities, to the point where government agencies are recommending moving away from languages like C and C++ for new product development. However, while “memory safe” languages exist - the same agencies acknowledge that software will have to interface with components written in C and C++ for a long time, and recommend that software vendors have a memory safety roadmap.
Key items of a memory safety roadmap include keeping proper track of external dependencies, a transparency plan (vendors and customers should know which dependencies are included in each product), and a plan to react to disclosed CVEs (Common Vulnerabilities and Exposures).
The recent ISO C++ developer survey highlights how dependencies are still integrated as part of projects and not properly traced. This talk will cover how C++ developers can leverage Conan to properly track dependencies, and how it integrates with JFrog’s Security offerings to help developers in fulfilling their contractual and regulatory obligations.
Features covered: Software Bill of Materials, Audit dependencies (report CVE vulnerabilities, powered by JFrog Advanced Security), package signing and JFrog Xray integration via Artifactory.
44
Morning
d'AIrtagnan and Three Mocketeers for easy integration testing - all as one, and one as all
Oleg Nenashev
|
Lead Developer Advocate, Gradle
https://sessionize.com/image/138b-400o400o1-WdYguY2g9NtMFyvHGfrDes.jpg
Oleg is a developer tools hacker, community builder, and DevRel consultant. He's passionate open source software, open ecosystems and open hardware advocate. Oleg is a core maintainer and ex board member in the Jenkins project. He's a CNCF ambassador, Testcontainers Champion, GSoC mentor and a former CDF TOC Chair. Oleg has a PhD degree in electronics design and volunteers in Ukrainian support and Russian anti-war organizations.
FRI 12:58 AM - 12:58 AM
Advanced
When you model (aka "mock") services during software development or integration testing, you need to mimic APIs, databases, and other data providers. You can't do this with just one tool; you need to combine several. You will also need zillions of configuration files and test samples for mock... unless you leverage the power of Generative AI.
In this session, We will take Artifactory as a target service for the integrations and create an upgerade assistant bot together. I'll demonstrate some ways to create test services, mock databases, and API providers using Testcontainers, Microcks, and DataFaker for a modern Java / Gradle project. After the introduction, we'll skip all the boring YAML configurations and go straight to leveraging AI and MCPs to generate proper data services and mocks with minimum effort from the developer's side.
45
Session
Digital Trust at Scale: DevSecAI, Scalable Supply Chains, and Continuous Compliance
Shumaila Ahmed
|
Senior DevSecOps Engineer - Qordata
https://sessionize.com/image/fcc4-400o400o1-EabuALn4ZYJPA2GnME9k6J.png
Shumaila Ahmed is a Senior DevSecOps Engineer with extensive experience designing secure software pipelines for regulated industries. She has led security architecture and compliance initiatives, helping organizations align with SOC 2 Type 2, ISO 27001, and GDPR.
Shumaila specializes in integrating security into CI/CD workflows. Her work bridges DevSecOps, supply chain security, and AI-powered trust frameworks, with a focus on scalable, audit-ready infrastructure in multicloud setups.
An educator and open-source contributor, Shumaila has taught digital forensics at the postgraduate level and built cybersecurity awareness programs for underserved communities. She is passionate about simplifying complex compliance processes through automation.
FRI 12:58 AM - 12:58 AM
Intermediate
This session shares our journey implementing DevSecAI principles across a multicloud, serverless architecture while achieving continuous compliance with SOC 2 Type 2 and other regulatory standards.
We’ll explore the tools central to our secure software supply chain, enabling automated SBOM validation, artifact integrity enforcement, and policy-as-code guardrails. You'll learn how we built secure, scalable CI/CD pipelines for AWS Lambda, Fargate, and Azure Functions
From third-party risk and automated evidence collection to secret rotation and multicloud posture visibility, this talk provides a blueprint for embedding security, compliance, and digital trust directly into your DevSecOps workflows.
46
Session
Drowning in Observability Costs? Build a Cost-Aware Telemetry Pipeline to Keep You Afloat
Yash Verma
|
Software Engineer and Researcher
https://sessionize.com/image/3b76-400o400o1-GBKBhPBGbrtRGddhXvDXYU.png
Yash is a software engineer and researcher with a deep interest in distributed systems. His focus is on observability and performance, areas where he constantly seeks new insights. As an active advocate of OpenTelemetry, Yash contributes to both the project and the wider community. Outside of tech, he’s an avid explorer, whether in the kitchen experimenting with new recipes or traveling the world to taste diverse cuisines.
FRI 12:58 AM - 12:58 AM
Intermediate
Observability is the cornerstone of reliable systems. It lets teams identify and resolve issues before they impact a broader group of users. Yet building an ideal observability stack is far from easy. It demands time and effort — instrumenting every app, service and component that emits telemetry. Shouldn’t we be asking ourselves: are we really investing in observability, or just paying for some distributed noise? Many teams default to - Store'em All, just in case - logs that no one reads, traces that no one queries, metrics that never inform action. The result? Costs escalate. Operational clarity fades.
The issue isn’t lack of telemetry, it’s unchecked volume without purpose. This talk explores telemetry pipeline as a strategy to take back control. At the OpenTelemetry Collector level, we can filter, transform, sample, redact sensitive data and route telemetry with intent. The goal is to extract clear business value from every signal and dollar spent. By aligning observability with outcomes, we get an adaptive, efficient and cost-aware setup. Whether you’re just starting out or operating at scale, this talk will show how to turn observability into a strategic asset instead of a liability.
47
Morning
Effortless JFrog Platform setup on AWS Using Terraform
Ram Mohan Rao Chukka
|
Ram | Developer | JFrog
https://sessionize.com/image/3e20-400o400o1-XFv54i3S4QMKxYQKZSnRjR.png
Ram is a Senior Software Engineer at JFrog R&D . Previously worked for startup companies like CallidusCloud (SAP Company), Konylabs. Loves Automation, Linux, openSource
Eldad Assis
|
Principal DevOps Architect, JFrog CTO office
https://sessionize.com/image/0e4c-400o400o1-2a48d35c-9eb5-46e5-be78-a5a88808cb81.jpg
More than 20 years doing software and infrastructure development. DevOps/DevSecOps/PlatformEngineering.
Advocating DevOps, CI/CD, Cloud Native practices and automation everywhere.
FRI 12:58 AM - 12:58 AM
All Levels
In this session, we will explore how to simplify and automate the deployment of the JFrog Platform on AWS using Terraform, with a particular focus on Day 1 and Day 2 operations. Day 1 will cover the foundational setup, including provisioning the necessary AWS infrastructure such as VPC, RDS, S3, and EKS. Day 2 will dive into the post-deployment configurations and management using Terraform providers, ensuring that your JFrog platform remains scalable, reliable, and easy to manage.
By the end of this session, you'll have a clear understanding of how to deploy JFrog Platform on AWS using Terraform and efficiently manage your environment for ongoing operations, updates, and scaling with Terraform providers. This session is perfect for DevOps engineers and cloud architects looking to optimize their infrastructure-as-code workflows for JFrog platform deployments.
48
Session
Empowering Efficiency: A Scalable DevSecOps Journey with IAV
Mark-Kevin Walda
|
IT Product Owner and Project Manager - IAV GmbH
https://sessionize.com/image/4072-400o400o1-Dd4NsihNomfJF2gLVqwq1n.jpg
05/2019-04/2021: Process Engineer
from 04/2021- today: IT Product Owner
-responsibility for the application portfolio in the areas data management, data science, iot and software development
from 07/2023 - today: IT Project Manager
- it project management for projects in the area data management, data science, iot and software development.
FRI 12:58 AM - 12:58 AM
All Levels
Join IAV on a transformative journey from a decentralized ecosystem to a centralized powerhouse of DevSecOps excellence. This session will showcase IAV's innovative building block approach to handling diverse tasks in the software development process, with a focus on scalability and security.
Discover how IAV transitioned to a centralized model using the JFrog Platform and standardized GitLab Pipelines, providing a comprehensive overview of open-source artifacts and enhancing developer efficiency. Learn how companies, even those unable to centrally manage policies, can centralize key aspects of software development to streamline processes and boost productivity.
Through technical examples and practical insights, this session will demonstrate the power of DevSecOps building blocks, offering a blueprint for success in modern software development. Explore how IAV's scalable solutions can empower your organization to achieve DevSecOps excellence.
49
Session
Escape from Planet Regex - Kotlin to the Rescue
Ben Kadel
|
Senior Mobile Engineer at GetYourGuide
https://sessionize.com/image/54f5-400o400o1-31mVG35BLhHT49izHuyZnY.jpg
Developer, Presenter/Teacher, Open source advocate, Ultimate frisbee player & Board game hoarder.
I love the fact that I get to code for a living, but I am also incredibly passionate about sharing, collaborating and helping others on their dev journey!
I also have a growing YouTube channel (youtube.com/benkadel), where I try to make entertaining & educational content about programming, the tech industry and specific tutorials to breakdown complex topics.
I adore presenting, story-telling and just generally engaging with an audience. If I am able to make life, even just a little brighter for someone then I have succeeded!
FRI 12:58 AM - 12:58 AM
Novice
Calling All Aspiring Space Adventurers: Join the Elite Crew of the USS Singleton (the Federation's greatest explorer class vessel) Today!
Embark on the thrilling adventure of a lifetime with the intrepid crew of the Singleton, as you navigate an uncharted (possibly dangerous) galaxy, where mastering Regex is not just an option—it's a matter of life-or-death!
