Training Day Agenda
The Annual DevOps, DevSecOps, MLOps User Conference
A full day of training, technical sessions, hands-on workshops, and networking focused on DevOps, security, and AI-driven software delivery.
September 8, 2025
Training Day
September 8th
Conference Day 1
September 9th (coming soon)
Conference Day 2
September 10th (coming soon)
1
7:30 AM
Registration
MON 7:30 AM - 8:35 AM
2
8:30 AM
Full Day
Secure & Streamline Your Software Supply Chain with JFrog
Selva Sabapathy
|
Solutions Architect, JFrog
https://sessionize.com/image/145d-400o400o1-EdfZ6wxFK9imFAZuiB8dqQ.jpg
Started as a Software Engineer, Selva spent the past 2 decades in distributed enterprise application and devops architectures. Currently partnering with Enterprise customers in their DevSecOps journey as a trusted advisor.
Eli Kopelevitch
|
Professional Services DevOps architect, JFrog
https://sessionize.com/image/aeb9-400o400o1-QQrD8PCkbmZbf6Bsp3EZMx.jpg
Eli is a DevOps Architect at JFrog, with a strong background in software development, cloud infrastructure, and CI/CD automation. Before joining JFrog, he spent five years as a DevOps consultant and architect at TrickyTech, helping companies optimize their development pipelines and scale their infrastructure.
Beyond his professional work, he is passionate about technology, problem-solving, and staying at the forefront of industry trends. He regularly engages with the DevOps community, attending meetups, exploring new tools, and sharing insights on best practices.
Outside of work, Eli enjoys gaming, snowboarding, and playing basketball. He also loves outdoor adventures with his wife and three kids, often spending weekends camping, traveling, and enjoying sports together.
Ronny Belenitsky
|
Director of Product
https://sessionize.com/image/6962-400o400o1-UkUiUAN9NWS8QakGbXWXsw.jpg
Ronny is a Product Director at JFrog, where he leads strategic initiatives across DevSecOps and SDLC innovation. With a strong background in cloud-native technologies and application lifecycle management, Ronny plays a key role in shaping products that empower enterprise engineering teams to build and release software more quickly and securely.
Prior to JFrog, Ronny was the VP of Product at Titan, where he scaled product organizations, launched market-leading solutions, and drove enterprise adoption globally. He brings over 15 years of experience in building impactful software products, combining technical depth with strategic vision.
MON 8:30 AM - 4:40 PM
Advanced
Effective Release Lifecycle Management is key to ensuring secure, traceable, and efficient software delivery. Join us for this workshop with hand-on practice to learn how JFrog’s platform can help you automate workflows, improve collaboration, and ensure security and compliance throughout your software supply chain.
Key Skills you can Expect to Learn:
• Tracking and managing software artifacts throughout the lifecycle
• Automating release processes with CI/CD pipeline integration
• Implementing immutable releases and ensuring security compliance
• Enhancing team collaboration for smoother software delivery
• Exclusive Preview of JFrog’s upcoming product features
Who Should Attend?
• DevOps & Software Engineers
• Release Managers & QA Professionals
• Security Engineers & CISOs
• Technology Leaders (CTOs, CIOs)
Don’t miss out on transforming your software delivery process.
Sign up today!
3
Full Day
From Code to Runtime: Protecting Your Software Supply Chain
Gowtham Neerukonda
|
Solutions Architect, JFrog
https://sessionize.com/image/c66c-400o400o1-U2G7hKZVNWyy8FbuuzcL8W.png
Gowtham is a Solution Architect with vast experience in system architecture & design, solution brainstorming, and whiteboarding in the areas of DevOps, CI/CD workflows, artifact & SDLC management, cloud migrations, software supply chain management, and DevSecOps best practices.
He has been helping JFrog customers since 2019 with deep-dive evaluations, large-scale multi-region and multi-cloud enterprise deployments, and integrations for enhancing developer experience. He is well-versed in building technical & business champions and turning tactical customers into strategic partners.
Chris Whateley
|
Professional Services DevOps Architect, JFrog
https://sessionize.com/image/f15c-400o400o1-D1NY6i6WzqYGXPrptecJha.jpg
Chris is a DevOps Architect in the JFrog professional services group. With over 20 years of experience in the space, he brings experience from all sides of the DevSecOps practice having come up through the ranks as a developer/architect in a range of industries from software, semiconductor, finance, medical to telco. Chris is passionate about DevSecOps and automation in general, appreciating simple elegant solutions to complex technical problems. In his spare time, travel, food, the outdoors and the ocean compete with family for some cycles.
Sharan Hiremath
|
Sr. Product Manager, JFrog
https://sessionize.com/image/56a7-400o400o1-h2VcjhGWahBkdxdo9pfXJ1.jpg
Sharan Hiremath is a Product Manager for JFrog security solutions, responsible for driving the development and delivery of solutions to secure the software supply chain. With 25+ years experience in the software security market ranging from end-point protection, email and web security, to network and application security, Sharan possesses a macro-level view of the multilayered security approach required by all companies in today's market. He is passionate about bringing products and solutions to market that delight customers, alleviate their pains, and give them peace of mind their business infrastructure is secure.
MON 8:30 AM - 4:40 PM
Intermediate
Managing your software supply chain from code inception to runtime deployment is crucial for security, compliance, and efficiency. This workshop will guide you through best practices to serve as the gatekeeper of your supply chain, embedding security, automating processes, and ensuring compliance throughout the SDLC.
Key Skills Learned:
• Understand the essentials of securing your software supply chain.
• Identify and mitigate common risks and vulnerabilities in the supply chain.
• Integrate security practices throughout your SDLC (e.g., code review, dependency management, artifact scanning).
• Leverage JFrog tools like Xray and JFrog Advanced Security for secure artifact management.
• Automate security and compliance checks, and streamline deployment.
• Implement real-time monitoring and incident response strategies.
Who Should Attend?
• Software Developers and Engineers
• DevOps Professionals
• Security Engineers
• Project Managers & Team Leaders
Take control of your software supply chain - secure, streamline, and safeguard the journey from code to runtime.
