Speakers

Saurav is an Engineer on the DevOps Acceleration Team @JFrog. Saurav and his team are tasked with actively maintaining numerous JFrog Platform Deployments for various uses. Apart from being used for End-to-End live demonstrations, their JPD instances are also used for testing integrations and solutions and contributing to the feature lifecycle. Saurav's experience comes to us from a strong application development background working at companies of varied size in both the public and private sectors. He is passionate about transforming the world through cutting-edge technological advancements in the fields of transportation, finance, industrial manufacturing and logistics, agriculture, health and many more through the use of advanced compute infrastructure, machine learning, and IoT powered by smart DevOps.

In this hands-on training, we’ll review the architecture of Artifactory and all of its microservices, the responsibilities that each microservice has and how to monitor and troubleshoot them individually or working together. We'll learn about the monitoring and data collection points using the built-in capabilities as well 3rd party integrations. Also, we’ll look at common issues and the best way of troubleshooting them together with some recommended best practices for optimizations & alerts.

Shubha is a Senior Solutions Engineer @JFrog. With more than a decade of experience working on different technologies and verticals, she is passionate about helping customers achieve the best. Prior to JFrog, she was a Solutions Architect helping some of the largest customers build their end to end IoT Products.

In this advanced, hands-on training class, you will learn how to take JFrog Artifactory to the next level. Artifactory has strong fundamentals that provide robust automation capabilities, allow you to garner a deep understanding of REST API, AQL, and the JFrog CLI tools, the best use case for each one, and integration with other tools like CI servers, etc. We will discuss best practices for using metadata and cover common use cases and tools to solve real-life automation problems (such as cleanup, whitelisting, and tracking). We will also talk about User Plugins and their benefits for automation processes.

☕️

Coffee Break!

As Founder, CEO & Editor-in-chief of MediaOps, the company behind DevOps.com, Container Journal, Security Boulevard and Digital Anarchist, as well as co-founder of the DevOps Institute, Alan Shimel is attuned to the world of technology, particularly cloud, DevOps, security and open source. With almost 30 years of entrepreneurial experience, Alan has been instrumental in the success of several organizations. Shimel is an often-cited personality in the security and technology community and is a sought-after speaker at industry and government conferences and events. In addition to his writing, his DevOps Chat podcast, DevOps TV and Digital Anarchist audio and videos are widely followed. Alan attributes his success to a combination of a strong business background and a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality. Mr. Shimel is a graduate of St. Johns University with a Bachelor of Arts in Government and Politics, and holds a JD degree from NY Law School.

2020 greatly accelerated the pace of digital transformation and adoption of DevOps and cloud-native technologies. This movement is continuously enabled by a leftwards shift of data, allowing monitoring of binaries, security and operational tasks across end-to-end delivery pipelines. Hear from the CEOs of the world’s leading DevOps companies on how these trends are democratizing IT and preparing our industry for future transformation.

Alexander Denk is an Engineer and Computer Scientist at BMW. He started coding nearly 20 years ago right after his 11th birthday when he got his first own PC. While visiting the university started working as a free consultant and had various stations as a researcher. Since then the developed a strong passion for introducing cutting-edge technologies to companies he has worked for. In this role, he and his team are driving the transformation towards a post-modern CI/CD development platform at BMW. He has a wife and is the father of his first child.

BMW has a long history in developing software: With corporate to off-board as well as on-board software, nearly every area is covered. For more than 20 years BMW has collected experience in bringing software into cars, and using massive backend infrastructures to connect our fleet. Complexity and the number of components are growing exponentially in this field, which spawned the need for CodeCraft a few years ago for a fresh DevOps platform to drive BMW’s development of Electronic Control Units (ECUs), impacting every component starting from engine to window, steering, brake. With the first-ever BMW iX Sports Activity Vehicle® as a digital native, it will be our first vehicle that delivers these new software experiences. Beginning with state-of-the-art technologies we moved to cutting edge tech-stacks to ensure fast and robust development processes under strict safety regulations and to enable our teams to deal with all related challenges. JFrog products such as Artifactory are an essential and mission-critical part of this service mesh.

Alyssa Miller, Business Information Security Officer (BISO) for S&P Global Ratings, directs the Ratings security strategy, connecting corporate security objectives to business initiatives. She blends a unique mix of technical expertise and executive presence to bridge the gap that can often form between security practitioners and business leaders. Her goal is to change how we look at the security of our interconnected way of life and focus attention on defending privacy and cultivating trust. A life-long hacker, Alyssa has a passion for technology and security. She bought her first computer herself at age 12 and quickly learned techniques for hacking modem communications and software. Her serendipitous career journey began as a software developer which enabled her to pivot into security roles. Beginning as a penetration tester, her last 15 years have seen her grow as a security leader with experience across a variety of organizations. She regularly advocates for improved Application Security and DevSecOps practices and shares her research with business leaders and industry audiences through her international public speaking engagements, online content, and as co-host of The Uncommon Journey podcast on ITSP Magazine.

It may be hard for some to believe, but it’s been over a decade since DevOps was first introduced. It wasn’t very long after its introduction that the concept of DevSecOps began to emerge as security practitioners attempted to keep application security practices engaged in software delivery. However, recent surveys show that even in organizations that have adopted a DevSecOps model, security is still often viewed as a bottleneck. This idea of security as an inhibitor can undermine the promise of DevSecOps to deliver a culture of shared responsibility for security. Hacker, former developer, and application security advocate Alyssa Miller dives into the key issues that keep security on the outside looking in when it comes to DevOps culture. She’ll provide insights from recent studies that have looked at the state of DevSecOps and share the key issues that our security teams often fail to overcome when trying to leverage security practices Through her analysis, Alyssa identifies tangible, practical actions that organizations can take immediately to begin improving collaboration and enablement within pipeline. Alyssa will demonstrate how adding the Sec to DevOps can actually make Developers and Operations happier, more efficient, and more effective. Finally, Alyssa delivers a forward-looking viewpoint for what lies beyond DevSecOps, and how this culture can be cultivated and extended into the broader business.

Anaïs is a Site Reliability Engineer at Civo, a cloud computing company based on Kubernetes. When she is not advocating DevOps best practices, she runs her own YouTube Channel centered around cloud native technologies. Before transitioning to the cloud native ecosystem, Anaïs helped blockchain projects scale and find adoption. As CNCF ambassador, her passion lies in making tools and platforms more accessible to developers and community members.

In many of the talks that we hear from today, we will get a snapshot of someone's knowledge, a snapshot of someone's experience and understanding within their field of expertise. This knowledge is built up over time, through reading, writing and sharing your insights. When Anais got started in DevOps, she made it her mission to make her entire learning journey public on [devops.anaisurl.com](http://devops.anaisurl.com/). With the goal to inspire others to get started in DevOps and to show how everyone has to begin somewhere, Anais started #100DaysOfKubernetes. In this talk, Anais will take you along her journey of discovering the vast number of resources available in the space, the challenges she faced, and ultimately, how rewarding it is to find new tools and learn to use a new framework.

Anastasia Grinman is a DevOps Engineer at JFrog with a big passion to technology. Her professional background comes from teaching Statistics, learning a technical stuff as a autodidactic person, automating the processes and sharing the knowledge. Specializing in cloud, micro services, orchestration and development she gets a satisfaction to see the things get working and the processes are simplified and faster. When she's not doing DevOps :) , you can find her traveling with her family, taming her puppy and cooking exotic meals.

As DevOps engineers, we truly believe that automation is super important. We are humans, and humans make mistakes and we would like to make sure that we are automating our processes as much as possible. In this talk, we are going to show you how we are using K8s in our organization, while combining automation relying on DevOps tools and securing the process - all based on our experience.

Andres is a Java/Groovy developer and a Java Champion with more than 20 years of experience in software design and development. He has been involved in web and desktop application development since the early days of Java. Andres is a true believer in open source and has participated on popular projects like Groovy, Griffon, and DbUnit, as well as starting his own projects (Json-lib, EZMorph, GraphicsBuilder, JideBuilder). Founding member of the Griffon framework and Hackergarten community event. You can find him on twitter too as @aalmiray. He likes to spend time with his beloved wife, Ixchel, when not hacking around.

Automation is key in the DevOps world. Having a well-defined and documented service interface helps in building pipelines and speeding up processing. JFrog Xray exposes a REST API that lets you interact with all options offered by its services; build tools rely on this API to publish packages for example; it also powers IDE integration via plugins. In this session, we'll learn more about these build tools and the API itself, which should come in handy when a custom pipeline may be needed.

Anuj is a container specialist solution architect at Amazon Web Services and has been building on AWS for over 7 years. He has hands-on industry experience for over 15 years in application and infrastructure development. When not developing, he likes to hike around Mt Rainer.

In this talk, we will simulate a real world scenario by building a shared services platform using the JFrog platform on Amazon Elastic Kubernetes Service (EKS) using AWS Cloud Development Kit (CDK) to deploy a containerized workload into test and production AWS accounts, using deployment pipelines. Along the way, we will cover topics such as static code analysis, image scanning and deploying a Helm chart from a management EKS cluster to clusters in Test and Production AWS accounts, and implement DevSecOps best practices using the JFrog Platform.

Asim is a Solutions Architect @JFrog. He is a creative (with multiple US patents), proactive, hands-on and a results driven engineer/leader with 25 years of experience under his belt. Asim is driven by partnering up with JFrog customers in their journey to achieve their DevOps vision by providing them with the relevant knowledge and training. In his spare time, he enjoys astronomy, drone flying, hiking, sports, traveling, and spending time with his wife and 3 kids.

In this advanced training session, we’ll focus on how to adopt the usage of JFrog Xray within an organization. This includes best practices for the onboarding process for different teams and projects, how to configure different policies and watches for specific use cases and stages within the CI/CD lifecycle. We’ll further explore how to use the reported results of scans in order to make efficient decisions regarding the next steps (such as how to use remediation hints or comply to your license compliance policies). We’ll also focus on Xray architecture and its integration within the JFrog platform.

Avan (Avantika) Mathur is director of product management for CloudBees Software Delivery Automation and passionate about DevOps. Her background includes helping large enterprises across financial services, retail and embedded industries accelerate their DevOps adoption.

The concept of “progressive delivery” using feature flags has taken the world of software delivery by storm in recent years, but what does this mean for enterprise software development operations teams, and how they should change their technology and practices? Like many things, the application of progressive delivery in the enterprise setting is much easier said than done with disparate technology and teams around the world.

Ayrat is a CNCF Ambassador, GDG, GDE and Hybrid Cloud Specialist at Google Cloud, where he spends time creating and developing cloud-native architectures and help customers run workloads on-prem and in multi-cloud environments. As a CNCF Ambassador he has an opportunity to educate people and share knowledge about benefits of containers, microservices and Cloud Native landscape via CNCF and Kubernetes Meetups, workshops or by helping customers to build modern cloud native applications that can run seamlessly on-prem or any cloud provider. Ayrat is passionate about community, he is frequent speaker and lead organizer at Eastern Canada CNCF and Kubernetes Meetups and GDG Cloud Montreal and Ottawa. He is an organizer of Kubernetes Community Days, Cloud Native Days Canada 2019 and GDG Cloud & AI DevFest 2019 conferences. Olga Kundzich is a Spinnaker Open source product manager at Pivotal focused on application delivery and management solutions. She has been working with some of the world’s largest enterprises on cloud-native transformation, and specifically guiding Spinnaker roadmap. She is a frequent speaker in conferences worldwide and meetups and active community leader in Eastern Canada.