During your travels you'll uncover; not only a deep understanding of Regex itself (from basics to advanced), but also how to wield Kotlin to conquer any pattern matching challenge you face, equipping you with invaluable lifelong regex power!
If that excites you, then signing up to the legendary personnel of the USS Singleton is for you! Here are just a few of the Benefits of the Job:
* Properly learn Regex - From Amateur to Professional, so that you can actually put the knowledge to use!
* Learn Kotlin APIs to work with Regex
* Explore the vast cosmos & become an Intergalactic Hero having your name sung through the ages! (...possibly)
Due to § 213-B:USSF Mandatory disclosure of hazardous workplaces; we must add: Possible “Challenges” of the role:
* Ship may crash, leaving the crew stranded on an alien world
* Possible loss of sanity and/or limbs
* High chance of death.
…But no need to worry, with the Captain & the crew of the USS Singleton, you are in very safe hands…So, what are you waiting for?
Become a fabled starfarer today and unlock the secrets of Regex… ... Before it’s too late…
50
Session
Fight fire with fire: Agentic CI with JFrog and Dagger
Jeremy Adams
|
Head of Ecosystem at Dagger
https://sessionize.com/image/2cae-400o400o1-92iaQgHxa2sbAEywADV5H1.jpg
Jeremy is a senior leader with both a technical and a strategic streak. Passionate about people and entrepreneurship, integration and automation. Through technical/business roles at Dagger, GitHub, Twistlock, and Puppet, Jeremy has both zoomed in and zoomed out a lot, acquiring an appreciation for the details and an ever-broader sense of the big architectural picture.
FRI 12:58 AM - 12:58 AM
Advanced
As organizations pump out record quantities of code, it's moving the bottlenecks to CI and Code Review. With code piling up, velocity grinds to a halt. Teams need to add appropriate AI agents and the right guardrails to CI pipelines to balance things out.
What if your CI/CD pipelines could fix PR code right in the pipeline!? What if they understood why lints, builds, or tests failed and then proposed the correct fix instead of just throwing it back over the wall to developers or burdening code reviewers with half-done PRs? Join us for a hands-on technical session showcasing how JFrog Artifactory, Dagger’s portable pipelines, and LLM-powered AI agents combine to create an intelligent, adaptive platform for shipping software faster.
We’ll walk through a live scenario such as:
- An app build fails in CI.
- An AI agent (backed by an LLM) inspects the failure, correlates logs, build metadata, and deployment artifacts.
- It proposes a fix in code (using Dagger Functions), regenerates the pipeline, and pushes the corrected artifact to JFrog.
You’ll leave with a blueprint for building your own self-healing pipeline systems using the best of artifact management, containerized pipeline portability, and developer-first AI.
51
Keynote
Formula One Thinking: Speed, Precision, and Pit Crew Culture in Tech
Neel Bhatt
|
Chapter Lead & Solutions Architect at RTL
https://sessionize.com/image/0873-400o400o1-EmB78EgZx2STYJw2eC5mz.jpg
Neel is a tech enthusiast, blogger, writer, speaker, and solutions architect. He has 10 years of professional experience. Apart from being a developer, he is an award-winning tech blogger. He likes to stay up-to-date with the latest technology stack, and he likes to share his knowledge with the community. He often arranges RTL meetups to share knowledge. He is a DZone MVB and Top 4% overall on the StackOverflow site. You can find him at his site: https://neelbhatt.com
FRI 12:58 AM - 12:58 AM
Intermediate
In the world of Formula One, milliseconds matter. Pit crews operate with breathtaking precision, teams make data-driven decisions in real-time, and entire car systems are optimized to handle extreme pressure - all while racing at over 300 km/h.
This talk takes you into the fast lane, drawing parallels between elite F1 teams and high-performing software engineering organizations. We’ll explore how principles like rapid iteration, modular design, tight feedback loops, and psychological safety from the F1 world can help tech teams move faster without crashing under pressure.
From CI/CD pipelines as pit stops, to observability as digital telemetry, to building a culture where failure is expected and recoverable - this session offers a high-octane perspective on team performance, system design, and engineering excellence.
52
Session
Freeze,Investigate,Recover: Unlocking Forensic Container Checkpointing with CRI-U
Mehul Patel
|
Independent Cloud Consultant
https://sessionize.com/image/5fb9-400o400o1-SVgq5cYj18ESua5Xn9ocdb.jpg
Mehul is a dedicated tech enthusiast with a Master's degree in Computer Science and over 12 years of hands-on experience in cutting-edge technologies including AWS, Google Cloud, Docker, Kubernetes, Ansible, Jenkins, and Terraform. He's conducted 500+ sessions across 25+ countries, sharing his expertise. Founder of 'CloudCaptain,' he guides beginners in excelling in DevOps and cloud tech. Mehul is a Ex. Mozilla Reps Council member, AWS Community Builder, Docker Captain, Ex.Auth0 Ambassador, and organizer of various tech meetups, making significant contributions to the tech community.
FRI 12:58 AM - 12:58 AM
All Levels
Resilience in Kubernetes often relies on pod restarts, but what if we could checkpoint running containers for forensic analysis and seamless recovery? This is where Checkpoint/Restore in Userspace (CRIU) and its integration with CRI-O and Containerd come into play.
When applications fail, are compromised, or need migration, traditional recovery methods lose valuable runtime data, making debugging, forensic investigation, and live migration difficult. CRI-U enables container-level checkpointing, allowing us to snapshot an application’s complete state, including memory, processes, and open files. This unlocks new security forensics, failure recovery, and workload resilience possibilities.
This session will explore how forensic container checkpointing enhances Kubernetes resilience. Attendees will learn how to securely capture, analyse, and restore container states, ensuring minimal downtime and improved security
53
Session
From CI/CD to CI/AI: Scaling DevOps with AI-Driven Automation and Autonomous Agents
Yoav Lax
|
AI Solution Architect at Varonis
https://sessionize.com/image/45ca-400o400o1-Gtx2yxnkHrUxbY45C7QZ3o.jpg
Hi! I’m Yoav Lax 😊
I’m an AI Solutions Architect with a passion for building intelligent, scalable systems that drive innovation and transformation. Formerly a DevOps Group Tech Lead at Varonis - where I earned the nickname “Mr. Migration” for my extensive expertise in migrating complex projects.
My journey has taken me from .NET development and Agile coaching to architecting AI-powered solutions that integrate seamlessly with DevOps pipelines, cloud platforms, and enterprise systems. I bring a unique blend of hands-on engineering, strategic thinking, and deep technical insight.
FRI 12:58 AM - 12:58 AM
All Levels
As AI becomes integral to modern software delivery, DevOps teams face new challenges and opportunities in transforming their workflows. In this session, we'll share real-world lessons from leading AI adoption across mission-critical platforms, where we evolved traditional CI/CD pipelines into intelligent, adaptive CI/AI systems.
We’ll explore how we:
* Embedded autonomous agents into our CI lifecycle.
* Designed strategic adoption frameworks to supercharge engineering velocity and quality.
* Measured the real-world impact on developer productivity, code quality, and release velocity.
* Drove adoption across the whole R&D organization.
* Balanced rapid innovation with reliability while scaling AI across complex, high-stakes environments.
Whether you're just starting your AI journey or scaling adoption across teams, this talk offers a practical blueprint for building AI-native DevOps organizations.
54
Session
From CI/CD to CM (Continuous Merge): Unleash Your Dev Velocity
Avishag Sahar
|
Engineering Tech Leader, LinearB
https://sessionize.com/image/3408-400o400o1-hBjJ2Fj8NaRKdH73shj25o.jpg
Avishag began her tech journey at just 18, starting as a Business Intelligence Developer. She later joined Allscripts Healthcare Solutions as a software engineer, followed by Cisco, where she contributed to developing features for Cisco Umbrella’s SWG. A few years ago, Avishag joined LinearB, where she works on the web app platform, WorkerB, GitStream and more, leads engineering teams, and champions new technologies.
FRI 12:58 AM - 12:58 AM
All Levels
Being an elite dev team isn’t just about merging faster, it’s about being able to deliver consistently. While velocity is the primary metric these days that marks elite teams - this is still in a world where all pull requests are created equal and undergo the same CI/CD gating and branch protection. But what if it doesn’t have to be this way?
Developer happiness and retention is often based on the type of work a team is doing and the amount of frustration involved trying to get code merged––where some of these merges are as simple as minor config fixes, version upgrades or documentation edits. In this session, we will discover how elite teams are flipping the paradigm through evolving their CI/CD to CM, continuous merge, by optimizing non-coding time and customizing how Pull Requests are treated based on their unique characteristics and impact on production systems. You too can be one pull request away from dev enlightenment and happiness.
55
Session
From Fire to Flow: Scaling Platform Engineering with JFrog
Owen Delaney
|
Senior Chapter Lead, Admiral Insurance
https://sessionize.com/image/2550-400o400o1-PXP51C3CAn2Zr1xG9wjuVF.jpg
Owen leads platform engineering teams at Admiral, driving DevOps transformation through automation, enablement, and a product mindset. He’s passionate about building scalable platforms that empower teams and deliver real impact.
FRI 12:58 AM - 12:58 AM
All Levels
What do you do when your software delivery platform becomes the bottleneck instead of the enabler? At Admiral, we faced a burning platform moment—an inflection point that forced us to rethink how we build, secure, and ship software. This keynote shares our journey from firefighting to future-proofing, and how we scaled platform engineering with JFrog at the core.