4
Morning
JFrog Artifactory Foundations: Optimize & Secure Your Software Pipeline
Oren Katz
|
Director of Professional Services, JFrog
https://sessionize.com/image/eca2-400o400o1-aRYcSabUjehdrQS8PMpXkR.jpg
Oren is an experienced technology leader, currently leading the Americas Professional Services organization at JFrog. With deep expertise in DevOps, software development, and security architecture, he specializes in helping enterprises optimize their software supply chain and achieve seamless digital transformation. Passionate about solving complex challenges, Oren has a strong track record of driving customer success and innovation.
Beyond his professional life, he enjoys snowboarding, traveling, and exploring new experiences around the world
Marco Morales
|
Solutions Engineering, JFrog
https://sessionize.com/image/e420-400o400o1-SsZVmtaigW9DjTSwnG1yUP.jpg
Marco Morales is a Solutions Engineer at JFrog, helping customers achieve better DevSecOps at scale.
Jacob Kelly
|
Sr. Solution Engineer, JFrog
https://sessionize.com/image/4c8f-400o400o1-L2AzfRa9HmopmHRKJabrQr.jpg
Jacob Kelly s a Solutions Engineer at JFrog based in Nashville, TN. He has a Bachlors in Computer Science from ETSU. He is a technical leader who has over 10 years of software development, SRE, and DevOps experience starting with hands-on development to global leadership roles for large Enterprises. At JFrog, he enjoys helping customers with creative and innovative soutions to solve their DevOps-related problems. He spends his spare time with his wife playing card games, and loves Rock Climbing and hiking.
MON 8:30 AM - 12:00 PM
All Levels
Development teams struggle with securing artifacts, automating complex workflows, and maintaining compliance across various stages of the software development lifecycle (SDLC). This workshop addresses those challenges by showing you how to effectively use JFrog tools - Artifactory and Xray - to streamline and secure your SSC, making it easier to automate processes, identify vulnerabilities, and integrate security from start to finish.
Key Skills Learned:
• Use JFrog tools to manage, secure, and automate your software supply chain.
• Set up and manage repositories and automate CI/CD pipelines efficiently.
• Implement security best practices across your software lifecycle.
Who Should Attend?
• DevOps Engineers looking to integrate security into their workflows.
• Security Engineers focused on strengthening their software supply chain.
• Software Engineers interested in automating and securing their delivery pipelines.
Join us to improve your DevSecOps practices and secure your software supply chain from start to finish.
5
Morning
Mastering Scalable Architectures for Global Enterprises with JFrog
Shira Ben-Dor
|
Product Manager, JFrog
https://sessionize.com/image/3bd8-400o400o1-XNsAPCHmE1b1ze6AQFzPLB.jpg
Shira is a senior product manager with JFrog Artifactory. She led the MLOps packages and now is the product manager for the core platform of JFrog Artifactory. Previously, she was a product manager in the DevOps domain at a startup, worked in a security company, and earlier served as an R&D manager. In her free time, Shira enjoys traveling and hiking, and spending time with her family of husband, four boys, a dog, and a lot of cats.
Shubha Gururaja Rao
|
Director of Solutions Engineering, JFrog
https://sessionize.com/image/57db-400o400o1-EdMB6ZxuNFMmHbYyFFakuW.jpg
Shubha is a Director of Solutions Engineering with JFrog. With more than a decade of experience working on different technologies and verticals, she is passionate about helping customers achieve the best. Prior to JFrog, she was a Solutions Architect helping some of the largest customers build their end to end IoT Products.
Having been trained in Indian classical Dance and Music, she loves to teach music to kids in her spare time. On the weekends, she is also a volunteer teacher at an Indian language school.
Eldad Assis
|
Senior DevOps Architect, JFrog
https://sessionize.com/image/0e4c-400o400o1-2a48d35c-9eb5-46e5-be78-a5a88808cb81.jpg
More than 20 years doing software and infrastructure development. CM/ALM/DevOps/PlatformEngineering.
Advocating DevOps, CI/CD and automation everywhere.
Rami Zilberstien
|
Head of Professional Services Architecture, JFrog
https://sessionize.com/image/6137-400o400o1-pSAnE1cwFNmimJufK27p8t.jpg
Rami is currently leading the Professional Services Architects group globally at JFrog, a role he has held for the past two years. Before this, he served as a Solution Engineering Manager at JFrog for four years. With over 20 years of experience in engineering, consulting, training, and enterprise change management, Rami brings a wealth of knowledge and expertise to the tech industry.
An appreciated speaker, Rami is passionate about sharing insights from his extensive career. In his spare time, he enjoys exploring topics such as history, economics, geo-politics, nature, and sports.
MON 8:30 AM - 12:00 PM
Intermediate
As enterprises scale their operations globally, creating architectures that are resilient, available, and adaptable to hybrid and multi-cloud environments becomes critical. This workshop dives into designing scalable, enterprise-level SDLC architectures, leveraging JFrog tools to meet the complex needs of modern digital ecosystems. You’ll gain hands-on experience in addressing performance, redundancy, and global collaboration challenges while ensuring operational efficiency.
Key Skills Learned:
• Articulate the key components and benefits of an enterprise-scale architecture for your organization.
• Implement scalable solutions that enhance reliability and resilience across multi-cloud environments.
• Select and design deployment topologies that meet enterprise-specific requirements.
• Anticipate and address potential operational, security, and compliance challenges.
• Create a blueprint that supports operational continuity and global collaboration.
Who Should Attend:
• DevOps and IT Architects.
• Principal and Senior Engineers.
• Systems Administrators.
• Network Engineers.
• IT Decision-Makers.
Start architecting for the future of enterprise-scale success!
6
Morning
GitHub Actions for JFrog: Streamlining Workflows and Enhancing Security
Maharshi Patel
|
DevOps Acceleration Engineer, JFrog
https://sessionize.com/image/7320-400o400o1-S55Da9dRMfJMTpvVm2jKkP.jpg
Maharshi is an Engineer on the DevOps Acceleration Team at JFrog. Maharshi has around 12+ years of experience working across all the phases of SDLC process building web/mobile, infrastructure services. In his free time, he likes to play sports, hike, and travel.
