swampUP Agenda 2022

7:30 AM

Registration / Breakfast

Sold Out

THU 7:30 AM - 8:30 AM

The Swamp

Add to calendar

8:30 AM

Keynote

The Continuous Software Supply Chain: From Dev to Device

Add to calendar

Sold Out

Stephen Chin | VP of Developer Relations, JFrog

Shlomi Ben Haim | CEO & Co-Founder, JFrog

Assaf Karas | CTO Security, JFrog

Ori Yitzhaki | VP of Product, JFrog

THU 8:30 AM - 10:00 AM

WonderFrog

Add to calendar

10:00 AM

Coffee Break

Sold Out

THU 10:00 AM - 10:30 AM

The Swamp

Add to calendar

10:30 AM

Session

Out of the Cyber Crisis - What Would Deming Do?

Add to calendar

Sold Out

John Willis | Bad people eat good systems for breakfast.

THU 10:30 AM - 11:10 AM

WonderFrog

Add to calendar

In 1982 Dr. Edwards Deming published a book called "Out of the Crisis." dealing with his frustration leading up from the prior decade. He was 82 years old; he wasn't writing this as a get-rich management consulting book. Dr. Deming wrote it as a stark warning for everyone, manufacturing, healthcare, government, and education alike. Fast forward forty years, and imagine what he would say today if he were alive today. My guess is he would be intensely interested in cybersecurity. More than just information technology, but cyber across all aspects of human infrastructure, for example, "Maslow's Hierarchy of Needs," water, warmth, and food. Over the past ten years, we have seen cyberattacks on water treatment plants, power grids, oil and gas, and food supply chains. The latest is a cream cheese manufacturer. I have studied Dr. Deming for over a decade, and I believe there is an exciting story to be told around his 14 Points and his System of Profound Knowledge. These concepts are also the fundamental ideas behind Lean, Agile, DevOps, and DevSecOps.

11:25 AM

Session

Supply Chain Security Exposed! Developer Security Tips From the JFrog Research Team

Add to calendar

Sold Out

Baruch Sadogursky | Principal Developer Advocate, JFrog

THU 11:25 AM - 12:05 PM

WonderFrog

Add to calendar

Again and again, I am asked how one can start with the topic of security in an agile project environment. What are the essential first steps, and what should you focus on at the beginning? Of course, this raises the question of suitable methodologies and tools. At the same time, the strategic orientation of the company must be included in this security strategy. We have also learned in the recent past that attacks like the “Solarwinds hack” are becoming more and more sophisticated and that the attackers now focus on the entire value chain. What tools are there, and where should they be used? How can I start tomorrow to prepare myself for the future against the challenges of cyber attacks? And that’s exactly what you will get an answer to here.

12:05 PM

Lunch

Sold Out

THU 12:05 PM - 1:05 PM

The Swamp

Add to calendar

1:05 PM

Session

Do Not Lose Control Over Your CI/CD - Hey, What Just Happened Here?!

Add to calendar

Sold Out

Melissa McKay | Developer Advocate, JFrog

Idan Shahar | Co-founder & CEO, Allero

THU 1:05 PM - 1:45 PM

WonderFrog

Add to calendar

CI/CD pipelines are necessary in organizations which have adopted DevOps. As companies grow, the delivery process is adapted to serve dozens of microservices, which often require different capabilities and configurations. Most often, DevOps engineers have a hard time maintaining and managing these complex CI/CD pipeline environments and, as a result, they begin to lose control over the delivery process. In this session, we will be discussing the risks of CI/CD chaos and ways to oversee and control this chaos, while taking into account the two paradigms of CI/CD methodologies - centralized and decentralized - as well as the developer experience.

1:05 PM

Training

Introduction to DevSecOps with JFrog Xray

Add to calendar

Sold Out

JFrog Solution Engineer

Roy Ben Shoushan

THU 1:05 PM - 5:05 PM

SuperFrog

Add to calendar

JFrog builds and delivers security products that enable organizations to trust their pipeline from development to deployment and into production. In this basic training session, we’ll see how JFrog Xray can advance your DevSecOps journey, how it integrates with other components within the JFrog Platform to ensure your builds and artifacts are secure, and how to create different policies for different stages of the CI/CD process. We will demonstrate how to use the integrations Xray has with different IDEs, git servers, and ecosystem tools in order to enforce or enhance “shift left” concepts.

Training

Software Distribution Patterns

Add to calendar

Sold Out

JFrog Solution Engineer

Friedrich von Jagwitz

THU 1:05 PM - 5:05 PM

BatFrog

Add to calendar

In this training course, we’ll focus on a variety of software distribution patterns. Whether you need to distribute releases to your production data centers or to your customers, many challenges must be addressed such as dealing with regulated or degraded networks, achieving full end-to-end traceability over what was deployed and where, as well as managing entitlements. Course attendees will gain experience on identifying the right distribution use case for their need, designing the right architecture to solve it and orchestrating a secure and efficient distribution workflow using JFrog Distribution and Artifactory Edge Nodes.