On Google Cloud, modern workloads are running containers, in a serverless fashion. With Cloud Run, you can easily deploy your workloads, and have them scale up and down transparently to accommodate traffic spikes as well as low demand. In this session, we’ll introduce you to the serverless container world of Cloud Run, how to build them with Cloud Build, and we’ll see how we can take advantage of JFrog Artifactory for hosting our container artifacts. In a series of live demos, we will demonstrate different Cloud Run use cases. Legacy Monolith, Machine Learning API, Vault, Microservices or Event Based Architecture — Google Cloud Run and JFrog will get you covered!

A cyber security veteran with more than a decade of experience acting as a Security Officer, Researcher, Hacker, Developer and Software architect, Bar is instrumental in developing NeuraLegion's proprietary AIAST Technology, a New Generation of AppSec Testing Automation built for developers and DevOps

Achieving DevSecOps with Security Testing Automation for Developers. As a developer, you need to deliver fast, and you simply don't have the time to constantly think about security. Still, if something goes wrong it's your job to fix it, but security testing just delays releases. Many organizations are adopting DevOps practices and tooling, but struggle to achieve true DevOps (or CI/CD) due to limitations of application security solutions. In this session we will discuss how you can seamlessly integrate AppSec testing automation with DevOps to enable DevSecOps, and the capabilities AppSec solutions need to have to enable this. NeuraLegion's developer focussed AppSec testing technology enables developers to detect, prioritise and remediate security issues EARLY, as part of their DevOps pipelines, Join this hands-on workshop to discover how you can integrate and access NexDAST via JFrog Pipelines to run comprehensive security testing automation on every commit.

Batel Zohar is a Developer Advocate for JFrog and has a background in DevOps support engineering, web development, and embedded software engineering. Prior to this, Batel served as an Enterprise Solutions Lead on a dedicated team that accompanies and assists large customers through the architectural implementation of the JFrog platform. She loves her dogs, plays guitar, and is a fan of Marvel’s movies.

JFrog builds and delivers security products that enable organizations to trust their pipeline from development to deployment and into production. In this basic training session, we’ll see how JFrog Xray can advance your DevSecOps journey, how it integrates with other components within the JFrog Platform to ensure your builds and artifacts are secure, and how to create different policies for different stages within the CI/CD process. We will demonstrate how to use the integration Xray has with different IDEs and CI Servers in order to enforce or enhance “shift left” concepts.

Bharat leads Product Marketing for Developer Relations at Okta. He was a Java developer for 10 years in his past life—both Enterprise and Open Source. Before Okta, he led Developer Tools & DevOps Marketing efforts at Microsoft. His mission is to provide a delightful experience for developers building on Okta's platform. He sincerely believes that Okta's ability to help developers quickly secure apps, APIs and Infrastructure will save them a lot of time, effort, and risk. Bharat lives in Seattle, where he plays guitar to annoy his family and tries to figure out how to play golf in perpetually rainy weather with his six-year-old son.

In this demo-heavy session, we will introduce the New Developer Edition and explore how Okta has made it easier for all developers to secure apps, protect APIs, and plug into DevOps automation. Join us as we show you the next generation of Auth tooling.

Brendan Burns is a co-founder of the Kubernetes Open Source Project and Corporate Vice President for Cloud Native Open Source at Microsoft Azure. Prior to Microsoft, he worked on Google Cloud and Google Web Search Infrastructure. He has a Ph.D. in Robotics from the University of Massachusetts Amherst and a BA in Computer Science and Studio Art from Williams College.

Over the last seven years, containers and Kubernetes have gone from hipster technology to core pieces of enterprise digital transformation. But this revolution is incomplete and it’s likely that even more change will come in the next seven as the previous. We’ll take a look at where we are and where we might be going in the cloud-native journey.

The DevOps toolchain around the liquid software platform has prospered. JFrog is innovating with ecosystem partners ranging from emerging technologies to enterprise applications to deliver a solution for each phase of the DevOps life cycle.

Christoph Engelbert is an open source enthusiast and always interested in “Java Next”. In his spare time, he struggles with performance, optimizations of JVM internals or the garbage collector, whereby he is also available to answer questions on these topics as a freelance consultant. He also firmly believes in Polyglot and is familiar with Java, Kotlin, Go, TypeScript and other languages.

As developers, we can remember the time when Nagios was state-of-the-art technology. We hated looking at all the numbers that seemed disconnected from our reality. The world has changed, though, and Observability provides us with a new swiss army knife in our toolbox. Used correctly, it helps to improve reliability, brings additional focus on what matters, the business logic, and offers aid in case of problems or failures. Especially in time-critical situations, a distributed system with many service dependencies can be hard to analyze. In this session, you will learn how to use Observability to assist developers instead of distracting them.

Chris Riley (@hoardinginfo) is obsessed with bringing modern technologies to those who need to solve real-world problems, going from unicorn to reality. Chris speaks and engages with end-users regularly in the areas of DevOps, SecOps, and App Dev. He works for Splunk as a Tech Advocate and is a regular contributor to industry blogs such as ContainerJournal.com, DevOps.com and Sweetcode.io. He is also the host of the podcast, Developers Eating the World. As a bad-coder-turned-technology-advocate, Chris understands the challenges and needs of modern engineers, as well as how technology fits into the broader business goals of companies in a demanding high-tech world. Chris obtained his Computer Science and Business degrees from Regis University in Colorado and currently lives in Colorado with his wife and two daughters. He is a fan of physics and psychology, and has an eclectic set of hobbies that range from Genetic Algorithms (GA) to Mineral Collecting to LEGO.

Security should be embedded in DevOps by default, but for many organizations, it is not. Enter “DevSecOps”. What is DevSecOps? It is a practice to build more secure applications, secure the software factory, and secure cloud workloads. Because it is a practice it needs to be visible. In this session hear about the ways tech-enabled enterprises approach a DevSecOps practice, how they make it visible, and how Splunk + JFrog can accelerate your journey.

Chef Cristina Bowerman, the only female chef with 1 Michelin star in Rome, was born in Cerignola, a small town in Puglia, Italy. After starting her career in Law, she decided to move to San Francisco to continue his law studies. While there, to learn “American like an American,” she worked in several different positions. Her first contact with the kitchen happened at a place called started Higher Grounds, a renowned coffee house in SF. Then she started to work for Spectrum Foods, which owned 16 high-end restaurants, almost all Italian. After that, she moved to Southern California, where she lived for a while, and then to the city she loves, Austin, TX. In Austin, she finally discovered her love for cooking and decided to become a professional. She did, in fact, enrolled and graduated with the maximum score at TXCA, obtaining a liberal art degree. Her first experience with high-end cuisine is under Chef David Bull, James Beard award, and well-renown chef. Then she decided she needed to create her own style and make it as personal as possible. That is why she moved to Rome. But, first, she wanted to know more about her roots. Still, her idea was to go back after experiencing the Convivio Troiani, a Michelin star restaurant in Rome, and open her own restaurant in Austin. In the short period of time she was in Rome, she got offered many opportunities, and Glass Hostaria in Trastevere was the one she fell in love with. Glass had opened just a little less than a year before. Glass is a contemporary and innovative space both in philosophy and in the gastronomic proposal. The restaurant is counter-current with the Trastevere scene, exactly like Cristina’s cuisine. Her kitchen style results from experiences, travels, meetings, culinary training, and studies, always been the primary source of inspiration. Cristina's cuisine is a cultural crossing that tells about taste through the constant dialogue between traditions, cultures, memory, and places. Michelin star since 2010, and “Tre forchette - Gambero Rosso” since 2020, she is a case study of Bocconi Universit. She wrote her first book in 2014, “Da Cerignola a San Francisco e ritorno la mia vita di chef contro corrente” Mondadori and her second one in 2019 “the Chef meets the Artist” published by Maretti Editore. Both books underline the strong her strong personality.

Put together some DevOps Engineers, a recipe, a bunch of ingredients, and a 30-minute countdown to make a delicious dish in a race against the clock and a Michelin star chef! What could possibly go wrong? We are engineers, but we are also humans. So, join us for a fun session where we watch some of our beloved DevOps community experts as they get yelled at by celebrity Chef Cristina Bowerman while preparing a dish specially created for swampUP. And… They may or may not be all wearing pink wigs…

After many years of managing infrastructure for multiple companies, Damian now heads up all things technical for Partnerships and Alliances for NGINX. Damian is a long-time NGINX user, and it has played a key role in almost every environment he has managed.

Modern app deployments with Kubernetes don’t have to be complicated. Learn how JFrog and NGINX join forces to deliver consistent CI/CD deployments with integrated monitoring metrics to deliver fast, secure application experiences to your customers. The technical demo will include examples of blue/green application deployments to Kubernetes clusters being fronted by the NGINX Plus Ingress Controller.

Dave (@davidmcj) is the CEO of HashiCorp, and has more than 20 years of experience spanning product management, operations, finance and marketing with a focus on open source and infrastructure software. Prior to HashiCorp, he ran marketing at GitHub and Hortonworks. At Hortonworks, he built and led the marketing organization that helped the company through multiple phases, more than $100 million in annual revenues within four years of inception and a successful IPO in 2014. Prior to Hortonworks, he led the marketing function for SpringSource at VMware, which included the Spring Framework, Cloud Foundry and other key technologies that became the company now known as Pivotal Software. He joined SpringSource from Microsoft, where he was responsible for multiple elements of the server and cloud portfolio performance in Canada.

2020 greatly accelerated the pace of digital transformation and adoption of DevOps and cloud-native technologies. This movement is continuously enabled by a leftwards shift of data, allowing monitoring of binaries, security and operational tasks across end-to-end delivery pipelines. Hear from the CEOs of the world’s leading DevOps companies on how these trends are democratizing IT and preparing our industry for future transformation.

See how HPE’s Ezmeral Container Platform can help you with your data centric workload, and follow along with this demo of harvesting live public data and making it available to your users. We will be using a Jupyter notebook, Kubernetes, Docker and other opensource tools to show the power of the platform.

See how HPE’s Ezmeral Container Platform can help you with your data-centric workload, and follow along with this demo of harvesting live public data and making it available to your users. We will be using a Jupyter notebook, Kubernetes, Docker, and other opensource tools to show the platform's power.

An experienced Product Manager with 20 years of professional experience including Product Management, Solution Architect, professional services, Pre-sales and R&D. I bring strong business and technical skills, as I have managed to touch all software lifecycle stages - from development, through pre/post sales to product management. Today, I’m the Xray Product Manager at JFrog, focusing on Open Source Security and DevSecOps.