Suresh Venkatesan
|
Sr. DevOps Professional Services Engineer, JFrog
https://sessionize.com/image/2379-400o400o1-QFCttyFyWfVEytiLk8v1CP.jpg
Suresh Venkatesan is a Sr. DevOps Professional Services Engineer at JFrog with 20+ years of experience in DevSecOps, CI/CD, and cloud automation. He helps Fortune 100 companies streamline software delivery by integrating GitHub Actions and JFrog Artifactory. With expertise in Python, Kubernetes, and AI-driven workflows, Suresh specializes in automating complex processes to boost productivity and code quality. In this session, he explores how GitHub Copilot and JFrog can transform development workflows through smart automation and AI-powered coding. In his spare time, he enjoys traveling with his wife and son, exploring AI topics, working out, and swimming.
Tom Johander
|
Strategic Solutions Architect, JFrog
https://sessionize.com/image/e0ad-400o400o1-Ro3jWwqhu7RA2zQZqLxoxS.jpg
Tom Johander is a Strategic Solutions Architect at JFrog. Always interested in helping organizations design, build and implement a wide range of DevSecOps solutions. Having worn many hats in his 16 year-long technology career, Tom has the breadth of experience to tackle a wide range of challenges, and serve his customers with empathy and professionalism. When not building something fun in his IDE, he enjoys Kitesurfing, cooking and a road-tripping.
MON 8:30 AM - 12:00 PM
Advanced
This workshop provides a comprehensive exploration of integrating the Jfrog Platform with GitHub to optimize your software development lifecycle. Through hands-on exercises, participants will learn how to leverage GitHub Actions to automate workflows and connect them seamlessly with JFrog for efficient artifact management, CI/CD, and security. The session will cover essential practices for secure authentication, build information management, and vulnerability scanning, demonstrating how these integrations streamline development processes and enhance collaboration.
Key Skills Learned:
- OIDC Authentication: understand and implement OpenID Connect (OIDC) for secure authentication between GitHub and JFrog.
- GitHub Actions Automation: learn to automate CI/CD workflows using GitHub Actions and integrate them with the JFrog platform.
- JFrog Advanced Security Integration: discover how to integrate JFrog Advanced Security with GitHub Advanced Security for comprehensive vulnerability scanning and remediation.
- Source Code Scanning: bulk Installation across multiple repositories.
Who Should Attend:
- Software Developers & Engineers
- DevOps Professionals
- Security Engineers
- Team Leaders & Project Managers
Enhance your software development process by integrating JFrog and GitHub to automate workflows, improve security, and streamline artifact management.
7
12:00 PM
Training Day Lunch
MON 12:00 PM - 1:00 PM
8
1:00 PM
Afternoon
Foundations of DevSecOps: Avoiding Software Supply Chain Attacks
Marcelo Litovsky
|
Strategic Solutions Architect, JFrog
https://sessionize.com/image/1b28-400o400o1-W1zeFfMXfnhXs3uaAaFCUb.jpg
An experienced Information Technology professional with a diverse background in Enterprise Architecture, systems/database management, and programming. Extensive experience in multiple industries: financial, entertainment, and Information Technology. Proven success record of improving infrastructure by identifying requirements and solving complex integration problems.
Narasimha Pai
|
Solution Engineer, JFrog
https://sessionize.com/image/a02d-400o400o1-31-27f3-444f-a5b1-720ac962ca60.281c4070-ddaf-403c-9d83-316288d1b1f0.JPG
Narasimha Pai is a Solution Engineer at JFrog, where he collaborates with large strategic enterprises to facilitate faster and more reliable software releases. He helps clients understand the value of JFrog solutions from both technical and business perspectives. As a trusted advisor, Narasimha partners with existing JFrog customers to ensure their satisfaction and optimize product usage and performance by adopting best practices in DevSecOps. Before this, Narasimha was a Product Manager for JFrog Artifactory product.
Narasimha holds a master's degree in IT Management and Consulting and has 15 years of experience in software development and delivery. In his spare time, he enjoys biking with his 4-year-old son and working on home improvement projects.
MON 1:00 PM - 4:40 PM
All Levels
With software supply chain attacks on the rise, security risks have never been more critical. This hands-on workshop focuses on JFrog’s security tools - from shift left to shift right - and how to integrate them into your DevSecOps strategy. We’ll explore how to secure your software supply chain, reduce vulnerabilities, and automate key workflows, ensuring your artifacts and dependencies are safe throughout the development lifecycle.
Key Skills Learned:
• Understand how JFrog tools from Curation to Xray and Advanced security can accelerate your DevSecOps goals.
• Use JFrog security scan capabilities and Developer-Focused Security.
• Gain hands-on experience in configuring repositories, scanning for vulnerabilities, and automating delivery pipelines.
• Implement best practices to secure your software supply chain, reducing the risk of vulnerabilities and improving compliance.
• How to shift security left by embedding security measures early in your SDLC.
Who Should Attend:
• Engineers working across SDLC phases - Development, Automation, DevOps, and SRE.
• Security Engineers focused on securing the software supply chain with the JFrog platform.
Join us to deepen your DevSecOps knowledge and enhance your organization’s security posture with JFrog’s trusted tools.
Sign Up Today!
9
Afternoon
MLOps in Action: From Experimentation to Production
Bill Manning
|
Senior Solution Architect ML, JFrog
https://sessionize.com/image/d5e5-400o400o1-J5h4DoN6vMc6mRYpjipSXJ.jpg
Bill is a Senior Solutions Architect ML with JFrog. He is also a mentor with TechStars (Nike Incubator), Matter, and NestGSV. He has successfully exited 3 companies and took one public in Australia. He also currently helping various startups as an advisor. In his spare time, he likes to travel with his wife and two boys. He also plays guitar, loves gadgets & IOT, lives for the beach, rides skateboards, and is an avid cyclist.
Pavel Klushin
|
Senior Manager, Solution Engineering
https://sessionize.com/image/d89a-400o400o1-7cCD9rHx52pNASrhm67LW8.jpg
Pavel Klushin is an ML expert with over ten years of expertise in cloud engineering. His work focuses on integrating AI with cloud infrastructures, enhancing performance and driving innovation across various industries.