2:00 PM

Session

WASM Modules in Practice with JFrog Artifactory

Add to calendar

Sold Out

Ant(on) Weiss | Software Delivery Futurist

THU 2:00 PM - 2:15 PM

WonderFrog

Add to calendar

WebAssembly (WASM) is a super-promising technology that enables secure and efficient distribution of binary extensions. WASM binaries are especially great for edge and IoT deployments due to small size and high performance. In the session I'll provide an overview of WASM and show a practical example of building a Rust-based WASM network filtering module for the Envoy proxy. The module will be stored in Artifactory and loaded into Envoy when called. Warning: hype overload detected.

2:15 PM

Session

How JFrog Distribution Can Support Workday's Deployment Growth

Add to calendar

Sold Out

Naren Yadav | Principal Software Engineer, Workday

THU 2:15 PM - 2:30 PM

WonderFrog

Add to calendar

In this session, we will take a look at the Workday environment and how Workday production deployments are geographically distributed. We will also discuss how the JFrog Private Distribution Network has helped us tackle these challenges. We'll cover scenarios of load testing the PDN and how we have validated the scalability of our production environment with our PDN. We will also discuss how a PDN helps Workday reduce download or install times of significant artifacts in production releases. We will also show how PDN distribution time does not increase when the number of nodes increases.

2:30 PM

Session

Building a Cloud Native Platform Brick by Brick

Add to calendar

Sold Out

Haggai Philip Zagury | DevOps Group & Tech Lead, Tikal Knowledge

THU 2:30 PM - 2:45 PM

WonderFrog

Add to calendar

The overwhelming growth of technologies in the cloud native foundation overtook our toolbox and completely changed (well, really enhanced) the developer experience. In this talk, I will share my personal journey from the "operator's to developer's chair" and the practices which helped me along my journey as a cloud-native developer.

2:45 PM

Coffee Break

Sold Out

THU 2:45 PM - 3:15 PM

The Swamp

Add to calendar

3:15 PM

Session

Being Good Neighbors: Rate Limiting in a Modern App World

Add to calendar

Sold Out

Boaz Ziniman | Principal Developer Advocate, Amazon Web Services

THU 3:15 PM - 3:55 PM

WonderFrog

Add to calendar

How do you avoid DDoSing other systems or running out of resources when running modern applications that are spanned across multiple containers or serverless backends? Modern, cloud-based applications bring new challenges with their architecture, operations, and scaling capabilities. In a perfect world, this should be an advantage only, but we all know by now that the world ain't perfect. Integrating serverless or containers with legacy systems is a challenge you should take into account and plan accordingly. This session will focus on why rate limiting is so important in modern systems and how you should design and run a better system that acts as a much better neighbor.

4:10 PM

Session

DevOps and Cloud Native at the Edge with VMware Tanzu Platform and JFrog Connect

Add to calendar

Sold Out

Steve Pousty | Developer Advocate, VMware Tanzu

THU 4:10 PM - 4:50 PM

WonderFrog

Add to calendar

Your data science team has started to deploy their models on the edge infrastructure and want to control the process. Your Ops team wants to make sure hardware and deployments go smoothly. Ops loves JFrog Connect to manage edge devices but the data scientists don’t want to be involved in managing machines or learning yet another dashboard. In today's talk and demo, we will show how you can combine JFrog Connect with VMWare Tanzu Kubernetes platform to create an automated custom solution to manage deployment to edge devices. Using the Connect APIs along with some microservices running in Kubernetes we can create automation with clear separations of concern and still have the two teams enjoy bowling together. Data scientists get the self service and control they want and Ops gets the certainty and observability they require. Come and see the whole solution running in real time!

5:00 PM

Session

Terrible Rollouts and How to Survive Them

Add to calendar

Sold Out

Noa Goldman | Product Manager, Rookout

THU 5:00 PM - 5:40 PM

WonderFrog

Add to calendar

Every developer should know that pushing feature updates to production via traditional channels is as archaic as painting on cave walls. And yet, many continue to do so. The best developers are always quick to adapt to new, innovative technologies. This mindset is exactly what separates great developers from the average. So how do you make sure you’re not a developer that’s stuck in the Stone Age when doing feature rollouts? In this talk, I will share the insights I’ve gained so far in my career as to what should be thought about before releasing a sensitive feature: how to plan it, what type of tools should be used, and how it should be communicated (both externally and internally). Most importantly, I’ll share what should be done when it all goes wrong - and some horror stories of when it did go wrong - and yes, destroying production will be one of them.