Ask me anything panel with the JFrog Product team. You'll have a unique opportunity to get an exclusive glance into the JFrog roadmap and get the answers about all things JFrog from the real experts.

Dinesh is an expert in Cybersecurity and focused additionally on security domains around vulnerability management, Application Security, Security Assurance, Data Security, Information Risk Management, specializing in Enterprise Security Architecture, formulating IT Security Strategy to enable business objectives.

In this session, RunSafe Security highlights how it uses Docker Hub and JFrog Artifactory together to build and manage over 15 open source packages for distribution so that its customers enjoy security protections without slowing down developers. The presentation demonstrates the Docker Hub - Artifactory combination when managing these products while unifying an approach for security. It includes examples of how multinational IT infrastructure teams are deploying these secure containers with ease. RunSafe also shares how other DevOps teams can incorporate security protections into their CI/CD pipelines, protecting their own code when using Docker Hub, hardening 3rd party binaries via Artifactory, and ultimately enabling continuous delivery of secure cloud workloads. This process mitigates zero-day attacks, strengthening your software supply chain and protecting your customers. Joining RunSafe in this presentation will be a global managed service provider or a multinational consulting firm.

Disha is an Enterprise Solutions Lead @JFrog, she works with large Enterprise customers as a Technical point of contact to JFrog. She has worked with various CI/CD Products and is well versed with different CI and Orchestration tools.

JFrog Pipelines is a universal and enterprise-ready automation service for performing the tasks of building, testing, and deploying software as part of a system of continuous integration and continuous delivery (CI/CD). Pipelines allow you easily create smart, event-driven workflows across your tools and teams to help you release applications faster. In this hands-on training, you will learn how to easily automate a DevOps workflow with a simple, declarative YAML-based language, allowing you to seamlessly integrate with all the JFrog products as well as enabling integrations with other DevOps tools/services.

Donald Fischer is co-founder and CEO of Tidelift. Previously he was a product manager and executive at Red Hat, and an investor and board member at over a dozen open source software startups.

Software supply chain attacks are rising in both open source and in proprietary software. Tidelift CEO Donald Fischer will brief application development teams on the state of software supply chain security, including an overview of common vulnerabilities and an analysis of new government policies that impact the software supply chain. He’ll share best practices for supply chain management that can help development teams move fast and stay safe.

Dror has 15 years of experience in the enterprise software industry, working in many different roles from coding, architecture, development management to product management. Dror started his journey at JFrog as a development manager, and moved up to serve as the VP of R&D. Prior to JFrog, he was the Director of Technologies in AlphaCSP, an R&D group leader in Golden Pages, Cortext and Infobit, and has both technical and leadership experience. Dror holds an MBA in Information Systems and a BA in Computer Science from Bar Ilan University.

As the world continues to demand more software, the next generation of applications requires speed, security and efficient software distribution at scale to meet the promises of DevOps. Join JFrog’s CTO Yoav Landman and CPO Dror Bereznitsky as they unveil JFrog’s 2021 roadmap, with a few DevOps industry-changing surprises. Don’t miss this annual landmark session.

Eldad Assis is currently a DevOps Architect @JFrog's CTO office. Taking applications to cloud native deployements. Advocating DevOps principels and practices all over. Comes from a developer and systems background with over 20 years in the software industry. One of the architects taking JFrog saas offerings to Kubernetes!

Adopting Kubernetes in an organization is a major step, and for it to go well, many best practices and guardrails are required. This course focuses on why and how to use Helm charts as immutable artifacts of a Kubernetes deployment, and how to version and name Helm charts and Docker containers. It also covers promotion flows for Docker containers and Helm charts -- and how to use Artifactory to do these things together. The course also goes into the best ways to leverage third-party Helm charts, the enforcement of policies on artifact promotion, and how all of these technologies interact in a modern CD and DevOps environment to build reliable, robust systems.

As the world’s first universal repository, JFrog Artifactory is the mission-critical heart of the JFrog Platform functioning as the single source of truth for all packages, container images and Helm charts, as they move across the entire DevOps pipeline.

Ask me anything panel with the JFrog Product team. You'll have a unique opportunity to get an exclusive glance into the JFrog roadmap and get the answers about all things JFrog from the real experts.

Join the JFrog & NetApp technical team to learn how you can reduce/eliminate developer community downtime for your JFrog ecosystems and enable true disaster recovery across cloud regions in GCP. With NetApp’s cloud-native data services solution -- Cloud Volume Service(CVS), we will show you how to: 1. Reduce/eliminate outages 2. Protect against regional failures 3. Enable increased capacity & performance on demand 4. Manage NetApp and IaC solutions through Terraform Please join us in this session which will include a step-by-step walk-through demo that can be easily recreated in your own environments without needing to call a storage administrator!

Frank is a Solutions Architect @ JFrog. He is a DevOps, GitOps practitioner of Application Delivery in Multi-Cloud technologies with expert knowledge of Telecommunication and Financial industries.

In this course, we’ll do a deep dive into all of the JFrog Platform components and how those components interact to form a full end-to-end solution. We’ll focus on use cases for Platform-specific components (e.g. Distribution, Pipelines, Xray, Access Federation etc.) and provide hands-on demonstrations showcasing how to solve specific problems for common customer use cases.

Galit Nadler is a Senior Solution Engineer at JFrog. As such her main focus is easing the life of the JFrog customers through processes of optimization and automation using JFrog products. Galit's background as a DevOps consultant and an IT team leader in an elite military intelligence tech unit in the IDF helps her understand JFrog customers challenges from small startups to big enterprises and lead them to success.

In this course, we’ll do a deep dive into all of the JFrog Platform components and how those components interact to form a full end-to-end solution. We’ll focus on use cases for Platform-specific components (e.g. Distribution, Pipelines, Xray, Access Federation etc.) and provide hands-on demonstrations showcasing how to solve specific problems for common customer use cases.

Gowtham Neerukonda is a DevOps Acceleration Engineer @JFrog. A passionate Engineer who has experience in working with Embedded Systems, Application Security and DevOps automation. As a member of DevOps Acceleration team, he enjoys learning new advancements in DevOps world and help Customers embrace the JFrog's Universal DevOps platform. He enjoys cooking and playing board games especially Catan. His interests also include Volleyball and FIFA (PS4).

Software development pipelines need to adhere to the highest security standards. Because JFrog Artifactory is in the center of the development pipeline, it has to allow fine-grained, strong security. In this course, you will learn about the strong security foundations in JFrog Artifactory and JFrog Access, how identity management works and is configured, auditing, and distributed identity management with multiple Artifactory instances. You will learn about the levels of security built into Artifactory and how to leverage them for your setup, as well as extend them with user plugins to provide a custom ACL and permission model. We will get hands-on experience with access tokens, establishing the circle of trust on federated instances and clusters, etc.

Guillaume Laforge is Developer Advocate for Google Cloud Platform, at day, and at night, he is a Java Champioin, wears his Apache Groovy hat.

On Google Cloud, modern workloads are running containers, in a serverless fashion. With Cloud Run, you can easily deploy your workloads, and have them scale up and down transparently to accommodate traffic spikes as well as low demand. In this session, we’ll introduce you to the serverless container world of Cloud Run, how to build them with Cloud Build, and we’ll see how we can take advantage of JFrog Artifactory for hosting our container artifacts. In a series of live demos, we will demonstrate different Cloud Run use cases. Legacy Monolith, Machine Learning API, Vault, Microservices or Event Based Architecture — Google Cloud Run and JFrog will get you covered!

Hamza Zaoui is a Senior Solution Engineer @JFrog. Based in France, he has more than 15 years of experience in helping organisations to implement CICD and level up their DevOps practices. In his spare time, he enjoys photography and shooting with analog cameras, watching independent movies and whenever the occasion arises, he never misses a good heavy metal show.

In this advanced, hands-on training class, you will learn how to take JFrog Artifactory to the next level. Artifactory has strong fundamentals that provide robust automation capabilities, allow you to garner a deep understanding of REST API, AQL, and the JFrog CLI tools, the best use case for each one, and integration with other tools like CI servers, etc. We will discuss best practices for using metadata and cover common use cases and tools to solve real-life automation problems (such as cleanup, whitelisting, and tracking). We will also talk about User Plugins and their benefits for automation processes.

I've worked at Capital One as a developer for 5 years and have been working with Artifactory for 4 of those 5 years. Our team actively supports Artifactory as the enterprise solution for binary storage and ensures the stability of the platform as well as provides support for our users.

Depending on your use case, managing access in Artifactory through Users, Groups, Tokens and Permissions can be done any number of ways. I would like to share some of the scenarios we ran into and how we optimized for better performance and where we're looking to migrate with some of the upcoming changes to the platform.

Heath Newburn is the AIOps Solution Specialist at PagerDuty. He's had a long career in software as a Product Manager for Monitoring and Event Management and was the former CTO for NA Sales for IBM's Cloud and Smarter Infrastructure as well as a business partner for ServiceNow, and Account Executive at Dynatrace. He is passionate about making IT teams successful and building capabilities for AIOps and Digital Transformation. Heath is married to the #prettiestgirlintx and is the proud dad to 4 sons. He can be found on any given weekend cooking on one of his many smokers or grills (teenagers eat a lot) or finding the next great Texas BBQ joint.

In this session, you'll learn how AIOps creates Actionable Intelligence and how to drive the Action in Actionable Intelligence. You'll see how to increase the speed and safety of your pipelines, how automation will help you focus on core business and not chore business, and how we can create a better digital experience for employees and your customers.

Jacqueline Salinas is the Director of Ecosystem & Community Development for the Continuous Delivery Foundation. She is an alumni of the University of New Mexico, where she earned her degree in Business Administration at the Robert O. Anderson School of Management with a concentration in International Management. Jacqueline is an expert in crafting outreach and marketing programs to grow effective and strong ecosystems and communities. She has over 10 years of experience working in marketing and sales organizations in Silicon Valley. Jacqueline has a thorough understanding in developer outreach, project/program management, content development, product & growth marketing, and event planning/execution for large scale conferences in high tech. She joins the CD Foundation from Amazon Web Services (AWS) where she worked for the Product Marketing Organization as a lead Digital Marketing Manager. During her tenure at AWS, Jacqueline managed the development and execution of digital strategy and marketing initiatives to foster adoption for over 24+ PaaS products. Prior to joining AWS, she was a Marketing Manager for Intel, Corp., focused on developer outreach, event marketing, brand development, and outbound communications for Intel RealSense Technology. In her spare time she is also an aspiring entrepreneur. In 2020 she founded JAX08 Corp, a marketing and communications firm, focused on helping startups establish strategic & effective marketing programs. She currently resides in Santa Fe, NM with her pitbull Lily and two cats, Bella & Chiquilin. She has traveled to over 18 countries and is passionate about exploring new cultures and seeing remote areas of this world. Her goal is to reach 40 countries by 40!