Roshan Kadasani
|
Senior Solutions Engineer, JFrog
https://sessionize.com/image/9e4f-400o400o1-TGJwVTqftAkCMtRcNNTHCZ.jpg
Experienced DevSecOps enthusiast and a strong advocate of cloud-native technologies and robust automation that drive enterprises to deliver highly scalable and resilient solutions at a large scale.
MON 1:00 PM - 4:40 PM
Intermediate
Integrating machine learning with DevOps practices is essential for organizations to stay competitive. This hands-on workshop will introduce you to JFrog ML and its capabilities, empowering data scientists and DevOps teams to seamlessly manage the end-to-end machine learning lifecycle. Learn to securely build, deploy, and maintain machine learning models with JFrog’s powerful platform, while enhancing collaboration between data scientists and DevOps teams.
Key Skills Learned:
• Seamlessly manage the full ML lifecycle, from experimentation to production, on a single platform.
• Track, compare, and version model experiments for optimized decision-making.
• Leverage JFrog Advanced Security features to scan models for vulnerabilities and ensure compliance.
• Automate training, validation, and deployment processes for faster, more reliable ML results.
• Collaborate effectively between data science and DevOps teams to accelerate model development and deployment.
Who Should Attend:
• Data Scientists.
• DevOps Engineers.
• IT Professionals & Project Managers.
Don’t miss the chance to take your machine learning deployments to the next level. JFrog ML can transform your MLOps processes for greater speed, security, and efficiency.
10
Afternoon
Compliant SDLC Without Compromise: Navigating Regulations & Beyond with JFrog
Paul Davis
|
Field CISO, JFrog
https://sessionize.com/image/c0e5-400o400o1-WFGNeCUmnubJt4VBJMkh6r.jpg
Paul Davis is a distinguished IT security leader with over 20 years of experience shaping secure solutions for organizations worldwide. His career highlights include serving as CISO for a Fortune 10 company, CSO for critical infrastructure sectors, Director of Security Operations at a major stock exchange, and head of a global incident response team.
In his role as Field CISO at JFrog, Paul draws on this extensive expertise to help organizations strengthen their software supply chains and implement end-to-end security. His background encompasses systems engineering, program management, software development, and operations. Paul has successfully launched software companies, developed innovative solutions, and delivered transformative services for global enterprises
Krishna Manchikalapudi
|
DevOps Architect, JFrog
https://sessionize.com/image/f8d0-400o400o1-p8anvmSQVAnwnU7BviNVfG.jpg
With over a decade of experience in Cloud SaaS, customer success, professional services, and corporate development, I have honed my expertise as a Principal Architect, driving enterprises towards adopting innovative software development practices through SaaS products. My work spans across various domains including MLOps, DevSecOps, DevOps, and API & Microservices, with a strong emphasis on leveraging machine learning, data, and application development to create substantial business value. My career highlights include leading the development of complex, scalable, and high-performing systems, ensuring secure and high-quality production code, and fostering a culture of diversity, equity, and inclusion. With hands-on experience in delivering system design and operational stability, my educational background includes an MS in Data Science and a BS in Computer Science & Engineering.
MON 1:00 PM - 4:40 PM
Intermediate
Maintaining compliance is no longer optional — it’s essential. This workshop guides you through the complexities of compliance regulations while ensuring the security and integrity of your software supply chain. Attendees will explore how JFrog tools, including JFrog Artifactory and JFrog Xray, enable organizations to not only meet regulatory requirements but also establish a culture of compliance excellence. Through hands-on experience, you’ll learn best practices for implementing compliance frameworks within your DevSecOps processes, automate compliance checks, and ensure rigorous security standards are met across the SDLC.
Key Skills Learned:
• Understand the key compliance requirements relevant to software development and deployment, including: NIST, SLSA, DORA, SOX and more
• Use JFrog Artifactory and JFrog Xray to manage open-source and proprietary artifacts while ensuring compliance.
• Automate compliance processes with JFrog CLI, REST APIs, and AQL to streamline workflows and reduce human errors.
• Implement proactive compliance strategies and integrate security measures early in the SDLC.
• Foster a culture of compliance excellence and improve collaboration across security, compliance, and development teams.
• Monitor and report compliance status using JFrog tools for ongoing compliance verification.
Don’t miss out on learning how JFrog can elevate your compliance strategy.
11
4:30 PM
Welcome Reception
MON 4:30 PM - 6:00 PM
12
7:30 AM
Registration
TUE 7:30 AM - 8:45 AM
13
7:45 AM
Breakfast
TUE 7:45 AM - 9:00 AM
14
9:00 AM
Keynote
The Quantum Shift - Rethink Software Supply Chain
Shlomi Ben Haim
|
Co-Founder and CEO
Shlomi is Co-Founder and CEO of JFrog, creators of the universal DevOps platform.
He brings over 20 years of experience in building profitable, high-growth information technology companies.
Prior to JFrog, Shlomi was the CEO of AlphaCSP (acquired in 2005 by MalamTeam) and a Major in the Israeli Air Force.
Shlomi holds an MS from Clark University (Massachusetts, USA) and a BA from Ben-Gurion University (Israel).
TUE 9:00 AM - 9:15 AM
15
9:20 AM
Keynote
AI-Driven DevOps Unleashed: The Future Starts Here
Yoav Landman
|
Co-Founder and CTO
Co-Founder and CTO of JFrog, Yoav is the visionary behind Artifactory, the universal artifact repository manager. Prior to founding JFrog, he spent over a decade as a senior consultant specializing in Distributed Computing and Enterprise Build Systems and held several senior technical roles in global organizations. Yoav holds a master’s degree in computing from RMIT University and a Bachelor of Laws (LL.B) from the University of Haifa.
TUE 9:20 AM - 10:00 AM
The future of DevOps is being transformed with autonomous agents. As the world begins to focus on agentic-driven release management, we will soon experience agents driving crucial processes such as building, securing, and deploying packages alongside automated policy enforcement. These agents are not working in silos - they will (and are) communicating with one another, enabling real-time visibility and management of secure pipelines.
In this landmark technical keynote, we will reveal how JFrog is empowering teams to implement this modern approach to agentic software delivery - with minimal manual intervention, and with enhanced security – all in a streamlined release process without losing control!