We’ll explore how we selected JFrog as our DevOps platform of choice, the strategic role of platform engineering in the implementation, and how we used Terraform to codify and scale our infrastructure. You’ll hear how we tackled challenges like fragmented tooling, inconsistent pipelines, and cultural inertia—and how we overcame them through automation, enablement, and a product mindset.
This is a story of transformation, not just technology. It’s about building a platform that empowers teams, accelerates delivery, and strengthens security—without burning out your engineers.
Key Takeaways
Turning Crisis into Opportunity: How a burning platform moment aligned leadership, engineering, and security around a shared vision for change.
Platform Selection with Purpose: Why JFrog was chosen and how it aligned with our goals for security, scalability, and developer experience.
Scaling with Platform Engineering: How we structured our platform team, used Terraform to codify JFrog, and built reusable modules and golden paths to support autonomy at scale.
Overcoming Real-World Challenges: From cultural resistance to technical complexity, how we navigated the human and technical sides of transformation.
Delivering Measurable Impact: The benefits we’ve realised—from faster delivery cycles and stronger governance to happier, more empowered engineers.
56
Session
From Scan to Sign-Off: Integrating NightVision DAST Attestations with JFrog Evidence Collection
Qilong Wang
|
Chief Technology Officer | NightVision Security
https://sessionize.com/image/9d03-400o400o1-RdsFdfwvsybAEZsxAoNB4u.jpg
Qilong is an engineering leader with more than 20 years of experience across both large enterprises and startups. He’s built and led teams that create large-scale, high-performance SaaS products. As CTO at NightVision, he leads the charge on developing and shipping their industry-leading DAST solution. Under his leadership, NightVision helps companies strengthen their security posture, embrace shift-left security practices, and deliver a better developer experience.
FRI 12:58 AM - 12:58 AM
Advanced
In this session, we’ll walk through how to integrate NightVision’s next-generation web and API security testing tool with JFrog’s Evidence Collection framework. You’ll see how NightVision runs high-speed, authenticated grey-box scans, finds exploitable issues with code-level insights, and then generates signed vulnerability attestations. We’ll integrate that evidence into a JFrog software artifact using the JFrog CLI, so that scan result travels with the artifacts and appears on JFrog’s visual evidence graph.
By the end of this talk, you’ll see how this combined solution:
. Ensures traceable, signed proof of security testing across your SDLC
. Enables Release Lifecycle Management policies that gate promotions based on NightVision scan results
. Streamlines audits, compliance, and governance by keeping all security attestation into JFrog as the single source of truth
We’ll demo a CI flow that starts with a pull request, kicks off a NightVision scan, collects its report as signed evidence, and attaches it to a software artifact before any promotion happens. If no critical vulnerabilities are found, you can proceed. Otherwise, you’ll see how to automatically halt a rollout, track the findings, and iterate fast.
57
Session
From Zero to Million: How I got the first Million downloads on my Open-Source PHP package
Lucas Teixeira Rocha
|
Senior Software Engineer at Oracle
https://sessionize.com/image/16ad-400o400o1-LunpRHVP2ZdQiuTYzyJmbW.png
Since embarking on my programming career in 2011, I have developed proficiency in an array of programming languages and frameworks. My repertoire includes JavaScript with its various frameworks and libraries (Express, NestJS, loopback.io, React, Angular), C# with .NET Core, PHP with popular frameworks (Laravel, Symfony, Yii), Python using Flask, and Java with Spring. This broad skill set enables me to effectively tackle unique project requirements, ensuring that each solution I deliver is not only tailored to specific needs but also upholds the highest standards of quality and innovation. My commitment to each project goes beyond just meeting specifications; it's about creating solutions that drive progress and make a meaningful impact.
https://www.linkedin.com/in/lucasredeaberta/
FRI 12:58 AM - 12:58 AM
Novice
I will start by explaining a little bit about the project, it’s differentials and how the CI/CD process helped it to succeed.
The second part will explain the process and the most important decisions and suggestions that I got from friends and co-workers (highlighting the importance of sharing your personal projects with people you thrust).
Third part will speak about how to get financial support for a free and Open Source project. Here I will also reveal what I would do differently if I could go back in time.
Last part will provide valorous advices for who is starting or looking for a project to start. I will also try to finish the presentation by inspiring people to do the same I did (or even better).
58
Session
How Can Engineering Leaders Measure the Impact of GenAI
Yishai Beeri
|
CTO at LinearB
https://sessionize.com/image/6320-400o400o1-QED4u9jJrj6fWphGr88ieU.jpg
Yishai Beeri likes to solve problems, and that’s why he was so fascinated with programming when first encountered Logo back in the 80s, where the possibilities seemed endless.
He has made it a focus of his career to solve complex programming problems, both as a consultant and entrepreneur. In 2014 he joined the CTO office of a fast-moving cloud security startup, which later was acquired by a networking giant. At this startup he also met Ori Keren and Dan Lines, now co-founders of LinearB. He joined them shortly after the company was established, in order to get back to what he loves most about engineering, solving big challenges, and this time he is focusing on the world of Dev Productivity and Experience. He is also the host of the very successful Hebrew Podcast - Dev Interrupted.
FRI 12:58 AM - 12:58 AM
All Levels
Generative AI has taken the world by storm since its general availability to the public in early 2023. Going from novel technology to commodity in months, this disruptive technology quickly found applications in the software development world - and many engineering organizations are trying to capitalize on the disruptive technology.
Nearly every engineering organization has adopted, or is thinking about adopting GenAI as a tool for developers. It has become wildly popular for everything from generating code, to writing and deploying tests, pull request reviews, experimentation and PoCs and much more. But who checks the machines?
In this talk I'll dive into the actual measurable outcomes - positive and negative - of adopting GenAI in engineering organizations. While engineering leaders rapidly jumped on the GenAI bandwagon, many are still struggling to quantify its value, not to mention manage its risks. This talk will discuss how and what to measure to understand adoption, quantify benefits and control risks in your initiative to leverage AI in your engineering organization. Join us to learn about the specific metrics you should be monitoring to ensure maximizing ROI on your GenAI engineering org initiatives.
59
Keynote
How to secure a job beyond a job ad
Melica Moshiri
|
BBC The Apprentice Candidate 2025 | Founder & CEO at Global AI search firm
https://sessionize.com/image/d1b4-400o400o1-pcAEi5qiEscLfjy1xy95L7.jpg
you may recognise me from this year's BBC The Apprentice.
Following the show, I was invited to share my story on BBC News, BBC Radio 5 live, BBC South East, Manoto (Persian TV), and across multiple radio stations including BBC Radio Sussex, V2 Radio, and Greatest Hits Radio. I’ve also been featured in publications such as Daily Mail, Metro, The Mirror, The Sun, Recruiter Magazine, and Yahoo News.
Raised by a single father in an immigrant Persian household, I’ve always been fiercely independent. From buying my first property at a young age and now having 3, moving to Southern California alone in my 20s, to launching a business that works with global tech leaders, my journey reflects resilience, adaptability, and a passion for impact.
FRI 12:58 AM - 12:58 AM
All Levels
Candidates in the tech field often feel ignored when applying for roles which they are a suitable fit for. They don’t hear back. This is a session to advice job seekers how to secure a role with their dream company beyond just seeing a job ad out. How to approach decision makers and how to stand out by personal branding initiatives
60
Session
JFrog CLI version manager
Bhanu Reddy
|
Senior Software Engineer
https://sessionize.com/image/6d34-400o400o1-7HXMJik1yvK1koT2oovyWH.jpg
Hi, I’m Bhanu Reddy, a backend engineer who enjoys turning ideas into solid, reliable code. I build most of my services in Go, Java, Python and ship them through Docker, Kubernetes, and GitHub Actions. My day job is to keep APIs fast, builds short, and logs clear so teams can move without stress. When pipelines crawl, I tune them; when requests lag, I profile and refactor until they fly. I share what works—whether it’s a neat shell script or a design tip across teams. Off the clock, you’ll catch me tinkering with Raspberry Pi projects or trying out the latest dev tools.
Leela Padmaja
|
Engineering Manager
https://sessionize.com/image/54d5-400o400o1-np1Acget9Lu3XiaY3e6gg4.jpg
I’m Leela Padmaja, an Engineering Manager at JFrog with over 19 years of experience in the software industry.
My background is majorly in Java, and over the years developed deep expertise in Golang, working on scalable, developer-focused tools.
At JFrog, I lead efforts on the Artifactory CLI team, where we build and maintain core command-line tools that developers and DevOps teams rely on every day.
Throughout my career, I’ve received multiple awards for delivering impactful, high-quality solutions. I’m passionate about simplifying workflows, improving automation, and solving real-world engineering challenges.
JFVM is a self-initiated team project born out of that passion created to solve the common pain.
I’m excited to share how this can help us work more efficiently.
FRI 12:58 AM - 12:58 AM
Advanced
As teams grow and projects use different tools, managing JFrog CLI versions gets tricky. JFVM makes this easy for both DevOps engineers and CI/CD developers.
For CI/CD developers, consistency and predictability in build and deployment pipelines are critical but managing JFrog CLI versions in these environments often becomes a hidden bottleneck. Testing new CLI versions without disrupting existing flows is difficult, and tracing regressions to a CLI update is rarely straightforward. JFVM addresses these issues by enabling CLI version pinning per project or pipeline, ensuring reproducibility across all stages. CI/CD Developers can test command behavior and measure performance and export results in CI-friendly formats like JSON. The shim-based design means every call to jf runs the right version without manual setup. For CI/CD workflows, JFVM adds a layer of control, automation, and insight eliminating guesswork and allowing teams to ship faster with confidence.