The CD Foundation (CDF) is an open-source community improving the world's ability to deliver software with security and speed. The foundation's goal is to help you figure out your best DevOps path to being a high-performing team and how to use open source to get there. BUT how exactly are we able to execute this mission in 2020? Especially during the Covid-19 pandemic when face-to-face interactions were prohibited? Join this session to learn more about how I, Jacqueline Salinas, Director of Ecosystem & Community Development, and the CDF community worked to figure out how to transition our community and outreach activities from in-person to virtual. This session will cover various case studies from the CDF community and practical approaches implemented to ensure engagement and growth from the comfort and safety of all of our homes. Walk away with the knowledge that is transferable to any community to ensure you are creating safe, inclusive, and diverse communities.

Legacy Creator

It seems like a new cloud-native technology or project is launched every week, and though there are technical changes required for building and operating cloud-native applications, technology alone isn’t a silver bullet. It turns out that how you build your applications is critical to enable seamless scaling and resiliency to failures. What do you have to do to ensure your applications can fully leverage the power and flexibility the cloud offers? The 12-Factor principles have been around for a decade and have proven themselves as core, foundational principles for cloud-native applications. But they require changes to how you design your applications, the way teams collaborate on code, and more. Understanding the 12-Factor principles is a strong foundation for adopting cloud-native patterns and practices. Starting with an architectural kata, Nate and Jakub will event storm a possible solution stopping along the way to identify key quality attributes, fitness functions and architectural patterns required to deliver a solution. Distributed architectures have similar problems and rather than “roll our own solutions” we will leverage Spring Cloud to solve common challenges while lessening technical complexity.

Jayne Groll is co-founder and CEO of the DevOps Institute (DOI). Her IT management career spans over 25 years of senior IT management roles across a wide range of industries. Her expertise spans multiple domains including DevOps, Agile, ITIL and Leadership. Jayne is a recognized and respected IT thought leader and influencer. In addition to authoring the Agile Service Management Guide, Jayne has co-authored several IT position papers including “Modernizing IT Operations in the Age of DevOps” that was published in 2018 by IT Revolution. Jayne is very active in the global DevOps, ITSM and Agile communities and is a frequent presenter at local, national and virtual events.

Digital transformation is now essential for organizations trying to navigate the "new normal". Digital transformation may be powered by automation but automation is powered by humans. To meet new demands, humans must now go through their own transformation including new skills, new tools, and new interactions. This session will look at DevOps and digital transformation from a human perspective including data on upskilling, workforce transformation, remote work and the characteristics of the hybrid DevOps Human.

Jeff works on our Okta SDKs and Developer Tools. His mission is to make Auth simple for all Developers so they can build and mature great apps. Prior to Okta, Jeff led Microservices product development at CoreLogic where he developed a passion for the developer experience.

In this demo-heavy session, we will introduce the New Developer Edition and explore how Okta has made it easier for all developers to secure apps, protect APIs, and plug into DevOps automation. Join us as we show you the next generation of Auth tooling.

Jennifer Tejada is the Chairperson and CEO of PagerDuty (NYSE: PD), the leader in digital operations management. In an always-on world, organizations of all sizes trust PagerDuty to help them deliver a perfect digital experience to their customers, every time. Teams use PagerDuty to identify issues and opportunities in real time and bring together the right people to fix problems faster and prevent them in the future. Jennifer brings to her role 25 years of unique experience, spanning mass consumer products to disruptive cloud and software solutions. Jennifer has a successful track record in product innovation, optimizing operations and scaling public and private enterprise technology companies. Prior to her role at PagerDuty, Jennifer was CEO of Keynote Systems, where she led the company to strong, profitable growth before its acquisition by Dynatrace. Before Keynote, Jennifer was Executive Vice President and Chief Strategy Officer at Mincom, leading its global strategy up to its acquisition by ABB. She has also held senior positions at Procter & Gamble and i2 Technologies. Jennifer currently serves as a board member of The Estée Lauder Companies Inc. (NYSE: EL) and UiPath. Jennifer holds a B.S. from University of Michigan.

2020 greatly accelerated the pace of digital transformation and adoption of DevOps and cloud-native technologies. This movement is continuously enabled by a leftwards shift of data, allowing monitoring of binaries, security and operational tasks across end-to-end delivery pipelines. Hear from the CEOs of the world’s leading DevOps companies on how these trends are democratizing IT and preparing our industry for future transformation.

Jerome is working as Senior Solution Engineer for JFrog. He was working over 20 years as a backend developer in industries like Telco, Gaming and Banking. He is a DevOps early adopter and strive to share his experience with the broadest audience.

In this advanced training session, we’ll focus on how to adopt the usage of JFrog Xray within an organization. This includes best practices for the onboarding process for different teams and projects, how to configure different policies and watches for specific use cases and stages within the CI/CD lifecycle. We’ll further explore how to use the reported results of scans in order to make efficient decisions regarding the next steps (such as how to use remediation hints or comply to your license compliance policies). We’ll also focus on Xray architecture and its integration within the JFrog platform.

John is a Strategic Solutions Architect @JFrog. He has had 20 years of experience in coding and support for DevOps style deployments, beginning as a Researcher at Georgia Tech. He has been a Solutions Architect for the last five years, with specialties in distributed databases, android development, and macOS/iOS infrastructure.

In this training session, you’ll learn best-practices when using the JFrog Platform to store and manage your Docker images and Kubernetes deployments from beginning to end, while also setting up a continuous build, test and deploy pipeline. We’ll cover best practices for managing and creating Docker registries and Helm repositories, testing and promotion of Docker containers, and taking your containers all the way to production using the JFrog Platform and Kubernetes together. While the use cases discussed will cover and utilize the entire JFrog Platform, the majority of the hands-on training will focus on JFrog Artifactory and CI tools working together.

John Day is a 20+ year veteran creating compute, networking and storage infrastructure solutions for software, ASIC and hardware development organizations at large IT enterprise organizations. For the last 5 years, John has specifically focused on creating cloud native platforms and techniques with declarative code for deploying containers and microservices in a Continuous Integration & Continuous Delivery (CI/CD) pipeline.

You’ve developed a fabulous application in a container/Kubernetes Continuous Integration (CI) pipeline. The application works as it should, and the static scans look secure, but, is it actually operating securely? Are any 3rd party components you’ve integrated doing something they shouldn’t be doing? How do you know? To be confident about the behavior of your app, you need to identify risks in your code, risks in your build artifacts (executables & container images), and risks in your running applications. SAST tools identify risks in your code. And tools like JFrog Xray are great for identifying risks in your container images. When it comes to observing running applications for risks, active inspection of running binaries within a container and utilizing live telemetry is key. Continuous observability enables this by filling the gaps that static code (SAST) and dynamic external inspections (DAST) don’t cover. During this technical session, you’ll see continuous observability in action and the benefits the solution delivers to developers and their teams. Mike Larkin, CTO at DeepFactor, and John Day, Customer Success Engineer at DeepFactor, will discuss a straightforward method to obtain millions of live telemetry events across various layers of application behavior—including system calls, library calls, and network, web, and API layers—in every thread of every process of your container, extracting metric data with minimal overhead. This information can then be processed to detect anomalies and indicate issues that may affect the unknowing behavior of your container be it security, compliance, or operational intention. You’ll leave this session armed with the knowledge to immediately leverage continuous observability to consistently deploy apps with confidence.

Managing all the tools needed to deploy, observe, and support a modern DevOps pipeline can be challenging with information siloed across different organizations. Learn how to integrate best-in-class DevOps tools so that your developers and ops are seeing one unified view of production that is powered by JFrog and a huge ecosystem of partners.

John Willis is Senior Director of the Global Transformation Office at Red Hat Prior to Red Hat, he was the Director of Ecosystem Development for Docker, which he joined after the company he co-founded (SocketPlane, which focused on SDN for containers) was acquired by Docker in February 2015. Previous to founding SocketPlane in Fall 2014, John was the Chief DevOps An Evangelist at Dell, which he joined following the Enstratius acquisition in May 2013. He has also held past executive roles at Chef and Canonical. John was one of the earliest cloud evangelists and is considered one of the founders of the Devops movement. John is the author of 7 IBM Redbooks. He is also the co-author of the “Devops Handbook” and “Beyond the Phoenix Project” along with author Gene Kim.

A classic model for risk management and control is something called “The Three Lines of Defense (3ODL).” The three lines are as follows: Line 1: Risk Owners - Front-line staff and operational management Line 2: Risk Oversight - Risk management and compliance functions Line 3: Risk Assurance - Internal audit However, with the advent of modern sociotechnical systems like Agile, Cloud Native, and Event-Driven architectures these legacy lines (3ODL) are at best blurred and at worst completely broken. With the modern patterns and practices of DevOps and DevSecOps it’s not clear who the front-line owners are anymore. Risk management and organizational compliance teams struggle to adapt to new cloud-native models such as ephemeral containers, microservices, and event-driven architecture like serverless. Most organizations' internal audit processes today are highly toil-based and have low efficacy. This is something I have called in previous presentations “Security and Compliance Theater.” In this presentation, we are going to look at a couple of case studies that include the good, the bad, and the ugly when it comes to 3ODL. Primary topics covered are organizational design, DevSecOps, and Automated Governance.

Jonathan has been working as a DevOps specialist solutions architect at Amazon Web Services for over a year and has previously practiced professional software development for over a decade. He is passionate about enabling builders. Jonathan lives in the Triangle area of North Carolina and enjoys climbing rocks, birding and music.

As more organizations move to cloud-based application deployment, applications are becoming increasingly distributed. As a result, developers now require more automated practices to maintain application availability and reduce the time and effort spent detecting, debugging, and resolving operational issues. Join this tech talk to learn how Amazon DevOps Guru uses machine learning models informed by years of Amazon.com and AWS operational excellence to improve an application’s performance and availability. ● Learn how to enable DevOps Guru to transform your IT operations ● Learn how to remediate issues quickly by leveraging ML-powered recommendations ● Understand how DevOps Guru correlates related anomalies to reduce alarm noise

Kat Cosgrove is a Developer Advocate at JFrog, and an actual cyborg. Her professional background has run the gamut from bartender, to video store clerk, to teacher, to software developer. She credits this wide-ranging experience for her success as a speaker, developer, and advocate. Her specialty is approachable 101-level content for junior developers or anyone else who considers themselves a newbie, with a particular focus on DevOps. When she's not building demos or at a conference, she spends her time playing video games, watching horror movies, and reading science fiction. She lives in Seattle with her cat, Espresso, who is the real brains behind the operation and actually ghostwriting all of her tweets.

Over the last year and some change, I've given dozens of talks and workshops about DevOps to a variety of experience levels, from high schoolers to grad students to established engineers, all of them using the JFrog Platform. Could I have done this using other tools? Sure, and my students still would have learned something. It wouldn't have been as easy for me or for them, though. Join me for a tour of the JFrog Platform, including Artifactory, Xray, and Pipelines. I'll talk about lessons learned from a year of teaching DevOps, and practices you can put in place yourself to make onboarding less painful for both you and new team members.

Kevin Greggans is a Director in NetApp’s Public Cloud Services group responsible for Cloud ISV & Ecosystem Alliances. He joined the company at the end of 2019 after having managed the Global 360 Alliance of Cisco Systems for HCL. Mr. Greggans has over 25 years of successful sales, account management and business development experience working for companies such as Cisco, Dell, Sun Microsystems and Hitachi. His experience ranges from direct selling, strategic GTM planning, solution selling and partner development.