16
10:10 AM
Keynote
Reimagining Trust in Software Releases: A New Approach to Supply Chain Integrity
Eyal Dyment
|
VP, Security
Eyal Dyment leads Security at JFrog, where he is responsible for driving the company’s security product strategy and innovation across the software supply chain. With a deep background in AI, machine learning, and data-driven product development, Eyal brings a unique blend of technical expertise and business acumen to the evolving DevSecOps landscape.
Yossi Shaul
|
SVP, DevOps
Yossi Shaul is the Senior Vice President of DevOps Core at JFrog, where he leads the development of the company's core DevOps platform. With a career spanning over two decades in software engineering and leadership, Yossi has been instrumental in shaping JFrog's comprehensive solutions that integrate DevOps, DevSecOps, and MLOps practices.
TUE 10:10 AM - 10:45 AM
Only secure, verified, compliant software should reach production. Full stop. With increasing pressure on modern development teams to deliver across security and compliance requirements, a fully-secured, attestable pipeline demands complete visibility and control across the entire release lifecycle in a single solution.
In this can’t-miss swampUP keynote session, we’ll look at new innovations across JFrog security and platform teams, as well as industry advancements that enable a not just connected, but fully-integrated and robust software supply chain security solution that meets the modern needs of a security-focused, EveryOps reality.
Join us for an exclusive look at how this tectonic security shift reshapes what you thought you knew about application security and governance, helping you unlock new levels of confidence in every release.
17
10:45 AM
Coffee Break
TUE 10:45 AM - 11:00 AM
18
11:00 AM
Keynote
Trusted AI at Scale: Secure Governance and Scalable Management for Your AI Models
Yuval Fernbach
|
VP, MLOps
Yuval Fernbach is VP and CTO of MLOps at JFrog, where he leads the integration of a fully managed ML platform following JFrog’s acquisition of Qwak, which he co-founded. With deep expertise in AI and infrastructure, Yuval helps teams streamline the entire ML lifecycle, from data prep to deployment, bridging the worlds of MLOps and DevOps for secure, scalable AI delivery.
TUE 11:00 AM - 11:45 AM
As AI becomes an indispensable part of modern software applications, managing machine learning models with the same rigor as code and binaries is essential. Yet most organizations still treat models as ad-hoc assets: scattered, untracked, and inconsistently governed, creating potentially serious risks around security, compliance, and operational trust.
Reminding us of yesterday’s OSS package gold rush, today’s ML/AI Models can originate from many sources: custom-built, open-source, and third-party APIs, each with different risks, ownership boundaries, and lifecycle considerations.
In this session, we’ll explore these emerging challenges, and show how advancements in JFrog ML and platform technologies are helping solve them. By treating every type of model as a first-class software artifact, you’ll learn how to integrate model management into your existing DevSecOps pipeline, enable trust by providing visibility, traceability, and evidence-based policy enforcement, and bring the same governance and trust to AI that you already rely on for your software supply chain. It’s time to take back control of AI!
19
12:00 PM
Lunch
TUE 12:00 PM - 1:00 PM
20
1:20 PM
Session
Deploy Artifacts (Even Order Pizza!) with MCP
Yonatan Arbel
|
Developer Advocate
https://sessionize.com/image/11d4-400o400o1-4Lca5KxFAdqorw1G3kMLU9.jpg
A software developer with rich experience spanning over 12 years. For the past 7.5 years, I have been a valuable member of the JFrog team, a prominent tech company. Over the years, I progressed through the organization and eventually found my place within the Infrastructure group.
I have a genuine passion for technology, which has been a guiding force throughout my 12-year career. My work at JFrog has included significant contributions to the development of the JFrog Platform.
My journey is a testament to my dedication and the opportunities that the tech industry offers to those who are eager to learn and grow. As a speaker, I am excited to share my experiences and insights with others in the tech community.
TUE 1:20 PM - 2:00 PM
Intermediate
What if you could deploy software, manage running images, and even order your favorite pizza—all through an AI-powered chat? Meet MCP (Model Context Protocol), the ultimate gateway for companies looking to become AI-friendly and provide seamless interactions through an exposed MCP server.
In this session, we’ll explore:
✅ What MCP is and how it enables AI-driven automation
✅ How MCP simplifies data fetching and environment management
✅ Real-world use cases, from DevOps workflows to AI-assisted user experiences
✅ A live demo: see how easy it is to integrate MCP into your workflows—yes, even for ordering pizza! 🍕
By the end of this session, you’ll have a solid understanding of MCP and why you should start leveraging its power today. Whether you're a developer, DevOps engineer, or product innovator, MCP is your key to unlocking AI-enhanced automation.
21
Session
Artifactory self-hosted Observability with OpenTelemetry & Splunk O11y
Charles Crowder
|
Senior Engineering Manager
https://sessionize.com/image/632a-400o400o1-QBM5UrLriQDupWNCTs8gzw.jpg
Charles Crowder is a Senior Engineering Manager at Cisco on Splunk's SDLC Infrastructure team, and has been with Splunk for 6 years working both as an IC delivering cloud infrastructure, and now as a leader within SDLC.
When not at work, he enjoys family time with his daughter and hobbies like 3D printing, photography, and mountain biking.
TUE 1:20 PM - 2:00 PM
All Levels
Learn how the Splunk team provides Observability for their Artifactory & X-Ray infrastructure using OpenTelemtry, Splunk, and Splunk O11y Cloud to:
- Emit metrics and integrations to Splunk 011y Cloud
- Define detectors, dashboards, and alerts in Splunk O11y Cloud via Terraform
- Emit logs to Splunk Cloud / Enterprise via OpenTelemetry collector or Splunk UF
- Overview of data sources, reports, & dashboards
22
Session
Zero to Hero: Self-Healing CI/CD with JFrog, Dagger, and AI Agents
Jeremy Adams
|
Head of Ecosystem
https://sessionize.com/image/fbc1-400o400o1-SjvNpCJUrFzAiUoLgYm4BX.jpg
Jeremy is a senior leader with both a technical and a strategic streak. Passionate about people and entrepreneurship, integration and automation. Through technical/business roles at Dagger, GitHub, Twistlock, and Puppet, Jeremy has both zoomed in and zoomed out a lot, acquiring an appreciation for the details and an ever-broader sense of the big architectural picture.