For DevOps engineers, managing multiple versions of the JFrog CLI across various environments and teams is an ongoing challenge. Different projects often rely on specific versions, and maintaining consistency without breaking workflows requires careful coordination. Manual version switching, symlink setups, and PATH manipulations are not only error-prone but also difficult to scale. Troubleshooting version-related issues or testing new CLI releases becomes a time-consuming and risky task. JFVM streamlines this entire process by offering a clean, reliable version manager that lets teams install, switch, and link JFrog CLI binaries effortlessly. With project-level defaults, teams ensure version consistency across machines and environments. Powerful features in jfvm allow DevOps teams to evaluate behavior and performance across versions, reducing risk during upgrades. Usage analytics add visibility into command usage and adoption trends, enabling better governance and toolchain optimization.
61
Session
Leaking Secrets with AI: mcp workflow edition
Erwin de Keijzer
|
DevOps Engineer at Fullstaq, chindōgu Engineer at home
https://sessionize.com/image/0bd1-400o400o1-Pq5LipoefNFttuikKR48Qj.jpg
By day Erwin is a DevOps engineer at TrueFullstaq, consulting companies on how to best implement cloud native principles on the public cloud and how to develop applications to fully embrace what new technologies can offer.
At night he turns into a chindōgu engineer (look it up on wikipedia, it's awesome). Tinkering with stuff like adding music to his home elevator or connecting his garage door to the internet.
His presentations always come with a dose of humor and self-deprecation. And if it all works out, you'll learn something too.
FRI 12:58 AM - 12:58 AM
Intermediate
With LLMs and MCP it has become easier than ever to leak secrets from all your environments to LLM providers.
Erwin will demo how to responsibly use LLMs to debug your running applications with kubernetes and prometheus and how to prevent them from accessing things they should not.
62
Session
Less Is More: How Lagom and Agile Can Create Harmonious Workflows
Olha Pyvko
|
Agile Delivery Coordinator & Scrum Master
https://sessionize.com/image/1263-400o400o1-MSSBj73AsUHgmyprbr3BVt.jpg
Ukrainian living in Sweden, applying engineering mindset for processes creation.
I am always fascinated about solving tricky puzzles and coming up with new ways to look for the problem.
I got a master degree in Telecommunications in 2016 and started my career in IT as a data conversion specialist, working with databases and customers. I got experience from working as a customer support manager, tech writer for user guides and manuals and then as a product specialist, before coming to work close with Agile as a Product Owner. I enjoyed building the right thing as much as building the thing right and fast. My Scrum Master journey started in 2020 and grew from 2 co-located teams to 8 distributed teams working on the same product with LeSS. And it's just the beginning!
FRI 12:58 AM - 12:58 AM
Intermediate
Hej! As an Agile coach who recently moved to Sweden, I’ve come to discover a beautiful thing about the Scandinavian way of life—Lagom. It's all about balance, simplicity, and finding the perfect harmony in everything you do. And guess what? It turns out Lagom has so much in common with Agile! Who knew?
In this fun and energizing talk, I’ll share how the philosophy of Lagom (which, in case you're wondering, roughly translates to "just the right amount") can actually help you fine-tune your Agile processes to create workflows that feel... well, just right! No more chaos, no more burnout—just the perfect balance of productivity and well-being.
And the best part? By incorporating Lagom, you can actually improve the quality of your work without pushing yourself or your team to the breaking point and burnouts. It's all about creating just the right amount of challenge, just the right amount of rest, and just the right amount of focus.
This session is focused on the practical, lighthearted insights you can start using right away to improve your Agile processes, all while embracing a tradition that has stood the test of time in Sweden. If you’re ready to get rid of burnout and bring balance to your development teams, this is the talk for you!
63
Session
Letting Swarms of Agents Loose (or Letting them Win?)
Ant(on) Weiss
|
Software Delivery Futurist
https://sessionize.com/image/d579-400o400o1-TSUFf1L4csmWMxb1en3HiB.png
20 years in tech, marketing and leadership roles. All about software delivery optimization. 5 years in technical and executive training. Expert in DevOps, Lean, Systems Thinking, Continuous Delivery, Cloud Native and Decentralized Systems. Coder, speaker, writer. Fixated on improving the ways humans collaborate by telling mind-provoking stories.
FRI 12:58 AM - 12:58 AM
Novice
Agent Swarms are the hottest trend in AI-assisted software delivery. Let's explore the technologies, the approaches, the risks and the opportunities. Brought to you by a fly on the wall of the Agentics foundation.
64
Session
LLMs & Natural Language Processing – Unlocking the Future of AI Communication
Abhilekh Verma
|
Director at Abhilekh Verma Consultancy (OPC) Private Limited
https://sessionize.com/image/ef01-400o400o1-nDzUvEZXeqdrZxuthu55V3.png
Abhilekh Verma is a founder, mentor and technical coach who has had a decade of experience in the IT industry working with Sales Teams and Corporate Training Roles. He was a corporate trainer at KPMG Gurugram and KPMG Hyderabad before jumping on the wagon of Entrepreneurship.
He is a mentor at Startupbootcamp, Wadhwani Foundation and runs Microsoft Azure Developer Community, ADP List, Omdena for Hyderabad. He is also a mentor at IIT Guwahati and Microsoft for Founders Hub. He is Microsoft MVP in AI.
FRI 12:58 AM - 12:58 AM
All Levels
Large Language Models (LLMs) are revolutionizing the way we interact with AI, transforming industries from customer service to enterprise automation. This session will break down how LLMs work, explore their real-world applications, and address key challenges like bias and hallucinations. Attendees will gain insights into the evolution of NLP, emerging trends in multilingual and domain-specific models, and practical use cases in recruitment, HR tech, and corporate training.
Why This Session?
With hands-on expertise in AI-powered recruitment solutions and corporate training, I bring a practical perspective on integrating LLMs into business processes. My experience delivering global lectures for Microsoft Azure Developers and AI communities makes me an engaging and insightful speaker.
Key Takeaways:
✅ Understand the core workings of LLMs (GPT, BERT, etc.)
✅ Explore real-world applications in content creation, HR tech, and automation
✅ Learn about key challenges in LLM adoption, including bias and security risks
✅ Discover future trends in multilingual and domain-specific models.
65
Session
Managing the Chaos: Not a Superpower. Not a Curse. Just My Brain
Manfred Bjørlin
|
Principal Cloud Native Architect
https://sessionize.com/image/84df-400o400o1-VwEneXauCDJEKigVw3kcZx.jpg
Principal Cloud Native architect and developer with a passion for integration and automation. But wait, it's more! Passion does not only have to be in tech! There is also a burning passion for neurodiversity and diversity in tech, across ages, genders, identities, etc...
Loves integration, automation and making processes more streamlined. A back-end developer for over 20 years. Have worked with building integration platforms in the cloud for several bigger organizations. Worked with .Net since early 2000, and Azure since launch.
Have also been a team lead, worked with process streamlining, enterprise architecture and everything between that and made my hands dirty as a developer and cloud native architect.
FRI 12:58 AM - 12:58 AM
Novice
Join me for a fun and honest talk about living with ADHD. Something I didn't fully understand about myself until later in life. I'll share my personal journey from feeling like a useless "scatterbrain", to learning how to work with my brain instead of against it.
This isn't a medical lecture, but rather a real-life story with humor, practical tips and a few nerdy metaphors (yes, we'll talk about RPG and mana use and regeneration, my "mana theory"). We will explore how I experience the world, with my flavour of neurospice, what makes our brains different and how workplaces can become more inclusive and creative by embracing those differences.
Whether you're neurodivergent yourself (or neurospicy as I like to call it), wotk with someone who is, or just want to understand people better - maybe this is a good talk for you.
66
Session
Not just another AI talk: MCP - a standardized protocol for AI
Manfred Bjørlin
|
Principal Cloud Native Architect
https://sessionize.com/image/84df-400o400o1-VwEneXauCDJEKigVw3kcZx.jpg
Principal Cloud Native architect and developer with a passion for integration and automation. But wait, it's more! Passion does not only have to be in tech! There is also a burning passion for neurodiversity and diversity in tech, across ages, genders, identities, etc...
Loves integration, automation and making processes more streamlined. A back-end developer for over 20 years. Have worked with building integration platforms in the cloud for several bigger organizations. Worked with .Net since early 2000, and Azure since launch.
Have also been a team lead, worked with process streamlining, enterprise architecture and everything between that and made my hands dirty as a developer and cloud native architect.
Awar Abdulkarim
|
Senior Engineer @ Sopra Steria | Competency Lead Cloud Native
https://sessionize.com/image/70a1-400o400o1-wNGGYjRwpEeBwVeC7YyU6P.jpg
Working at Sopra Steria Norway as a Senior Engineer and Lead for Cloud Native Competency group.
My experience and expertise covers both technical and non-technical roles and competencies. In terms of technology, working with containerized applications, Kubernetes platforms and whatever is bleeding edge and complex. Working to help people achieve a way of work, strategy and mentality which is DevOps centric. I love sharing my experiences, learning new things and apply what I know.
FRI 12:58 AM - 12:58 AM
Intermediate
Model Context Protocol (MCP) defines itself as "a USB-C port for AI applications". It standardizes the way you can connect your devices to various peripherals and accessories. A standardized way you connect AI models to different data sources and tools.