Join the JFrog & NetApp technical team to learn how you can reduce/eliminate developer community downtime for your JFrog ecosystems and enable true disaster recovery across cloud regions in GCP. With NetApp’s cloud-native data services solution -- Cloud Volume Service(CVS), we will show you how to: 1. Reduce/eliminate outages 2. Protect against regional failures 3. Enable increased capacity & performance on demand 4. Manage NetApp and IaC solutions through Terraform Please join us in this session which will include a step-by-step walk-through demo that can be easily recreated in your own environments without needing to call a storage administrator!

Kiran Kamity has +20 years of deep domain expertise in app security, DevOps, software virtualization, cloud computing, and containerization. He served as the Head of Product for Cisco’s Cloud BU after his startup, ContainerX, was acquired by Cisco, and subsequently evolved into the Cisco Container Platform. Kiran was also Founder/VP at RingCube, where his team created a container runtime for Windows before Docker. After its acquisition by Citrix, Kiran served in leadership roles for Citrix’s XenDesktop business unit. Being a passionate serial Silicon Valley entrepreneur, Kiran is now the Founder and CEO at DeepFactor.io. He graduated with a Masters in Electrical Engineering from Stanford University and a Bachelors of Technology, Materials Science, from Indian Institute of Technology, Madras. He is a TEDx speaker and a passionate advocate for early-in-career entrepreneurship. When he is not working, he is immersed in things involving nature, travel, and food.

You’ve developed a fabulous application in a container/Kubernetes Continuous Integration (CI) pipeline. The application works as it should, and the static scans look secure, but, is it actually operating securely? Are any 3rd party components you’ve integrated doing something they shouldn’t be doing? How do you know? To be confident about the behavior of your app, you need to identify risks in your code, risks in your build artifacts (executables & container images), and risks in your running applications. SAST tools identify risks in your code. And tools like JFrog Xray are great for identifying risks in your container images. When it comes to observing running applications for risks, active inspection of running binaries within a container and utilizing live telemetry is key. Continuous observability enables this by filling the gaps that static code (SAST) and dynamic external inspections (DAST) don’t cover. During this technical session, you’ll see continuous observability in action and the benefits the solution delivers to developers and their teams. Mike Larkin, CTO at DeepFactor, and John Day, Customer Success Engineer at DeepFactor, will discuss a straightforward method to obtain millions of live telemetry events across various layers of application behavior—including system calls, library calls, and network, web, and API layers—in every thread of every process of your container, extracting metric data with minimal overhead. This information can then be processed to detect anomalies and indicate issues that may affect the unknowing behavior of your container be it security, compliance, or operational intention. You’ll leave this session armed with the knowledge to immediately leverage continuous observability to consistently deploy apps with confidence.

Loreli is a 20+ year Silicon Valley veteran, with experience in the enterprise software industry, building large-scale distributed systems and solving problems at scale. She has held different roles from tech lead, development management, architecture to product management. Loreli began her career in programming for startups and enterprise companies. Prior to joining JFrog, Loreli led DevOps for Oracle’s Fusion Middleware division at Oracle, powering an advanced CI/CD pipeline with focus on cloud development. In her spare time, she likes to travel with her hubby and 4 boys. She also loves to bike, run, snowboard and rock climb.

Ask me anything panel with the JFrog Product team. You'll have a unique opportunity to get an exclusive glance into the JFrog roadmap and get the answers about all things JFrog from the real experts.

Maharshi is a Solution Engineer at the DevOps Acceleration Team @JFrog. Maharshi joined JFrog early this year and before that he worked in big Tech companies over 10 years where he developed customer facing applications. He loves hiking and playing sports.

JFrog builds and delivers security products that enable organizations to trust their pipeline from development to deployment and into production. In this basic training session, we’ll see how JFrog Xray can advance your DevSecOps journey, how it integrates with other components within the JFrog Platform to ensure your builds and artifacts are secure, and how to create different policies for different stages within the CI/CD process. We will demonstrate how to use the integration Xray has with different IDEs and CI Servers in order to enforce or enhance “shift left” concepts.

Manisha has over 20 years experience in the software industry, where she held senior roles in engineering and program management. She joined JFrog following their acquisition of Shippable, the CI/CD technology company she co-founded. Manisha holds an MS in Computer Science from the University of Minnesota at Twin Cities and an MBA from UC Berkeley.

JFrog Pipelines is a universal and enterprise-ready automation service for performing the tasks of building, testing, and deploying software as part of a system of continuous integration and continuous delivery (CI/CD). Pipelines allow you easily create smart, event-driven workflows across your tools and teams to help you release applications faster. In this hands-on training, you will learn how to easily automate a DevOps workflow with a simple, declarative YAML-based language, allowing you to seamlessly integrate with all the JFrog products as well as enabling integrations with other DevOps tools/services.

Matt Stratton is a Staff Developer Advocate at Pulumi, founder and co-host of the popular Arrested DevOps podcast, and the global chair of the DevOpsDays set of conferences. Matt has over 20 years of experience in IT operations and is a sought-after speaker internationally, presenting at Agile, DevOps, and cloud engineering focused events worldwide. Demonstrating his keen insight into the changing landscape of technology, he recently changed his license plate from DEVOPS to KUBECTL. He lives in Chicago and has three awesome kids, whom he loves just a little bit more than he loves Diet Coke. Matt is the keeper of the Thought Leaderboard for the DevOps Party Games online game show and you can find him on Twitter at @mattstratton.

Everyone has an opinion about DevOps. The problem is, most people’s opinions are wrong. In this Ignite, I’ll spin through some of the more popular misconceptions about DevOps of the last year or so, and clarify them as only I know how. Will Kubernetes save your soul? Are enterprises too stodgy for DevOps? Is immutable infrastructure even a thing? Can you DevOps without kitten GIFs? I’ll bust myths and take down thought-leaders with my tongue planted firmly in cheek.

Melissa is a long time developer turned international speaker and is currently a Developer Advocate for JFrog, Inc., with a mission to improve the developer experience of DevOps methodologies. Her background and experience as a software engineer spans a slew of languages, technologies, and tools used in the development and operation of enterprise products and services. She is a mom, software engineer, Java Champion, Docker Captain, huge fan of UNconferences, and is always on the lookout for ways to grow and learn. She has a passion for teaching, sharing, and inspiring fellow practitioners and you are more than likely to run into her in the conference circuit.

Are you struggling with how to setup your development and deployment pipelines? Are you following best practices in managing your containerized applications and all of the artifacts that compose your software releases? Join Melissa McKay w/ JFrog and Peter McKee w/ Docker to learn how to manage and secure software releases and build CI/CD pipelines with the JFrog DevOps Platform and Docker. Utilize DevOps best practices to manage your containerized apps through your development, testing, and production environments. Learn how to automate and orchestrate with JFrog Pipelines and Docker Compose and how to distribute immutable releases across the globe from code to edge. During this session, Melissa and Peter will demonstrate DevOps methods and tools that will ease your software’s traversal through your entire development lifecycle and highlight solutions for common pain points.

Mike Larkin has more than 40 years of software development experience and holds 16 software patents covering container technologies, virtualization, security, and operating systems. He has been a software engineer and architect at IBM, Citrix, VMware, and numerous startups in the security and systems space. Mike co-founded RingCube (acquired by Citrix), is the father of the OpenBSD hypervisor, and has been teaching virtualization, operating systems, and security in the software engineering master's degree program at San Jose State University for the past 20 years. Mike holds a BS Computer Science degree from California State Polytechnic University and an MS degree in Engineering from San Jose State University. Fun facts about Mike: holds a private pilot license and in his spare time enjoys flying, mountaineering, and the outdoors.

You’ve developed a fabulous application in a container/Kubernetes Continuous Integration (CI) pipeline. The application works as it should, and the static scans look secure, but, is it actually operating securely? Are any 3rd party components you’ve integrated doing something they shouldn’t be doing? How do you know? To be confident about the behavior of your app, you need to identify risks in your code, risks in your build artifacts (executables & container images), and risks in your running applications. SAST tools identify risks in your code. And tools like JFrog Xray are great for identifying risks in your container images. When it comes to observing running applications for risks, active inspection of running binaries within a container and utilizing live telemetry is key. Continuous observability enables this by filling the gaps that static code (SAST) and dynamic external inspections (DAST) don’t cover. During this technical session, you’ll see continuous observability in action and the benefits the solution delivers to developers and their teams. Mike Larkin, CTO at DeepFactor, and John Day, Customer Success Engineer at DeepFactor, will discuss a straightforward method to obtain millions of live telemetry events across various layers of application behavior—including system calls, library calls, and network, web, and API layers—in every thread of every process of your container, extracting metric data with minimal overhead. This information can then be processed to detect anomalies and indicate issues that may affect the unknowing behavior of your container be it security, compliance, or operational intention. You’ll leave this session armed with the knowledge to immediately leverage continuous observability to consistently deploy apps with confidence.

Muhammed is a Support Engineer @JFrog, he works along with large enterprise customers supporting them when needed.

Software development pipelines need to adhere to the highest security standards. Because JFrog Artifactory is in the center of the development pipeline, it has to allow fine-grained, strong security. In this course, you will learn about the strong security foundations in JFrog Artifactory and JFrog Access, how identity management works and is configured, auditing, and distributed identity management with multiple Artifactory instances. You will learn about the levels of security built into Artifactory and how to leverage them for your setup, as well as extend them with user plugins to provide a custom ACL and permission model. We will get hands-on experience with access tokens, establishing the circle of trust on federated instances and clusters, etc.

Muktesh is currently working as a Senior Software Engineer for Adobe. He is an open-source contributor to 20+ projects and enjoys programming in polyglot. Primarily he is more interested and contributes to Microservices, Cloud, Containerization, Architectures and distributed systems, however lately his focus shifted on a lot of automation and machine learning as well. In his free time, he likes photography, solving coding challenges, learning from online resources and cooking. He is a conference junkie (attended multiple conferences) and spoken in various conferences as well (Java One, GDG Conf, InMemory Summit, API Strategy Conference, Docker Con to name a few). He is heavily involved in the development and teaching people in various communities (Apache Groups, OpenSource Forums, Docker Mentoring and Java User groups). He has started Sunnyvale Java User group and NorCal Java User group. In his own words,” I am a distinguished engineer, with ::: willingness to learn and curious to know::: attitude. I can code, cook, cheer and care. In short, “nothing special but passionately curious” is my jam”.

You invest your time and effort breaking up that monolithic Frankenstein into a suite of elegant composable micro-services, containerize them and deploy them somewhere in the cloud in the form of distributed resources. Then you proudly watch it all come together reaping the benefits of the most scalable architectures. It is all fine and dandy from this point on. Too good to be true? Of course! This session is about what to do when you wake up to find yourself in the middle diagnosing that first bug or application failure through the convoluted web of distributed systems of your own doing. Through a series of code snippets, we will introduce the most important open-source projects tools to strike the right balance of tooling and best practices to handle failures gracefully and detect them quickly in the world of distributed systems.