TUE 1:20 PM - 2:00 PM
Intermediate
What if your CI/CD pipelines could fix themselves? What if they understood why a deployment failed, rolled back safely, and then proposed the correct fix? Join us for a hands-on technical session showcasing how JFrog Artifactory, Dagger’s portable pipelines, and an LLM-powered AI agent combine to create an intelligent, adaptive platform for shipping software fast, safely, and globally.
We’ll walk through a live scenario such as:
- An app build fails in CI.
- An AI agent (backed by a local LLM) inspects the failure, correlates logs, build metadata, and deployment artifacts.
- It proposes a fix in code (using Dagger Functions), regenerates the pipeline on the fly, and pushes the corrected artifact to JFrog.
You’ll leave with a blueprint for building your own self-healing pipeline systems using the best of artifact management, containerized pipeline portability, and developer-first AI.
23
Session
Securing AI Models and ML Pipelines: Best Practices and Pitfalls to Avoid
Mohammad Saheer Padinharayil
|
Manager | AI & Cloud Security Enthusiast
https://sessionize.com/image/b3f2-400o400o1-hmuUXp5dScDStvPCFEd3KJ.jpg
AI security and cloud-native pipeline expert with about a decade of experience in building scalable, secure ML platforms. Currently leading Payment Integrity and Automation efforts at CVS Health with a focus on ML governance and infrastructure. Frequent speaker on GCP, AI/ML and enterprise-scale MLOps.
TUE 1:20 PM - 2:00 PM
Novice
As machine learning becomes integral to modern applications, the attack surface for AI systems is rapidly expanding. From data poisoning and model inversion to supply chain vulnerabilities in ML pipelines, the risks are real—and often overlooked.
In this session, we'll explore key challenges in securing the AI lifecycle. You’ll learn how adversaries exploit weaknesses in model training, deployment, and inference stages—and how to counter them with practical strategies.
We’ll walk through:
-Threat modeling for ML pipelines
-Secure model training and deployment using ML tools
-Proven strategies for securing data inputs, model artifacts, and dependencies
-CI/CD best practices for AI/ML, including policy enforcement and SBOMs
-Real-world case studies of AI system compromises—and what we can learn from them
This talk will give you the actionable insight to evaluate and secure your own AI initiatives, ensuring trust and compliance in an era where AI is not just an asset, but a potential liability.
24
2:00 PM
Break
TUE 2:00 PM - 2:20 PM
25
2:20 PM
Session
Compliance: The Holy Grail
Shimi Bandiel
|
Senior Solution Architect
https://sessionize.com/image/94cd-400o400o1-naJNEi4CJ8KWF9uHP32PiE.jpg
Shimi is an experienced consultant and developer who specializes in building performant DevOps CI/CD pipelines.
Before his current role as a Strategic DevOps Acceleration Solution Architect @ JFrog, Shimi was the CTO of Trainologic responsible for high profile consulting and training about DevOps, architecture and performance tuning.
TUE 2:20 PM - 2:55 PM
Intermediate
In this session, we’ll explore why compliance remains one of the most elusive challenges in modern software supply chains and what’s finally evolving.
You’ll learn the most common compliance requirements, why tracking them across fast-moving DevSecOps environments is so complex, and why legacy approaches often fall short.
We’ll share practical strategies from SBOM generation to automated evidence collection that help meet compliance goals without slowing down innovation.
We’ll also look ahead to what's next: continuous compliance posture monitoring, integrated trust signals, and how embedding security into the SDLC can eliminate the need for reactive patching to help you build secure, compliant software from the start.
26
Session
Handling Hyper-Scale Growth and AI Workloads with Artifactory
Krishna Nadiminti US
|
Developer Experience Leader
https://sessionize.com/image/c791-400o400o1-4WdTcUipfc7U9JzvodMYzn.jpg
Krishna Nadiminti leads Developer Experience at NVIDIA, focusing on improving developer productivity and application lifecycle efficiency. She is an award-winning leader recognized across the tech industry for her contributions to engineering excellence and innovation.
TUE 2:20 PM - 2:55 PM
All Levels
How do you scale artifact management for an era of AI-driven engineering? In this session, learn how a lean DevOps team inherited a legacy Artifactory instance and transformed it into a hyper-scale, cloud-native artifact platform capable of handling modern AI/ML workloads. The speakers will walk through the transformation journey—from aging infrastructure and operational bottlenecks to a scalable, automated, and performance-optimized Artifactory cluster.
Discover how NVIDIA scaled to support 10x artifact growth, massive binaries, and unpredictable CI/CD bursts, all driven by cutting-edge GPU development and AI test pipelines. You’ll gain insights into architectural evolution, observability patterns, and DevOps practices that enabled the team to tame explosive scale while improving reliability and efficiency.
27
Session
Mastering Vulnerability Management and Secure SDLC: A Deep Dive into Enterprise Application Security
Krishna Chaganti
|
Associate Director
https://sessionize.com/image/09d5-400o400o1-hn1PFgDFXktMaha7ccKLJ4.jpg
Hi, I’m Krishna an application security expert with 13+ years of experience in penetration testing, vulnerability management, and DevSecOps. I specialize in SAST, DAST, threat modeling, and CI/CD security automation, using tools like Burp Suite, OWASP ZAP, and Metasploit. Passionate about integrating security into development, I mentor, speak at conferences, and conduct hands-on workshops. My mission is to help teams bridge the gap between speed and security, ensuring innovation without compromise. Let’s build secure applications togethe
TUE 2:20 PM - 2:55 PM
Advanced
In this session, participants will explore advanced techniques in vulnerability management, application penetration testing, and secure software development life cycles (SDLC). Drawing from over 13 years of hands-on experience, Krishna, Associate Director at S&P Global, will share insights into building and managing comprehensive application security programs across diverse environments.
The session covers real-world practices in integrating SAST/DAST tools into CI/CD pipelines, performing dynamic and static vulnerability assessments, and effectively collaborating with development teams for secure coding. Learn about OWASP Top 10 vulnerabilities, mobile app testing, API security, and managing enterprise risk through threat modeling, patch management, and compliance alignment (PCI DSS, ISO 27001).