This presentation will show you, in a practical demo, how you can develop clients and servers to make use of agentic AI as their user interface. Your MCP servers will make it possible for other developers to directly plug into your services. But be aware, that means it's easier for your customers to switch to your competitors as well!
We will show you best practices for securing your data within your own infrastructure, and how to control your data flow. May the demo monster be with us.
We will also address some common pitfalls, and what you need to consider before diving head first into making your very first MCP server, exposing all your company's deepest secrets.
Challenge yourself to make your services and data available in a whole new way, to be the cool kid and follow the latest trends without going face first into a brick wall.
67
Session
Optimizing Kubernetes and unlock blockers with Pod Live Migration
Kim-Norman Sahm
|
CAST AI | Regional Field CTO EMEA
https://sessionize.com/image/adce-400o400o1-37Tk51Gf4U9iii6yL2w1w2.jpg
Kim is Regional Field CTO and Solution Architect at CAST AI, focused on guiding Kubernetes users to cost efficient and automated platforms. Before CAST, he was working as Cloud Architect and Consultant for Cloudical, noris network and Deutsche Telekom. He’s passionate about cloud infrastructure, automation and open source technologies. He’s an open source contributor and public speaker.
FRI 12:58 AM - 12:58 AM
All Levels
Kubernetes is easy, isn't it? Creating Kubernetes cluster in public cloud take a few minutes, deploying an application it's like same. But how can we make sure that our cluster scales in an efficient way? And what can we do with workloads which are not really a good fit for Kubernetes?
68
Session
Powering AI at Scale: The DevOps Journey to a Next-Gen Artifactory Platform
Krishna Nadiminti US
|
Developer Experience Leader, NVIDIA
https://sessionize.com/image/c791-400o400o1-4WdTcUipfc7U9JzvodMYzn.jpg
Krishna Nadiminti leads Developer Experience at NVIDIA, focusing on improving developer productivity and application lifecycle efficiency. She is an award-winning leader recognized across the tech industry for her contributions to engineering excellence and innovation.
Ulili Nhaga
|
Principal Architect at NVIDIA
https://sessionize.com/image/b3f5-400o400o1-Jfq8jxVAdpdyKk1NXmyt3V.jpg
Ulili Nhaga is a Principal Cloud Application Architect at Amazon Web Services (AWS) in San Diego, California and an AWS re:Invent 2021 Speaker. He helps customers migrate, modernize, architect, and build highly scalable cloud-native applications on AWS. Outside of work, Ulili loves playing soccer, running, cycling, Brazilian BBQ, and enjoying time on the beach.
FRI 12:58 AM - 12:58 AM
Intermediate
How do you scale artifact management for an era of AI-driven engineering? In this session, learn how a lean DevOps team inherited a legacy Artifactory instance and transformed it into a hyper-scale, cloud-native artifact platform capable of handling modern AI/ML workloads. The speakers will walk through the transformation journey—from aging infrastructure and operational bottlenecks to a scalable, automated, and performance-optimized Artifactory cluster.
Discover how NVIDIA scaled to support 10x artifact growth, massive binaries, and unpredictable CI/CD bursts, all driven by cutting-edge GPU development and AI test pipelines. You’ll gain insights into architectural evolution, observability patterns, and DevOps practices that enabled the team to tame explosive scale while improving reliability and efficiency.
69
Session
Protect your vibe coding with jfrog artifactory and curation
Zohar Sacks
|
Senior Director of Product, JFrog
https://sessionize.com/image/9ffa-400o400o1-wEaZpyBsfCotSgJnouNoZT.png
Zohar Sacks, Senior Director of Product at JFrog, brings over 20 years of experience in distributed systems, Cloud, SaaS, PaaS, IaaS, MLOps and MLSecOps
Before joining JFrog, Zohar was the VP of R&D of Zesty, an AI-powered Cloud Cost Optimization startup. Zohar was also CTO/Co-Founder of Disco, a revolutionary distributed computing startup serving distributed computing tools to the AI/ML market and beyond.
FRI 12:58 AM - 12:58 AM
All Levels
Vibe coding is the sweet spot of developer productivity and innovation, fostering creativity and even democratizing coding across your enterprise. This session explores the power of "vibe coding" and its transformative potential, but also acknowledges the inherent risks: software supply chain vulnerabilities, licensing issues, and dependency management headaches.
Discover how the JFrog Platform, with Artifactory and Curation, safeguards your development flow while maintaining productivity and innovation.
Protect your vibe, accelerate innovation, and secure your software supply chain from code to production with JFrog.
70
Session
Pull Request Size: The Most Important Indicator of Development Pipeline Health
Avishag Sahar
|
Engineering Tech Leader, LinearB
https://sessionize.com/image/3408-400o400o1-hBjJ2Fj8NaRKdH73shj25o.jpg
Avishag began her tech journey at just 18, starting as a Business Intelligence Developer. She later joined Allscripts Healthcare Solutions as a software engineer, followed by Cisco, where she contributed to developing features for Cisco Umbrella’s SWG. A few years ago, Avishag joined LinearB, where she works on the web app platform, WorkerB, GitStream and more, leads engineering teams, and champions new technologies.
FRI 12:58 AM - 12:58 AM
All Levels
Accelerate popularized “DORA 4” metrics for tracking the health of your dev pipeline. I studied 2,600 teams and found a single indicator that predicts if your team’s metrics will be elite. Learn why small PR size is the key to healthy cycle time, MTTR, change failure rate and deploy frequency.
This presentation includes industry benchmarks from 2,600 dev teams collected from January 2020 though June 2021, all of the data and citations from my research, multiple case studies from well known Israeli start-ups like Unbabel, Intsights and BigID and tips for improving PR size, cycle time, MTTR, change failure rate and deployment frequency.
71
Session
Realising Expectations: Enforcing Quality and Security Gates in Release Lifecycle Management
Chris Snowden
|
Enterprise Security Architect
https://sessionize.com/image/2d28-400o400o1-4ZpqzEBBcyjCwRXpsd8uxr.jpg
Accidental Application Security Architect!
Patricia R
|
root
https://sessionize.com/image/a326-400o400o1-aZNBDhka7aTQw12QmNqYGD.jpg
Cloud Security Engineer
FRI 12:58 AM - 12:58 AM
All Levels
Session Summary
Ever felt like you have a wonderful plan, but theory doesn't always translate to practice? Picture this: You've established a lifecycle for your artefacts, you know how to take some code, thru your own defined CI/CD processes and quality gates, to build a good release candidate, testing it iteratively and, eventually, deploying it into production. What happens when you want to attest that all artefacts being built daily, by multiple teams, with multiple ways of working are indeed following what you carefully crafted as your Release Lifecycle? Can you continuously and consistently ensure coverage and effectiveness of your controls, at scale?
We will show a case study that leverages JFrog’s Release Lifecycle Management and Distribution features to set organisational policy to achieve auditability and traceability over release candidates, which combined with CI/CD environment hardening ensure practical coverage and effectiveness of your controls is closer to what you envisioned.
In this session we will pay particular attention to the following considerations:
1. You’ve created your release candidate so now what? Staging your release candidates and establishing immutability – why this matters and what good looks like
2. Release bundling for different deployment types including GitOps
3. The evidence that should be collected to establish reliability and security – emphasis on control coverage and effectiveness – what does this look like? And how/when should it be done? And what does validation look like
4. The role of protected credentials and admission controllers in establishing trust
Please see "Who should attend?" for key session takeaways.
72
Session
Refactor Your Career: Build It Like Your Best Codebase
Tinatin Balavadze
|
Building Scalable Code, Careers, and Communities—One Bold Move at a Time.
https://sessionize.com/image/e209-400o400o1-M8M9aZr7PrScModRonhvmL.jpg
I build mobile apps that scale, mentor career changers breaking into tech, and rethink how teams grow. But my path wasn’t a straight line—it was a curveball-filled adventure through learning design, leadership, and reinvention.
Before I wrote software, I designed learning programs, led high-impact teams, and built systems that empowered people to think, create, and grow. Now, I bring that same mindset into tech—blending creativity with code to build products (and careers) that actually make a difference.
Talks, Mentorship, & More: If you’re into AI productivity, career growth, or scaling impact without burning out, let's talk. I’m always up for sharing hard-earned insights and helping others debug their next big leap.
FRI 12:58 AM - 12:58 AM
All Levels
Bad code hurts. A messy career—stale skills, stagnant roles, and hidden tech debt—is just as painful. Engineers refactor code to keep it fresh and efficient. Why not refactor our careers?
This talk treats career growth like an engineering challenge. I'll show you how to debug outdated skills, identify growth blockers, and apply CI/CD principles for continuous improvement. Whether stuck in maintenance mode or ready to scale your impact, you'll leave with clear strategies to iteratively upgrade your career without burnout.
73
Session
Resiliency by Design: Internal platform’s contribution to Cloud Security
Gaurav Saxena
|
Director of Engineering, Ford Motors
https://sessionize.com/image/f6a7-400o400o1-wrfPcjYZ93t88pZMZnCTtn.png
Gaurav Saxena is an engineering leader in the field of platform and cloud engineering with over 20 years of experience in the software industry. His technical expertise includes Stream-based architectures, Kubernetes, Service Mesh, Software Supply Chain Security, and Observability.
FRI 12:58 AM - 12:58 AM
Intermediate
In today's complex enterprise environments, building and maintaining resilient data streaming platforms requires a strategic approach that empowers developers while ensuring security and operational efficiency. This presentation explores how Internal Developer Platforms (IDPs) can streamline development workflows, enhance application portability, and fortify your software supply chain, including the use of CNCF projects.