Nathaniel T. Schutta is a software architect focused on cloud computing and building usable applications. A proponent of polyglot programming, Nate has written multiple books and appeared in various videos. Nate is a seasoned speaker regularly presenting at conferences worldwide, No Fluff Just Stuff symposia, meetups, universities, and user groups. In addition to his day job, Nate is an adjunct professor at the University of Minnesota where he teaches students to embrace (and evaluate) technical change. Driven to rid the world of bad presentations, Nate coauthored the book Presentation Patterns with Neal Ford and Matthew McCullough. Nate recently published Thinking Architecturally available as a free download from Pivotal.

It seems like a new cloud-native technology or project is launched every week, and though there are technical changes required for building and operating cloud-native applications, technology alone isn’t a silver bullet. It turns out that how you build your applications is critical to enable seamless scaling and resiliency to failures. What do you have to do to ensure your applications can fully leverage the power and flexibility the cloud offers? The 12-Factor principles have been around for a decade and have proven themselves as core, foundational principles for cloud-native applications. But they require changes to how you design your applications, the way teams collaborate on code, and more. Understanding the 12-Factor principles is a strong foundation for adopting cloud-native patterns and practices. Starting with an architectural kata, Nate and Jakub will event storm a possible solution stopping along the way to identify key quality attributes, fitness functions and architectural patterns required to deliver a solution. Distributed architectures have similar problems and rather than “roll our own solutions” we will leverage Spring Cloud to solve common challenges while lessening technical complexity.

Naveen is a Sr.Strategic Solutions Engineer @Jfrog. He is a full stack Developer/Architect delivering software since 2007. He has MS in computer science from SIUE. Before JFrog, Naveen worked at Pivotal/VMware where he helped tens of customers through out the states with their modernisation/digital transformation journey. He loves spending time with his family especially his dog and learning.

In this training session, we’ll focus on a variety of software distribution patterns. Whether you need to distribute releases to your production data centers or to your customers, many challenges have to be addressed such as dealing with regulated or degraded networks, achieving full end-to-end traceability over what was deployed and where, as well as managing entitlements. Course attendees will gain experience on orchestrating a secure and efficient distribution workflow using JFrog Distribution and Artifactory Edge Nodes.

15 years of programming experience. These days focusing on go, java and javascript

You may hear the idea of liquid software and as DevOps / Developers we would like to configure/develop everything super quickly. So, when something like a “simple” process of DB Sync comes up, we have to think outside the box and find interesting solutions to reduce the time it takes from 16 hours into 2 hours.

Prior to founding Datadog, Olivier Pomel built data systems for K-12 teachers as a VP, Technology for Wireless Generation, where he grew the development team from a handful of people to close to 100 of the best engineers in New York until the company’s acquisition by News Corp. Before Wireless Generation, Olivier held software engineering positions at IBM Research and several internet startups. Olivier is an original author of the VLC media player and holds a MS, CS from the Ecole Centrale Paris.

2020 greatly accelerated the pace of digital transformation and adoption of DevOps and cloud-native technologies. This movement is continuously enabled by a leftwards shift of data, allowing monitoring of binaries, security and operational tasks across end-to-end delivery pipelines. Hear from the CEOs of the world’s leading DevOps companies on how these trends are democratizing IT and preparing our industry for future transformation.

Oren Ezer is a Solution Architect @JFrog. As such, he likes to help customers in their DevOps journey towards the vision of Liquid Software, by giving them the relevant knowledge or training and help them implement enterprise scale DevOps solutions. Oren brings with him over 30 years of experience in building software architectures for enterprises in different areas and managing various development groups. In his free time he loves to spend time cooking or baking as well as skiing and diving.

In this training session, we’ll focus on a variety of software distribution patterns. Whether you need to distribute releases to your production data centers or to your customers, many challenges have to be addressed such as dealing with regulated or degraded networks, achieving full end-to-end traceability over what was deployed and where, as well as managing entitlements. Course attendees will gain experience on orchestrating a secure and efficient distribution workflow using JFrog Distribution and Artifactory Edge Nodes.

Ori Yitzhaki is our Director of Product Management at JFrog. Ori has had in the last 13 year the fortune to experience product management and technology in different fields such as Healthcare (McKesson), Security (Imperva), Storage Data Protection (EMC) and now DevOps, all of them are very innovative with an impressive footprint in the tech’ industry.

Ask me anything panel with the JFrog Product team. You'll have a unique opportunity to get an exclusive glance into the JFrog roadmap and get the answers about all things JFrog from the real experts.

Paul Stack is an infrastructure coder and has spoken at various events throughout the world about his passion for continuous integration, continuous delivery and good operational procedures and why they should be part of what developers and system administrators do on a day to day basis. He believes that reliably delivering software is more important as its development. Paul’s passions are the DevOps and Continuous Delivery movements and how they help the entire business and its customers.

DevOps has changed how teams work together to ensure value is delivered faster. As teams become more mature, infrastructure and security practices are embedded into the delivery of these systems. In this talk, Paul will talk about the Cloud Engineering team and how application delivery is driven by infrastructure as software. The practice of infrastructure as software allows infrastructure testing and compliance to be driven as CI / CD pipelines to ensure that not only can we deliver customer value faster but in a more reliable manner.

Peter Bosch is a distinguished engineer at Cisco. In this position, Peter is the CTO for the application security venture. He and his team are responsible for the architecture, prototyping and building out of application security for cloud-native deployments. Prior to application security, Peter and team also built prototypes for Mobile SDWAN (= SASE), virtualized professional media systems, and virtualized mobile packet-core solutions. Peter has worked for more than 30 years with (distributed) operating systems, media, mobility and networked systems. Peter has published many peer-reviewed papers, patents and other types of publications that can be found on the Web.

We present an overview of API security aspects, and most notably, the consumption of API services in cloud native applications and show how we can manage the risks that stem from the use of API services. We present the problem statement, how we address and finish with a quick demonstration of a system that manages those risks.

Peter Maddison has been in the business of building high-performance teams and automating everything worth automating for the past couple of decades. Presently, Peter spends his time helping organizations accelerate their delivery practices as an expert coach and consultant and is equally comfortable talking about business strategy as he is talking about IT. As a part of Xodiac, Peter is on a mission to help make every team thrive.

Although DevOps practices deliver incredible benefits to organizations looking to improve their software delivery practices, the larger positive impact of DevOps to delivering value is often harder to realize. A set of practices we’ve found to help organizations is something we call the 4 Maps of DevOps. Fitting nicely in between the 3 ways and 5 ideals, the 4 maps consist of Outcome Mapping, Value Stream Mapping, Dependency Mapping and Capability Mapping. They help you create a powerful roadmap that is outcomes-focused and targeted at the most important problems. Through this talk, I’ll walk through the benefits these maps produce, how they relate to one another and the problems you can target with them. I’ll go through some real-life examples of using these maps to help organizations. This talk is for anybody who is struggling to work out where to start or where to go next with their adoption of DevOps.

Peter McKee is the Head of Developer Relations and Advocacy at Docker and maintainer of the open source project Ronin.js. Originally from Pittsburgh, PA but currently residing in Austin, TX, Peter built his career developing full-stack applications for over 25 years. He has held multiple roles but enjoys teaching and mentoring the most. When he’s not slapping away at the keyboard, you can find him practicing Spanish and hanging out with his wife and seven children.

Are you struggling with how to setup your development and deployment pipelines? Are you following best practices in managing your containerized applications and all of the artifacts that compose your software releases? Join Melissa McKay w/ JFrog and Peter McKee w/ Docker to learn how to manage and secure software releases and build CI/CD pipelines with the JFrog DevOps Platform and Docker. Utilize DevOps best practices to manage your containerized apps through your development, testing, and production environments. Learn how to automate and orchestrate with JFrog Pipelines and Docker Compose and how to distribute immutable releases across the globe from code to edge. During this session, Melissa and Peter will demonstrate DevOps methods and tools that will ease your software’s traversal through your entire development lifecycle and highlight solutions for common pain points.

Senior Engineering Director at Google, working on Serverless

Serverless has been in the market for more than 10 years but is still evolving rapidly. In the Serverless market, we have seen how the roles of App Developers and Operators have merged. In this session, you will learn how the world of DevOps and Serverless is changing and how companies are reinventing themselves by empowering their developers to adopt Serverless and DevOps best practices.

Phillip Lamb is the DevOps Solution Architect for Red Hat’s Global Partners ISV team. He has more than 15 years of development experience, and led a GitOps-based digital transformation effort with the State of North Carolina’s Department of Information Technology prior to joining Red Hat. He is currently based out of the Dallas, Texas area, after moving from France with his wife and five children. In his spare time, he is an avid outdoorsman but also enjoys playing Minecraft with his kids and building weird things on the Raspberry Pi platform.

In this session, Jeff Fry of JFrog and Phillip Lamb of Red Hat will demonstrate the ease of supporting DevOps with a fully-fledged pipeline in a cloud. From source control, CI server, artifact repository, security vulnerability, license compliance scanner, Docker registry, Helm repository… all the way to runtime, and OpenShift, tracing, and monitoring tools. We mean EVERYTHING! We’ll use K.I.S.S. principles (keep it simple) applied to a bunch of SaaS tools to show how quickly you can pull it all together.

Quintessence meandered into developer relations after a long tenure in IT and operations roles. After running AWS bills up and then bringing them back down again, she brought her "lessons learned" to PagerDuty, where she is a Developer Advocate. Outside of work, she co-founded Inclusive Tech Buffalo and mentors underrepresented groups to help them launch sustainable careers in technology.

Let’s talk about security in an organization. Most commonly, security sits at or after the last phase of the software development life cycle (SDLC) and can make or break the decision to release into production. Unfortunately, waiting on such decisive feedback until after something has been built frequently results in needing to make changes after it’s been marked as ‘complete’, which is costly and inefficient. Instead, let’s learn from how we created shorter development cycles - instead of making Big Decisions at the very end, make smaller, iterative decisions throughout the entire journey that are easier to implement or reverse. One way to do that is by implementing DevSecOps, which adjusts the workflows of development, operations, and security so that security decisions are made on smaller scales at every phase of the SDLC. As with development and operations, even with preparation there can still be incidents - in this case, security incidents - so I’ll also be reviewing our 14 Step Secure Incident Response process, including the what and why of each step.

Robert Wen is a lead build and release engineer at Salesforce. His team is responsible for CI/CD and developer productivity for Einstein Platform. Prior to Salesforce, Robert has contributed to build automation and release management for Oracle, Google, Sony and Splunk.

This session will address how to migrate artifacts from one Artifactory server to another while keeping production CI/CD pipelines operating smoothly with minimal interruption. Topics include motivation for the migration, changes required for both CI systems and how to coordinate changes on user side.

Roy Ben Shoushan is a Solution Engineer @JFrog. He's eager to help customers in their journey to achieve liquid software, and support their technical goals. In addition, he is looking to learn more and more about customer use cases. Roy has a software engineering background, having been an Android and backend developer in the past. When he's not in front of the computer, he'll probably be in the kitchen, either cooking or baking. Screen reader support enabled.