28
Session
From Pipelines to Production: Cloud Native AI Gets Real
Ricardo Aravena
|
Cloud Infrastructure Lead
https://sessionize.com/image/6d6d-400o400o1-nCHvnWjFoHqqqLvAvW6a6k.jpg
Ricardo is making daily impactful contributions as an AI Infrastructure Lead at Snowflake. He's passionate about open source in various roles, such as co-chairing the CNCF TAG-Runtime and leading the Cloud Native AI Working Group. With over 25 years of experience in the tech industry and a diverse professional background, he has held various roles at major companies such as Rakuten, Cisco, and VMware, as well as startups like Branch Metrics, Coupa, HyTrust, Exablox, and SnapLogic. His most recent role at Truera involved automating cloud infrastructure for a large-scale AI/ML Observability solution.
TUE 2:20 PM - 2:55 PM
Novice
Since last year's swampUP, the Cloud Native AI ecosystem has evolved significantly. With ongoing innovation in open source models, orchestration, model registries, and observability tools, DevOps teams are now better equipped to reliably and quickly move AI applications from experiment to production.
This talk will dive into the latest work from the CNCF Cloud Native AI Working Group, which has been mapping out the reference architectures, challenges, and opportunities at the intersection of MLOps, DevOps, Security and cloud native tooling. We'll showcase the most recent advancements across the model lifecycle—covering artifact management, inference serving, workload orchestration, and lineage tracking—through a lens of practical, real-world implementation.
Attendees will leave with a blueprint for building scalable, reproducible, secure AI platforms using cloud-native practices, including open-source components. We'll also explore where the ecosystem is heading next, from AI gateway patterns to cluster-level scheduling for GPUs.
29
3:00 PM
Break
TUE 3:00 PM - 3:15 PM
30
3:20 PM
Session
Building Scalable Machine Learning Platforms: A Practical Guide for Engineers
Yasodhara Varma
|
VP and Lead Software Engineer
https://sessionize.com/image/7ac9-400o400o1-DNKeBdT8tsd9v6enPCRCzG.jpg
I am a seasoned Lead Software Engineer with 25 years of experience in machine learning, big data, and cloud infrastructure. As a Vice President at JPMorgan Chase, I have led the design and migration of large-scale ML platforms from on-premise Hadoop to AWS, optimizing model training and governance. I specialize in Python, TensorFlow, Spark, and AWS services, driving innovation in fraud detection and credit risk assessment. With expertise in DevOps, distributed computing, and AI-driven solutions, I am passionate about building scalable, efficient platforms that empower businesses to harness the full potential of cloud and AI technologies.
TUE 3:20 PM - 3:55 PM
Advanced
Join me, Yash, as I take you through the key strategies and technologies behind designing and managing large-scale machine learning platforms. Drawing from my 25+ years of experience, including my role as a Lead Software Engineer at JPMorgan Chase, this session will cover how to build robust ML infrastructure, optimize distributed model training, and transition on-premise workloads to cloud-based solutions like AWS SageMaker and EMR.
You'll learn about:
1 Best practices for scaling ML models across petabyte-scale data
2 Leveraging cloud services (AWS, EMR, EC2, SageMaker) for efficient ML workflows
3 Implementing governance, compliance, and cost-optimization strategies
4 Case studies on fraud detection and risk assessment using ML
31
Session
Conan 2: security features for enterprise-grade C++ projects
Luis Caro Campos
|
Conan| R&D Team Lead
https://sessionize.com/image/39cf-400o400o1-hgxvcYJUqvfhih6XAt21te.jpg
Luis is an Electronics and Computer Engineer, currently working a R&D Team Lead in the Conan Team at JFrog. He started his journey with C++ in university doing research in the field of Computer Vision. Since 2015 he has been based in the UK and has worked in the field of 3D Scanning, and more recently in the field of Robotics (Autonomous Driving) at Oxbotica, before joining the Conan team at JFrog in 2022.
Over the years, Luis has become concerned with the problem of enabling C++ Software Development at scale, working on the tooling and processes that enable large teams of C++ developers to focus on writing code.
TUE 3:20 PM - 3:55 PM
Intermediate
Memory safety issues have long been a common cause of security vulnerabilities, to the point where government agencies are recommending moving away from languages like C and C++ for new product development. However, while “memory safe” languages exist - the same agencies acknowledge that software will have to interface with components written in C and C++ for a long time, and recommend that software vendors have a memory safety roadmap.
Key items of a memory safety roadmap include keeping proper track of external dependencies, a transparency plan (vendors and customers should know which dependencies are included in each product), and a plan to react to disclosed CVEs (Common Vulnerabilities and Exposures).
The recent ISO C++ developer survey highlights how dependencies are still integrated as part of projects and not properly traced. This talk will cover how C++ developers can leverage Conan to properly track dependencies, and how it integrates with JFrog’s Security offerings to help developers in fulfilling their contractual and regulatory obligations.
Features covered: Software Bill of Materials, Audit dependencies (report CVE vulnerabilities, powered by JFrog Advanced Security), package signing and JFrog Xray integration via Artifactory.
32
Session
Unified DevSecOps Pipelines: Accelerating Secure Deployments with NLP & JFrog Xray
Hariharan Ragothaman
|
Software Engineer
https://sessionize.com/image/7480-400o400o1-Q1NYhqLveCCzibsc7QfroY.jpg
Hariharan Ragothaman is a Software Engineer at AMD, leading server validation for AI and GPU platforms. Prior to this, he served as a Lead Software Engineer - System Design and Architecture (Manager) at athenahealth where he designed and developed 'Unified Deployment Pipeline' to integrate multiple tech stacks, enhancing service visibility and improving release and product quality. His work in commercializing the macro-service hybrid cloud (Amazon EKS, AWS Local Zones, and AWS Outposts) was a major step towards modernizing the athenaOne platform. At Bose, he developed scalable firmware for wireless audio products and led AVS/GVA integrations. He received his Masters degree at Northeastern University, Boston.
TUE 3:20 PM - 3:55 PM
All Levels
In today’s application security landscape, navigating complex deployment environments often feels like facing an onslaught of cyber adversaries. Much like Batman’s trusty utility belt— equipping the perfect gadget for every challenge— integrating robust security into your SDLC transforms your pipeline into a resilient defense against vulnerabilities and breaches.