We'll delve into:
Internal Developer Platforms (IDPs): Understanding the core principles of IDPs and how they enable self-service infrastructure, reduce cognitive load for developers, and promote consistent development practices.
Open Application Model (OAM): Leveraging OAM to define applications in a platform-agnostic way, separating application logic from infrastructure concerns. This promotes portability and simplifies management across diverse environments.
Crossplane: Using Crossplane to extend your Kubernetes cluster and manage infrastructure resources (databases, message queues, etc.) directly from within your IDP, enabling a unified control plane for both applications and infrastructure.
A key focus will be on building a hardened software supply chain:
Melange, Apko, and Wolfi: Building minimal, secure container images using these next-generation tools. We'll discuss the benefits of reduced attack surface and improved image scanning results.
Sigstore Project (Cosign, Fulcio, Rekor): Ensuring the integrity and authenticity of container images through signing and attestation. We'll demonstrate how to use Sigstore to sign images built from managed CI pipelines and push to jFrog Artifactory securely.
Kubernetes Admission Control: Implementing KubeWarden, a Kubernetes admission controller, to enforce policies and verify image signatures before deployment, preventing the execution of untrusted code.
Workload Attestation using SPIFFE: Using SPIFFE for workload attestations
74
Session
Securing AI Models and ML Pipelines: Best Practices and Pitfalls to Avoid
Mohammad Saheer Padinharayil
|
Manager | CVS Health | AI & Cloud Security Enthusiast
https://sessionize.com/image/b3f2-400o400o1-hmuUXp5dScDStvPCFEd3KJ.jpg
AI security and cloud-native pipeline expert with about a decade of experience in building scalable, secure ML platforms. Currently leading Payment Integrity and Automation efforts at CVS Health with a focus on ML governance and infrastructure. Frequent speaker on GCP, AI/ML and enterprise-scale MLOps.
FRI 12:58 AM - 12:58 AM
Advanced
As machine learning becomes integral to modern applications, the attack surface for AI systems is rapidly expanding. From data poisoning and model inversion to supply chain vulnerabilities in ML pipelines, the risks are real—and often overlooked.
In this session, we'll explore key challenges in securing the AI lifecycle. You’ll learn how adversaries exploit weaknesses in model training, deployment, and inference stages—and how to counter them with practical strategies.
We’ll walk through:
-Threat modeling for ML pipelines
-Secure model training and deployment using ML tools
-Proven strategies for securing data inputs, model artifacts, and dependencies
-CI/CD best practices for AI/ML, including policy enforcement and SBOMs
-Real-world case studies of AI system compromises—and what we can learn from them
This talk will give you the actionable insight to evaluate and secure your own AI initiatives, ensuring trust and compliance in an era where AI is not just an asset, but a potential liability.
75
Keynote
Security First in the Age of AI Agents
Dorit Dor
|
Co-founder Qbeat Ventures, Check Point fellow; Security geek; Passionate about innovation and products, Cyber, Quantum and AI; Board member;
https://sessionize.com/image/65c4-400o400o1-TqReuJpb71SDQroy97knq8.jpg
Dr. Dorit Dor is one of the world’s leading figures in cybersecurity and technology. For nearly three decades, she served as Chief Product Officer and Chief Technology Officer at Check Point Software Technologies, where she was instrumental in shaping the company’s R&D strategy and driving product innovation since joining in 1995.
A recognized thought leader, Dr. Dor regularly speaks at premier cybersecurity and technology conferences worldwide. She was awarded the Israel National Defense Prize in 1993 for her contributions to national security, reflecting her deep expertise in cyber defense.
Her impact extends beyond the corporate sector: she has been named one of Forbes Israel’s Most Influential Women, served on the World Economic Forum’s Global Future Councils, and held board positions with the CTA, Redis, and She Codes.
Dr. Dor holds a Ph.D. in Computer Science from Tel Aviv University and is a member of the Technion Council.
Currently, she is the Co-Founder of Qbeat Ventures, a venture capital firm focused on quantum technologies. She is an active advocate for innovation in cybersecurity, AI, and quantum technologies, as well as a champion of leadership and diversity in tech. She also serves as a judge for startup competitions such as the RSA Innovation Sandbox, helping to spotlight and support the next generation of innovators.
FRI 12:58 AM - 12:58 AM
Intermediate
We're entering an era where applications aren’t just built by humans, they’re built with or even by intelligent agents. These autonomous systems fetch dependencies, generate code, spin up infrastructure, and even make decisions that used to be handled by experienced developers or architects.
This shift fundamentally changes the risk model.
In a world where AI agents can trigger CI pipelines, provision resources, or integrate third-party services, security can no longer be bolted on later. Infrastructure must be built with security-first principles from day zero.
In this session, we’ll explore:
Why traditional security models break in an agent-driven ecosystem
What changes when autonomous systems operate within your SDLC
How to design infrastructure that is ready for agentic automation, but still controlled, transparent, and resilient
Cultural, organizational, and technical changes needed to embed security into your infra DNA
You’ll walk away with practical strategies, real-world examples, and a new perspective on securing systems in a world where humans are no longer the only actors.
76
Session
Shift-Left Meets Zero Trust: Building Secure-by-Design APIs from Day Zero
Hariharan Ragothaman
|
Software Engineer @ AMD | Backend, Infrastructure, Cloud, Embedded
https://sessionize.com/image/7480-400o400o1-Q1NYhqLveCCzibsc7QfroY.jpg
Hariharan Ragothaman is a Senior Software Engineer with 10+ years of experience building scalable systems across embedded platforms, cloud-native environments, and AI-powered infrastructure. At Advanced Micro Devices (AMD), he leads data center validation and server-side initiatives. Previously, he contributed to DevSecOps transformations at athenahealth and played a key role in launching flagship consumer audio products at Bose Corporation.
A recognized thought leader, Hariharan has delivered invited talks at ACM, OWASP, Conf42, SwampUP, and IEEE events. He frequently serves as mentor at global hackathons. His work has earned several accolades, including the Global InfoSec Award for Cybersecurity Identity Governance at RSA Conference 2025, induction into the athenahealth Hall of Fame.
FRI 12:58 AM - 12:58 AM
Intermediate
Zero Trust is no longer confined to just endpoints and user authentication—it extends crucially to APIs, services, and dynamic interactions across distributed systems. In a cloud-native world where microservices span multiple environments, APIs become the core trust boundary. The shift-left paradigm—addressing security early in the development lifecycle—is complemented by extending security principles across distributed API-driven systems using Zero Trust architectures.
This talk dives deep into how organizations can implement Zero Trust at the API and service mesh layer, enforcing strong identity, access control, and behavioral baselines for service-to-service communication. This session provides attendees with practical strategies to enforce strong identity management, robust access controls, and behavioral baselines in service-to-service communications.
Using hands-on examples, we’ll explore how these security patterns are integrated into modern DevSecOps workflows—showing how JFrog Xray and JFrog Advanced Security can help detect vulnerabilities and enforce policy gates in CI/CD pipelines, and how JFrog Artifactory acts as a trusted source for secured software supply chains.
Attendees will benefit from an in-depth, hands-on demonstration showing exactly how these concepts are operationalized.
Topics covered include:
1. Implementing mutual TLS (mTLS) across services using SPIFFE/SPIRE for cryptographic identity.
2. Using service meshes (Istio, Linkerd) to enforce Zero Trust policies, rate limiting, and telemetry.
3. Designing API Gateways with attribute-based access control (ABAC) and fine-grained policies.
4. Establishing behavioral norms and detecting anomalies in API interactions
The talk concludes with a real-world reference architecture for securing microservices in a hybrid multi-cloud deployment, along with tips on avoiding common design pitfalls.
77
Session
Ship with Confidence: A JavaScript Test Automation Workshop
Lucas Teixeira Rocha
|
Senior Software Engineer at Oracle
https://sessionize.com/image/16ad-400o400o1-LunpRHVP2ZdQiuTYzyJmbW.png
Since embarking on my programming career in 2011, I have developed proficiency in an array of programming languages and frameworks. My repertoire includes JavaScript with its various frameworks and libraries (Express, NestJS, loopback.io, React, Angular), C# with .NET Core, PHP with popular frameworks (Laravel, Symfony, Yii), Python using Flask, and Java with Spring. This broad skill set enables me to effectively tackle unique project requirements, ensuring that each solution I deliver is not only tailored to specific needs but also upholds the highest standards of quality and innovation. My commitment to each project goes beyond just meeting specifications; it's about creating solutions that drive progress and make a meaningful impact.
https://www.linkedin.com/in/lucasredeaberta/
FRI 12:58 AM - 12:58 AM
Intermediate
Ready to level up your JavaScript testing? This hands-on workshop dives deep into practical test automation with Jest, Cypress, and Stryker Mutator. Learn to write robust unit & E2E tests, and discover the power of mutation testing to supercharge your test suite!
This hands-on workshop provides a practical introduction to modern JavaScript test automation using three powerful tools: Jest, Cypress, and Stryker Mutator. Participants will learn how to write effective unit and integration tests with Jest, focusing on best practices and real-world scenarios. The workshop then transitions to end-to-end (E2E) testing with Cypress, demonstrating how to build robust and reliable UI tests. Finally, participants will explore the cutting-edge technique of mutation testing with Stryker Mutator, learning how to identify weaknesses in their test suites and ensure comprehensive code coverage.