In this hands-on training, you’ll learn the basics of JFrog Artifactory. The full-day training will teach you how to configure repositories and how to automate pipelines with included REST API, CLI and AQL tools. The training will also include best practices and use cases with build tools and CI servers most commonly used with JFrog Artifactory.

Sasha is a Sr. Manager on the Managed OpenShift Black Belt (MOBB) team at Red Hat, where she is helping enterprise customers successfully migrate to managed OpenShift on customers’ favorite public cloud. In her career, Sasha has worked in development, operations, consulting, and cloud architecture. Sasha is an organizer of DevOpsDays Chicago, a chair of DeliveryConf, and a published author.

Have you ever procrastinated doing research about that new security feature in Kubernetes, beating yourself up for being lazy the entire time? Have you ever delayed opening a PR, fearing that your code wasn’t good enough to pass the code review? Have you ever said “I’m just not good at… math / coding / public speaking / networking…” and given up on a goal? If so, this talk is for you. We will discuss what a “growth mindset” is and how it could turn around a huge 45-year-old enterprise like Microsoft. We will walk through the steps and pitfalls of the journey from a lifetime of “fixed mindset” to “growth mindset” based on my personal experience, and the experience of the entire organization, and what steps you could take to get there.

Seetharam Param, CEO of ReleaseIQ, was driven to co-found the company by the passion for improving release velocity, efficiency and quality, that he developed over his extensive experience leading DevOps, SRE, and Engineering Productivity teams across multiple on-prem and SaaS products, in both large enterprise and startup environments.

The line between CI and CD is blurring, and developers are looking to get end-to-end visibility from commit to production. This can be achieved by using best-of-breed DevOps tools OR reliance on a single vendor. If you already have significant time and resource investments in using your current toolchains, it can be excruciating to rip and replace everything, sacrificing best-of-breed tools to go with a single vendor. ReleaseIQ offers a Unified DevOps Platform as a Service which radically simplifies and provides a true end-to-end DevOps pipeline by integrating with the best-of-breed tools. This session will cover how ReleaseIQ Platform integrates with JFrog Artifactory, X-ray, and Pipelines to accelerate software releases and increase team productivity.

Shane Fry leads the development team at RunSafe. He has over a decade of experience in cybersecurity, on both the offensive and defensive sides of the house. Shane spent the majority of his career performing vulnerability assessments on a variety of software platforms, including Unix/Linux-based operating systems, Mac OS X, Android and iOS devices, internet browsers, and cloud computing platforms.

In this session, RunSafe Security highlights how it uses Docker Hub and JFrog Artifactory together to build and manage over 15 open source packages for distribution so that its customers enjoy security protections without slowing down developers. The presentation demonstrates the Docker Hub - Artifactory combination when managing these products while unifying an approach for security. It includes examples of how multinational IT infrastructure teams are deploying these secure containers with ease. RunSafe also shares how other DevOps teams can incorporate security protections into their CI/CD pipelines, protecting their own code when using Docker Hub, hardening 3rd party binaries via Artifactory, and ultimately enabling continuous delivery of secure cloud workloads. This process mitigates zero-day attacks, strengthening your software supply chain and protecting your customers. Joining RunSafe in this presentation will be a global managed service provider or a multinational consulting firm.

Shankar Hariharan is a Senior Product Manager at JFrog, creators of the end to end universal Devops platform. Shankar has spent over 16 years in various product management and engineering roles, and is passionate about building products and services to help enterprises accelerate their digital transformation initiatives, particularly around Devops and Observability. His current focus is to identify new growth areas and product opportunities with cloud partners using the JFrog Platform.

Join the JFrog & NetApp technical team to learn how you can reduce/eliminate developer community downtime for your JFrog ecosystems and enable true disaster recovery across cloud regions in GCP. With NetApp’s cloud-native data services solution -- Cloud Volume Service(CVS), we will show you how to: 1. Reduce/eliminate outages 2. Protect against regional failures 3. Enable increased capacity & performance on demand 4. Manage NetApp and IaC solutions through Terraform Please join us in this session which will include a step-by-step walk-through demo that can be easily recreated in your own environments without needing to call a storage administrator!

Shay Banon is the CEO, founder of Elastic, and creator of Elasticsearch, the open source, distributed, RESTful search and analytics engine. Before creating Elasticsearch, Shay spent more than a decade building complex distributed systems and open source search solutions.

2020 greatly accelerated the pace of digital transformation and adoption of DevOps and cloud-native technologies. This movement is continuously enabled by a leftwards shift of data, allowing monitoring of binaries, security and operational tasks across end-to-end delivery pipelines. Hear from the CEOs of the world’s leading DevOps companies on how these trends are democratizing IT and preparing our industry for future transformation.

Shimi Bandiel a DevOps Consultant @JFrog. Before JFrog, Shimi has been the CTO of Trainologic, a training and consulting company at which he has been doing DevOps, Machine Learning, Blockchain, Java and Performance consulting for the past decade. Shimi is passionate about CD pipelines, and container orchestration.

In this hands-on training class, students will gain basic familiarity with fundamental concepts of JFrog Pipelines, and directly compare and contrast JFrog Pipelines with existing Jenkins Pipeline CI/CD solutions. Students will learn how to utilize current Jenkins investments within the JFrog Pipelines framework, how to extend Jenkins functionality within the JFrog Platform and how new or existing projects may utilize JFrog Pipelines to deliver a cloud native CI/CD experience to deliver hybrid DevOps automation.

Shlomi is the Co-Founder and CEO of JFrog, creators of the universal DevOps platform. He brings over 20 years of experience in building profitable, high-growth information technology companies. Prior to JFrog, Shlomi was the CEO of AlphaCSP (acquired in 2005 by MalamTeam) and a Major in the Israeli Air Force. Shlomi holds an MS from Clark University (Massachusetts, USA) and a BA from Ben-Gurion University (Israel).

Welcome to swampUP 2021! A year ago, we said that in 2020, every company would be a DevOps company. We couldn’t have imagined the news stories 2020 would bring, both globally and in our industry, with DevOps now affecting all business stakeholders. While the worldwide pandemic has shaped the immediate future of DevOps and digital transformation, we move ever-closer to a post-pandemic world, where the foundations laid today will have ripple effects across the marketplace. Join Shlomi Ben Haim, CEO of JFrog, as he kicks off swampUP with some unexpected headlines, taken directly (probably) from the pages of 2025’s news cycle.

Siva Singaravelan is a Solution Engineer @JFrog. He is a polyglot coder with expertise in Java, Python and Javascript with over 17 years experience in the IT industry. Before JFrog, he was a solution architect, helping customers on their digital transformation journey. Siva is passionate about automatic deployment of microservices using CI/CD tools, and scaling of services when needed with a strong emphasis on data security and compliance. He loves playing soccer and cricket.

In this hands-on training, you’ll learn the basics of JFrog Artifactory. The full-day training will teach you how to configure repositories and how to automate pipelines with included REST API, CLI and AQL tools. The training will also include best practices and use cases with build tools and CI servers most commonly used with JFrog Artifactory.

Speaker to be announced

Closing Remarks & Carl Quinn Speaker Award Announcement

Stephen Chin is VP of Developer Relations at JFrog, chair of the CDF governing board, member of the CNCF governing board, and author of the upcoming DevOps Tools for Java Developers title from O'Reilly. He has keynoted numerous conferences and is an avid motorcyclist with tours across Europe, Japan, and Brazil, interviewing hackers in their natural habitat. When he is not traveling (and who is these days?), he enjoys teaching kids how to do embedded and robot programming together with his teenage daughter.

Managing all the tools needed to deploy, observe, and support a modern DevOps pipeline can be challenging with information siloed across different organizations. Learn how to integrate best-in-class DevOps tools so that your developers and ops are seeing one unified view of production that is powered by JFrog and a huge ecosystem of partners.

Stephen Chin is Head of Developer Relations at JFrog, member of the CNCF governing board, and author of The Definitive Guide to Modern Client Development, Raspberry Pi with Java, Pro JavaFX Platform, and the upcoming DevOps Tools for Java Developers title from O’Reilly. He has keynoted numerous conferences around the world including Devoxx, JNation, JavaOne, Joker, and Open Source India. Stephen is an avid motorcyclist who has done evangelism tours in Europe, Japan, and Brazil, interviewing hackers in their natural habitat. When he is not traveling, he enjoys teaching kids how to do embedded and robot programming together with his teenage daughter.

Chief Architect @ Harbormaster, Java Developer's Journal former contributor, home school dad, Biblical Hebrew language student, avid muscle-car builder,

We all love the time and effort savings DevOps automation brings. However, there is still a fair amount of manual lifting required to get a project and toolchain wired up and fully operational. KnowOps is a platform to automate the work required to enjoy the full benefits of DevOps automation.

Suzie Prince is Head of Product, DevOps at Atlassian where she leads high-performing teams building products that power the world’s software development teams. Suzie is passionate about creating software that balances user, customer and business needs. Suzie is an experienced product management leader with 15 years experience building agile and DevOps tools. Suzie is excited by the power DevOps brings to businesses and loves empowering teams to deliver value quickly, frequently and sanely.

Managing all the tools needed to deploy, observe, and support a modern DevOps pipeline can be challenging with information siloed across different organizations. Learn how to integrate best-in-class DevOps tools so that your developers and ops are seeing one unified view of production that is powered by JFrog and a huge ecosystem of partners.

Sven Ruppert has been coding Java since 1996 in industrial projects, is working as Developer Advocate for JFrog and Groundbreaker Ambassador (former Oracle Developer Champion). He is regularly speaking at Conferences worldwide and contributes to IT periodicals, as well as tech portals. He was working over 15 years as a consultant worldwide in industries like Automotive, Space, Insurance, Banking, UN and WorldBank. Additional to his main topic DevSecOps he is working on Mutation Testing of Web apps and Distributed UnitTesting besides his evergreen topics Core Java and Kotlin.

I always like to be out in the forest, enjoy the quiet, and pursue my thoughts undisturbed. And recently, a question occurred to me that I get asked again and again at conferences, meetups or workshops: The question is almost always: What are the quick wins or low hanging fruits if you want to deal more with the topic of security in software development? And I want to answer this question right now!

Tal Etinger is a senior Solution Engineer @ JFrog. He's passionate about helping customers in their journey to liquid software, and DevOps in general. Tal has more than decade's worth of experience in the software industry both as an engineer and as an enterprise architect. Prior to JFrog, Tal was a consultant that specialized in Enterprise Architecture, DevOps and Cloud-Native solutions. In his free time he loves traveling and spending time with his son.

In this hands-on training, we’ll review the architecture of Artifactory and all of its microservices, the responsibilities that each microservice has and how to monitor and troubleshoot them individually or working together. We'll learn about the monitoring and data collection points using the built-in capabilities as well 3rd party integrations. Also, we’ll look at common issues and the best way of troubleshooting them together with some recommended best practices for optimizations & alerts.