Workshop Highlights:
* Jest: Mastering unit and integration testing, mocks, stubs, and test-driven development (TDD) principles. Hands-on exercises will cover testing various JavaScript code structures, including asynchronous operations.
* Cypress: Building robust E2E tests for modern web applications. Participants will learn how to interact with UI elements, handle asynchronous behavior, and implement best practices for maintainable E2E tests.
* Stryker Mutator: Discovering the power of mutation testing to identify gaps in your test suite. Learn how Stryker helps you find untested edge cases and improve the overall quality of your tests.
Learning Outcomes:
* Write effective and maintainable unit and integration tests using Jest.
* Develop robust end-to-end tests with Cypress.
* Understand and apply mutation testing with Stryker Mutator.
* Improve the quality and coverage of your JavaScript test suites.
* Gain practical experience with modern JavaScript testing tools and techniques.
78
Session
Strengthening SDLC Integrity, Step by Step
Ronny Belenitsky
|
Director of Product
https://sessionize.com/image/7552-400o400o1-HLHXTkCrT1bGxoNqb6zgaX.jpg
Ronny is a Product Director at JFrog, where he leads strategic initiatives across DevSecOps and SDLC innovation. With a strong background in cloud-native technologies and application lifecycle management, Ronny plays a key role in shaping products that empower enterprise engineering teams to build and release software faster—and more securely.
Prior to JFrog, Ronny served as VP of Product at a high-growth tech company, where he scaled product organizations, launched market-leading solutions, and drove enterprise adoption globally. He brings over 15 years of experience building impactful software products, blending technical depth with customer-centric thinking.
FRI 12:58 AM - 12:58 AM
Intermediate
In our discussions with customers, we identified a critical challenge in the Software Development Lifecycle (SDLC): package signing often occurs after the package build, altering the package’s SHA in the middle of the process. While organizations aim to ensure that artifacts pushed to production have a fully signed and verifiable provenance from development to deployment, this intermediate modification disrupts the integrity of the build step and beyond. Customers recognize the value of immutable release bundles and a robust provenance posture. However, transitioning away from a process that modifies artifacts mid-SDLC for signing to an immutable workflow remains challenging. This talk will explore how organizations can adopt a step-by-step approach to ensure consistency and predictability across SDLC maturity stages, while enabling the addition of trusted and signed evidence at every stage; a way to enable security, traceability, and compliance without compromising integrity.
79
Keynote
Systems Thinking for Vibe Coding
Ant(on) Weiss
|
Software Delivery Futurist
https://sessionize.com/image/d579-400o400o1-TSUFf1L4csmWMxb1en3HiB.png
20 years in tech, marketing and leadership roles. All about software delivery optimization. 5 years in technical and executive training. Expert in DevOps, Lean, Systems Thinking, Continuous Delivery, Cloud Native and Decentralized Systems. Coder, speaker, writer. Fixated on improving the ways humans collaborate by telling mind-provoking stories.
FRI 12:58 AM - 12:58 AM
Intermediate
Vibe coding (programming with the help of AI) is making developers 3x more productive by reducing the toil and speeding up boilerplate code generation. The bottleneck of coding time is thus getting eliminated. But Systems thinking (and the Theory of Constraints) teaches us that we can only improve a process by elminiating the most limiting bottleneck in the chain of processes. Was coding ever that bottleneck? What other bottlenecks do we need to take care of now? Let's analyze software delivery in 2025 through the prism of Systems Thinking, define the challenges AI-assisted coding brings to the table and how to effectviely resolve them.
80
Session
Testcontainers and API mocking for C/C++
Oleg Nenashev
|
Lead Developer Advocate, Gradle
https://sessionize.com/image/138b-400o400o1-WdYguY2g9NtMFyvHGfrDes.jpg
Oleg is a developer tools hacker, community builder, and DevRel consultant. He's passionate open source software, open ecosystems and open hardware advocate. Oleg is a core maintainer and ex board member in the Jenkins project. He's a CNCF ambassador, Testcontainers Champion, GSoC mentor and a former CDF TOC Chair. Oleg has a PhD degree in electronics design and volunteers in Ukrainian support and Russian anti-war organizations.
FRI 12:58 AM - 12:58 AM
Advanced
Testcontainers has become one of the most popular tools for software integration testing. And yes, we can have cool things in C/C++, too!
If you can put your system-under-test into a container, Docker Compose cluster, or a pod, this is what you're likely to use. If your target isn't ready, not containerizable, or just too heavy for testing as is, you can always use API mocking like WireMock to mock your interfaces including REST API, gRPC, etc. But are these tools available to C/C++ developers? And the answer is YES!
In September 2023, I created Testcontainers for C/C++. This is not a standalone Testcontainers engine but a C-style shared library adapter for native languages like C/C++, D, Lua, Swift, etc. It is an MVP SDK that can be later extended for the languages. I will show examples with CTest, CppUnit and Google Test.
The project is based on Testcontainers for Go, which is one of the most powerful implementations. And yes, I am happy to chat about how it does [and doesn’t] work under the hood!
81
Session
Testing in Consulting: Balancing speed, scope and sanity
Ludovico Besana
|
Senior Test Engineer @Nearform
https://sessionize.com/image/6fcf-400o400o1-aDkpJzhmQV6KVRa2E5FwEo.png
Ludovico, born as a Full Stack Developer, discovered his true passion for quality later in his career. With a background in Full Stack Development, he possessed a strong technical foundation and a deep understanding of software systems.
As an Automation and Open Source enthusiast, Ludovico recognized the power of efficient and reliable testing methodologies. He understood the importance of ensuring that software products met the highest standards of performance, functionality, and user experience. He works as a Senior Test Engineer.
FRI 12:58 AM - 12:58 AM
Intermediate
Testing in consulting is not the same as testing in product development. It means adapting to existing processes, working with distributed teams, and influencing quality without having full control over the code or the decisions.
In this talk, I’ll share 6 years of experience as a QA on consulting projects for startups, corporations, and public sector organizations. We’ll cover:
- how to tackle unfamiliar codebases with limited time
- how to advocate for quality with devs and PMs who “don’t have time for testing”
- how to choose between E2E tests, unit tests, and quick-impact tests
- tools and templates for multi-team environments
- KPIs to show clients the value of your work
We’ll also talk about mental balance, unrealistic expectations, and how to avoid QA burnout from being constantly in “firefighter mode.”
A practical, human talk full of tips for anyone doing or wanting to do testing in consulting.
82
Session
The Anatomy of a Distributed JavaScript Runtime
Peter van Vliet
|
Co-Founder and Lead Architect @ Masking Technology
https://sessionize.com/image/c276-400o400o1-HMYEqRWVrDGpKCDpuAkbgS.jpg
Peter started his career as a full-stack software developer in 2002 and has since progressed to a lead architect role. Over the course of these 20+ years, he has fulfilled many roles in various industries and gained extensive experience with a wide range of technologies such as Java, C#, JavaScript, and others. Nowadays, he leverages his expertise to assist companies, write articles, and speak at conferences.
His main focus is on making software development more cost-efficient and future-proofing applications. Additionally, he has picked up making illustrations as a hobby because he is a strong believer in visual communication. There are no boring slides in any of his presentations.
FRI 12:58 AM - 12:58 AM
Advanced
Imagine a world where you develop an application as a monolith but deploy it distributed across multiple servers and even in the browser. If you want to learn how this looks and works, this talk is for you!
We’ll dissect the design of an open-source distributed runtime for full-stack JavaScript and TypeScript applications. We’ll cover the runtime's goals, overall architecture, key building blocks, and the technical challenges faced. Additionally, we will showcase an example application, demonstrating use cases, deployment strategies, and the developer experience.
By the end of this talk, you will gain a deeper understanding of the benefits and challenges of separating the development model from the deployment model, unifying the frontend and backend, and what it takes to build and operate a distributed JavaScript runtime.
83
Session
The Hybrid Kubernets Cluster - your head in the clouds, but feet firmly on the ground
Erwin de Keijzer
|
DevOps Engineer at Fullstaq, chindōgu Engineer at home
https://sessionize.com/image/0bd1-400o400o1-Pq5LipoefNFttuikKR48Qj.jpg
By day Erwin is a DevOps engineer at TrueFullstaq, consulting companies on how to best implement cloud native principles on the public cloud and how to develop applications to fully embrace what new technologies can offer.
At night he turns into a chindōgu engineer (look it up on wikipedia, it's awesome). Tinkering with stuff like adding music to his home elevator or connecting his garage door to the internet.
His presentations always come with a dose of humor and self-deprecation. And if it all works out, you'll learn something too.
FRI 12:58 AM - 12:58 AM
Intermediate
The golden days of the cloud seem to be over, just as many companies seem to be migrating into as out of the cloud. But the cloud still has some unique advantages that are hard to implement on your own.
In this talk I'll go over several of the hybrid models that might help you achieve your goals.
84
Session
The proactive software supply chain: Hardening AI from the ground up
Aditya Tripathi
|
Product Marketing, Docker
https://sessionize.com/image/d686-400o400o1-36BjD2xTpsmQUyjnYpZ8KK.jpg
Aditya has a strong background in technical product management and marketing for open source platforms. He has experience in DevSecOps and AI-native workflows at companies like Docker and VMware.
Currently, at Docker, he focuses on securing modern application supply chains and helping developers integrate security best practices with the simplified developer experience Docker is known for.