Tal Yitzhak is currently a Solution Engineer at the DevOps Acceleration Team @JFrog. He started his career working as a Software Engineer at a fin-tech company that develops and sells financial, accounting, and tax preparation software. Tal has worked on different DevOps related projects aside his day-to-day routine, and was responsible to migrate a legacy CI/CD process and write it from scratch while the company moved from using Sonatype Nexus to JFrog Artifactory. Tal's passion is learning and improving development teams challenges. Over the last year, Tal joined JFrog to bring his experience to other customers in their DevOps Journey while using The Liquid Software Company - JFrog's products and making the vision of liquid software - come true.

In this training session, you’ll learn best-practices when using the JFrog Platform to store and manage your Docker images and Kubernetes deployments from beginning to end, while also setting up a continuous build, test and deploy pipeline. We’ll cover best practices for managing and creating Docker registries and Helm repositories, testing and promotion of Docker containers, and taking your containers all the way to production using the JFrog Platform and Kubernetes together. While the use cases discussed will cover and utilize the entire JFrog Platform, the majority of the hands-on training will focus on JFrog Artifactory and CI tools working together.

DRAFT : Mr. Smith has over 30 years experience working with computers running operations in a wide variety of organizations. photo tbd

Every important project requires "Documentation," but when the time comes to utilize that documentation, do you find yourself copying and pasting code from a website? Join us in counting keystrokes, learning about special characters, and pointing out the numerous opportunities for error in this approach, and find out a few simple strategies to avoid common mistakes and accelerate your DevOps journey.

Tim Hinrichs is a co-founder of the Open Policy Agent project and CTO of Styra. Before that he co-founded the OpenStack Congress project and was a software engineer at VMware. Tim spent the last 18 years developing declarative languages for different domains such as cloud-computing, software-defined networking, configuration management, web security, and access-control. He received his PhD in Computer Science from Stanford University in 2008.

How do you control authorization (who/what can do what) across your cloud-native application stack? Does your company rely on tribal knowledge, spreadsheets, and wikis to enforce important policies at the host, platform, service, and app entitlements level, or are you hard-coding rules into each segment of your stack? The Open Policy Agent (OPA) project, created by Styra and owned by the Cloud Native Computing Foundation, can simplify and accelerate application development by decoupling policy decisions from enforcement. As a result, get more control and visibility over who can do what and eliminate the need for multiple rulesets and bespoke policy implementations. Organizations like Netflix, Goldman Sachs, Pinterest, and Atlassian deploy OPA to enable distributed policy enforcement across a range of languages, execution environments, and protocols. This talk will highlight proven use cases for OPA authorization that leverage extensibility and decoupling so you can enforce policies that: (i) restrict API access during blackout periods (ii) grant SSH and Sudo access to on-call engineers (iii) require test certification for workloads deployed to production environments. This presentation is a combination of an interactive lecture and a hands-on lab. It is aimed at engineers building (or with an interest in building) authorization platforms in their organizations. Attendees can expect to walk away with fresh ideas from OPA creators about how to enforce complex policies at scale without introducing significant latency or impacting availability, along with awareness of additional training materials from Styra and the OPA community.

Tracy is co-founder and CEO of DeployHub. DeployHub is the first microservice management platform designed to facilitate the sharing, relationship mapping and deployments of microservices. Tracy is expert in configuration management and pipeline life cycle practices with a hyper focus on microservices and cloud native architecture. She currently serves as a board member of the Continuous Delivery Foundation (CDF) where she is the elected General Member Representative. Tracy is a recognized evangelist in microservices and the continuous delivery pipeline. She is the creator of the Continuous Delivery Foundation Interactive Landscape, a blog contributor for the CDF and speaks at many DevOps events such as CNCF’s KubeCon and CloudBees DevOpsWorld. Tracy is also a DevOps Institute Ambassador and speaks at AWS Marketplace webinar educational events. She is also the leader of the New Mexcio CI/CD Foundation Meetups. Prior to DeployHub, Tracy was the COO and co-founder of OpenMake Software, a build acceleration and management tool that is the heart of development for over 400 enterprise development teams. She served on the Eclipse Foundation Board as a founding member from 2004 -2007.

Business agility achieved through fault tolerance and auto-scaling is the promise of a modern Kubernetes architecture. And a service-oriented approach is at the center of that promise. Microservices have the potential to revolutionize the way we develop software, but we must manage their use to control their sprawl. This is the focus of Ortelius, a new CDF incubating project that puts organization and control into the use of microservices. Ortelius delivers a centralized catalog of microservice configuration management metadata that allows you to see microservice owners, usage, relationships and ‘blast radius’ even before you deploy with automated updates via your CD Pipeline.

Valarie Regas is a DevOps fanatic, a Georgia Tech coding bootcamp graduate, and a veteran mommy. She holds a BA in Psychology and currently works as a DevOps Engineer. After years being a stay-at-home mom, she decided to change her life by entering tech, and has learned a lot along the way. In addition to DevOps, she enjoys mixed martial arts fighting, table-top role playing games, public speaking, creating tiny humans, and activism of all sorts.

Does your team have a disaster recovery plan in place? What even is a DR plan?! Bad things happen in this world: tornadoes take down data centers, laptops break, office buildings get damaged. Join me for a practical guide to anticipating and mitigating disaster. Your boss will thank you!

Viktor Farcic is a Developer Advocate at Shipa, a member of the Google Developer Experts and Docker Captains groups, and a published author. His big passions are DevOps, Containers, Kubernetes, Microservices, Continuous Integration, Delivery and Deployment (CI/CD) and Test-Driven Development (TDD). He often speaks at community gatherings and conferences. He published The DevOps Toolkit Series (https://www.devopstoolkitseries.com/), DevOps Paradox (https://amzn.to/2myrYYA) and Test-Driven Java Development (http://www.amazon.com/Test-Driven-Java-Development-Viktor-Farcic-ebook/dp/B00YSIM3SC), as well as courses in Udemy (https://www.udemy.com/user/viktor-farcic/). His random thoughts and tutorials can be found in his blog TechnologyConversations.com. He is a co-host of DevOps Paradox (https://www.devopsparadox.com/) podcast.

DevOps teams can easily (and safely) deploy their applications to the Kubernetes clusters of their choice using JFrog and Shipa. The Shipa application management framework for Kubernetes enables simple application deployment and management, directly from JFrog Artifactory and Pipelines. DevOps practitioners attending this session will learn: How to leverage the end-to-end automation and management that JFrog offers in combination with Shipa’s capabilities for deploying applications to Kubernetes clusters. Through a step-by-step demonstration, attendees will become familiar with using the Shipa Dashboard and CLI to introduce a new application. Attendees will learn how to apply a Docker container application image - hosted in the JFrog Docker Registry or JFrog Artifactory -- and complete the application’s deployment directly from JFrog Pipeline to Shipa. Finally, attendees will learn the benefits of scanning application images with JFrog Xray and deploying them safely to a chosen Kubernetes cluster using Shipa. Speakers: Bruno Andrade - CEO and Founder of Shipa Melissa McKay, Developer Advocate, JFrog

Viktor Gamov is a Developer Advocate at Confluent, the company that makes an event streaming platform based on Apache Kafka. Back in his consultancy days, Viktor developed comprehensive expertise in building enterprise application architectures using open source technologies.  He enjoys helping architects and developers to design and develop low latency, scalable and highly available distributed systems. He is a professional conference speaker on distributed systems, streaming data, JVM and DevOps topics, and is regular on events including JavaOne, Devoxx, OSCON, QCon, and others.  He co-authored O’Reilly’s «Enterprise Web Development.» He blogs at http://gamov.io and co-hosts DevRelRad.io. Follow Viktor on Twitter @gamussa, where he posts there about gym life, food, open source, and, of course, Kafka and Confluent!

Getting data between systems, particularly at scale, is a common challenge faced by data engineers. Pipelines need to be reliable, flexible, and scalable, and without requiring us to write the same boilerplate code each time. Kafka Connect is a framework that provides scalable & fault-tolerant integration between Apache Kafka and other systems. It can be deployed on containers making it easy to scale for increased capacity, throughput, and resilience. We will give a short intro to Kafka Connect and container technologies before proceeding to a deep dive into practical applications. Attendees will learn about: • Real-world Kafka Connect pipelines. • How to build custom connector container images using JFrog Pipelines and JFrog Artifactory. • Configuration, and orchestration of Kafka Connect pipelines with Kubernetes using GitOps.

Wayne Chatelain is a Senior Manager of Software Engineering at Capital One that leads a small DevOps team responsible for delivering and operationally supporting Artifactory and the ecosystem surrounding the product.

The National Institute of Standards and Technology (NIST) in the US publishes guidelines for maintaining application security and countermeasures for managing major risks. With binary repositories and container registries being a key component in the software delivery lifecycle for enterprises, Artifactory plays a central role for security and risk management. We will explore some of the NIST recommendations and examine how Artifactory can be aligned with the NIST guidelines.

Yann is a Solution Engineer @JFrog who loves learning new things and sharing them. After some years as a developer, he crossed the Fence to join the Ops sphere as a system integration engineer to better understand network, system, integration, monitoring matters. This naturally led him to positions known as "Devops Engineer".

In this hands-on training class, students will gain basic familiarity with fundamental concepts of JFrog Pipelines, and directly compare and contrast JFrog Pipelines with existing Jenkins Pipeline CI/CD solutions. Students will learn how to utilize current Jenkins investments within the JFrog Pipelines framework, how to extend Jenkins functionality within the JFrog Platform and how new or existing projects may utilize JFrog Pipelines to deliver a cloud native CI/CD experience to deliver hybrid DevOps automation.

Yarden Gitta is an Enterprise Solutions Lead @JFrog. He works closely with Enterprise customers and guides them throughout their journey to adopt the JFrog Platform. He has 10+ years of experience as an IT Manager and a Customer Support Engineer. He is passionate about technical challenges and is the go-to person for Kubernetes-based deployments.

In this hands-on training class, we’ll expose you to robust JFrog Artifactory automation capabilities that help you manage an artifact’s lifecycle and release readiness. We’ll discuss best practices for using both the intrinsic and custom metadata available in Artifactory, as well as how to use the latest and greatest combination of JFrog CLI, AQL (Artifactory Query Language), REST APIs and user plugins.

Yoav is a devout engineer, the creator of Artifactory, and a co-founder and Chief Technology Officer of JFrog. With over 20 years of experience as a Software Architect of enterprise applications, he plays a significant role in the evolution of DevOps. In 2006, Yoav created Artifactory as an open-source project paving the way for the software community to a new domain of managing binaries. Prior to JFrog, Yoav created many production solutions as a consultant in the fields of Continuous Integration and Distributed Systems. He is also an accredited speaker and a Java Rockstar.

As the world continues to demand more software, the next generation of applications requires speed, security and efficient software distribution at scale to meet the promises of DevOps. Join JFrog’s CTO Yoav Landman and CPO Dror Bereznitsky as they unveil JFrog’s 2021 roadmap, with a few DevOps industry-changing surprises. Don’t miss this annual landmark session.