FRI 12:58 AM - 12:58 AM
All Levels
As teams build complex, multi-agent AI systems, a new generation of security challenges is emerging. We're moving beyond the traditional "scan and pray" methodology to a proactive approach that establishes security by design. Docker pioneered the simplified developer experience for microservices, and we're applying that same philosophy to securing agentic app dev workflows.
In this keynote, we'll explore how leveraging hardened container images, with dramatically reduced attack surfaces and continuously automated patching, provides a secure foundation. We'll also show how this approach integrates seamlessly with the tools you already rely on, like JFrog Xray, to ensure you can build and deploy with confidence. We will then demonstrate how this security-first philosophy extends to agentic app patterns, allowing you to build, orchestrate, and deploy entire AI stacks.
Join us to learn how to unify security and innovation, making resilience a core feature of the next generation of intelligent applications.
85
Session
The tech behind weather forecasting: How technology keeps you ahead of the weather
Neel Bhatt
|
Chapter Lead & Solutions Architect at RTL
https://sessionize.com/image/0873-400o400o1-EmB78EgZx2STYJw2eC5mz.jpg
Neel is a tech enthusiast, blogger, writer, speaker, and solutions architect. He has 10 years of professional experience. Apart from being a developer, he is an award-winning tech blogger. He likes to stay up-to-date with the latest technology stack, and he likes to share his knowledge with the community. He often arranges RTL meetups to share knowledge. He is a DZone MVB and Top 4% overall on the StackOverflow site. You can find him at his site: https://neelbhatt.com
FRI 12:58 AM - 12:58 AM
Intermediate
Curious about how Netherlands biggest weather platform manages to predict the weather with such accuracy while serving millions of users every day? Join us for an insightful dive into the technology powering Buienradar’s meteorological marvel.
In this down-to-earth conference talk, we’ll take a closer look at the nuts and bolts of Buienradar’s operations. Discover how Buienradar’s scalable infrastructure and clever algorithms work together to process vast amounts of data, providing users with reliable weather forecasts at their fingertips.
We’ll explore the challenges of managing such a high volume of users and data, discussing practical solutions and lessons learned along the way. From data handling techniques to performance optimization, we’ll cover it all in a relatable and accessible manner.
We will cover our journey to kubernetes, how our platform engineering works, how our architecture looks like, how we maximize our observability using grafana and much more.
Whether you’re a tech enthusiast, a weather aficionado, or simply curious about how your favorite weather app works, this talk is for you. Join us as we peel back the curtain on Buienradar’s technology, demystifying the complex world of weather forecasting in a way that’s easy to understand and appreciate.
86
Session
Turning Gut Feeling into Numbers: Leveraging Data to Simplify Complex Decisions
Olha Pyvko
|
Agile Delivery Coordinator & Scrum Master
https://sessionize.com/image/1263-400o400o1-MSSBj73AsUHgmyprbr3BVt.jpg
Ukrainian living in Sweden, applying engineering mindset for processes creation.
I am always fascinated about solving tricky puzzles and coming up with new ways to look for the problem.
I got a master degree in Telecommunications in 2016 and started my career in IT as a data conversion specialist, working with databases and customers. I got experience from working as a customer support manager, tech writer for user guides and manuals and then as a product specialist, before coming to work close with Agile as a Product Owner. I enjoyed building the right thing as much as building the thing right and fast. My Scrum Master journey started in 2020 and grew from 2 co-located teams to 8 distributed teams working on the same product with LeSS. And it's just the beginning!
FRI 12:58 AM - 12:58 AM
All Levels
As a Scrum Master, I've often observed how teams and stakeholders face challenging decisions.
Think about it: how do we weigh potential features for a product backlog, evaluate technical approaches, or prioritize strategic initiatives when each option has varying levels of impact, effort, risk, and value? These aren't simple "either/or" questions. Relying solely on gut feeling in these complex scenarios can lead to uncertainty, difficult conversations, and sometimes, decisions we later regret.
While there's no magical formula to guarantee perfect decisions every time, we can use structured approaches to guide our choices. One method I've found particularly useful is the Analytic Hierarchy Process (AHP). AHP helps translate qualitative judgments – our intuition and understanding – into quantitative measures. By breaking down the decision into a hierarchy and using pairwise comparisons, we can assign relative weights to criteria and alternatives, providing a clearer, data-informed perspective on which options best align with our goals.
87
Session
Unf*ck your mind: How to finally build something great again
Marin Niehues
|
Founder & Principal Consultant
https://sessionize.com/image/7d76-400o400o1-XHtujJimCuK5okxwNxFRv8.jpg
Marin Niehues is an independent consultant with a track record of over 20 client projects and two startups of his own. He works with VC-backed scaleups and DAX40 companies alike, advising on organizational design, operational performance, and management structures that actually scale.
In the past three years, Marin has been a featured speaker at conferences in more than ten countries across three continents - including repeated invitations from Google and Microsoft.
FRI 12:58 AM - 12:58 AM
Novice
Let’s be honest: your mind is f*cked. Overloaded, overstimulated, and drowning in an endless to-do list. Everything needed to be done yesterday, you’re pulled in a hundred directions, and somewhere along the way, you forgot what actually matters.
We’re bombarded with notifications, meetings, and meaningless busywork. AI is making it worse—spitting out endless streams of generic, forgettable content. We move faster and produce more, but are we actually creating anything worth remembering?
The result? Mediocre, half-assed outcomes. Not just in your work, but everywhere—your company, your customers, your career. We’re all stuck in this cycle, rushing to meet deadlines we didn’t set, for work that isn’t great, while convincing ourselves that speed equals value.
This session is about breaking that cycle. It’s about unf*cking your mind so you can focus on what actually matters—and finally build something you’re proud of.
After this session, you will:
-> Know how to unf*ck your brain and work like a person, not a machine.
-> Know how to spot the fake urgency that’s keeping you from real progress
-> Build the best product or service you’ve ever created
-> Tell the difference between what’s actually important and what only seems important
88
Session
Unlocking Developer productivity (DIY) - Best practices to release faster !
Ram Mohan Rao Chukka
|
Ram | Developer | JFrog
https://sessionize.com/image/3e20-400o400o1-XFv54i3S4QMKxYQKZSnRjR.png
Ram is a Senior Software Engineer at JFrog R&D . Previously worked for startup companies like CallidusCloud (SAP Company), Konylabs. Loves Automation, Linux, openSource
FRI 12:58 AM - 12:58 AM
All Levels
No one wants to be responsible for delivering bad quality of Code . But what can you do as a developer to avoid being the bad guy? How can developers enable their teams / themselves (DIY) to improve productivity and release faster
In talking within our own teams, we discovered that many developers weren’t running sufficient integration and End to End tests in their local environments because it’s too difficult to set up and administer test environments in an efficient way.
That’s why we decided to rethink our entire software development process in hopes of cutting down on the headaches and valuable time wasted. Few important tools and practices have empowered our developers to easily configure a development environment locally that accurately matches the final Production environment — without needing to become an expert CI admin themselves.
These days, we hear, “bugs” far less often — and you can too!
89
Session
Why Observability is key for your LLMOps platform
Diana Todea
|
Developer Advocate at Aircall
https://sessionize.com/image/10ed-400o400o1-s3r6wUh4s83ZdoJk3keoPG.jpg
Diana is a Developer Advocate at Aircall. She has worked as a Senior Site Reliability Engineer focused on Observability. She is passionate about serverless, SecOps and machine learning. She is an active contributor to the OpenTelemetry open source project and supports women in tech.
FRI 12:58 AM - 12:58 AM
All Levels
As DevOps platforms evolve with the rise of ML and LLM-powered workflows, observability becomes the missing piece that unlocks true reliability and scale. In this talk, I'll explore how bringing observability into LLMOps workflows transforms how we build, deploy, and maintain large language model applications.
I’ll dive into JFrog ML, a platform that combines artifact management with ML lifecycle tooling, and show how it enables deep monitoring of inference pipelines, prompt flows, and model drift. From tracking performance metrics to integrating with tools like Datadog, Prometheus, and Grafana, you’ll learn how observability empowers DevOps and MLOps teams to debug faster, optimize smarter, and scale reliably.
This session is ideal for platform engineers, DevOps practitioners, and MLOps teams who want practical insights into integrating observability into LLM workflows, improving visibility and gaining full control over their AI/ML deployments.
90
Session
Why your manager ignores your great ideas (and how to fix it)
Marin Niehues
|
Founder & Principal Consultant
https://sessionize.com/image/7d76-400o400o1-XHtujJimCuK5okxwNxFRv8.jpg
Marin Niehues is an independent consultant with a track record of over 20 client projects and two startups of his own. He works with VC-backed scaleups and DAX40 companies alike, advising on organizational design, operational performance, and management structures that actually scale.
In the past three years, Marin has been a featured speaker at conferences in more than ten countries across three continents - including repeated invitations from Google and Microsoft.
FRI 12:58 AM - 12:58 AM
Intermediate
Every technical professional has been there: you know the right solution, you have the data to back it up, but somehow you can't get leadership to listen. The problem isn't your expertise—it's understanding how decision-makers actually process information and make choices.
This session explores common patterns in workplace decision-making and provides a practical framework for influencing outcomes. You'll discover why smart people make seemingly irrational choices and learn proven techniques to present your ideas in ways that resonate with different personality types and organizational levels.
What You'll Learn:
-> Common decision-making patterns and how to use them for you
-> How to frame your recommendations using established influence techniques
-> Strategies for overcoming typical roadblocks that prevent good ideas from moving forward
-> Practical communication approaches for different management styles
-> How to build compelling business cases that secure budget and resources