This talk deep dives into a comprehensive case study where we revolutionized our security posture. On one hand, we applied an innovative strategy to unify all our deployments to a 'Unified Deployment Model' based on Elastic Kubernetes Service (EKS), while on the other by integrating JFrog Xray into each stage of our Software Development Lifecycle (SDLC). Through this integration, our team uncovered about 100K previously undetected security violations that our traditional fragmented approach had overlooked.
In large codebases with services across mobile and front-end, lack of standardization and common tooling causes operational burdens. Teams often build custom deployment flows, leading to two major issues: no consistent “shift-left” feedback loop, and no unified security posture or compliance. This fragmentation hampers visibility into DORA metrics due to divergent pipelines and tech stacks.
Here, we'll explore approaches for architecting a 'Unified Deployment Pipeline' that accelerates developer velocity and productivity while enforcing robust security governance across the SDLC with integrated logging, tracing, and metrics. Additionally, by automating SBOM generation, our strategy delivers an organization-wide impact—enhancing transparency, compliance, and overall risk mitigation. This architecture also provides central observability of progress and aggregates metrics to monitor the health and maturity of deployments. Additionally, we will also investigate how the “build once, deploy many times” paradigm aligns with the proposed architecture.
33
Session
Efficient DevOps with Agentic GraphRAG
Stephen Chin
|
VP of Developer Relations
https://sessionize.com/image/67c7-400o400o1-94UgqvdxnaQUpj38o9TkBX.jpg
Stephen Chin is VP of Developer Relations at Neo4j, member of the Open AI Alliance, and author of several titles with O'Reilly, Apress, and McGraw Hill. He has keynoted numerous conferences around the world including AI DevSummit, Devoxx, DevNexus, JNation, Shift, JavaOne, Joker, swampUP, and Open Source India. Stephen is an avid motorcyclist who has done evangelism tours in Europe, Japan, and Brazil, interviewing developers in their natural habitat. When he is not traveling, he enjoys teaching kids how to do AI, embedded, and robot programming together with his daughters.
TUE 3:20 PM - 3:55 PM
All Levels
AI models are getting tasked to do increasingly complex and industry specific tasks, where different retrieval approaches provide distinct advantages in accuracy, explainability, and cost to execute. GraphRAG retrieval models have become a powerful tool to solve domain-specific problems where answers require logical reasoning and correlation that can be aided by graph relationships and proximity algorithms. I will demonstrate how the agentic combination of RAG and GraphRAG retrieval patterns can improve analysis of dependency and security information to optimize a DevOps pipeline.
34
3:55 PM
Break
TUE 3:55 PM - 4:10 PM
35
4:20 PM
Session
From Vinyard to Version Control: The DevSecOps of Winemaking
Richard Clark
|
Senior Solutions Architect
https://sessionize.com/image/1af3-400o400o1-PJgNWnTahoUEYc9zwfc5oQ.jpg
Richard is a Senior Solutions Architect with JFrog. He is also an entrepreneur/inventor, having previously run a startup in the Internet of Things space, where he holds technology patents and has been a key member of several M&A startups. In his spare time, he enjoys cooking and traveling with his wife and two girls, working on projects with them in his garage-turned makerspace and is also an experienced winemaker.
TUE 4:20 PM - 5:00 PM
All Levels
This talk will discuss the entire process of producing and delivering great wine from the ground up by selecting grapes to bottling, with close similarities to developing and deploying safe, secure & trusted releases in a Software Supply Chain. We will touch upon how to choose a reliable source for safe OSS libraries, CI, CD, SBOM recipes, evidence tracking, quality control, common pitfalls to avoid, packaging/distribution, and ultimately consumption of wine/software by the end user! If you love wine and DevSecOps don't miss this exciting session to learn more about the best practices for both!
36
Session
Disaster- Proof Development: Embedding Resilience in Every Release
Aman Sardana
|
Senior Principal Application Architect
https://sessionize.com/image/a18e-400o400o1-UrMs5K58g32RKriDatgtFV.jpg
Aman Sardana is a technology professional in the financial services and payments domain. He is a hands-on technology leader, enabling business capabilities by implementing cutting-edge, modernized technology solutions. He is skilled in designing, developing, and implementing innovative financial technology solutions that drive business results and establish best-in-class operations.
Aman did his Masters in Information Technology from Northwestern University. This unique program straddles between the business and technical side of information technology, focusing on data mining, information security, enterprise architecture, statistics, innovation, marketing and finance.
Vijay Kumar Soni
|
Expert Application Engineer
https://sessionize.com/image/0bcd-400o400o1-SFyLK6X8znEGZko4n2BsUL.jpg
Vijay Soni is the Expert Architect & Engineer at Discover's business technology department. He architected and designed Discover's Open banking and Click to Pay ecommerce Digital Wallet Payments platforms. He is seasoned software engineer and passionate about solving complex emerging finance, digital payment, identity and payment product problems using secure, futureproof and innovative approach.
Vijay also led multiple EMVCo, eCommerce, Mobile SE/HCE Payments technology initiatives as lead architect and engineer.
Vijay has worked on large financial services & payments technology integration projects including Apple Pay, Google Pay, Samsung Pay, Click to Pay and FDX Open Banking integrations, Pay with Rewards, Contactless Mass Transit acceptance etc..
TUE 4:20 PM - 5:00 PM
Intermediate
Core platform systems support business-critical applications, and are expected to be available and highly responsive 24/7/365. As an example, financial institutions with legacy infrastructure are increasingly adopting hybrid cloud solutions to stay competitive, balance scalability, drive cost-efficiency, and achieve regulatory compliance. However, this shift introduces significant challenges related to system performance, security, and compliance. These challenges must be addressed with strategic mitigation measures.
In this talk, we’ll share insights, experiences, and innovative solutions to successfully navigate hybrid cloud challenges in the Financial Technology domain for core, backend processing systems, Open Banking, payment processing, etc. Attendees will gain practical strategies for securing hybrid environments, ensuring compliance with financial regulations, and optimizing performance across distributed cloud ecosystems. These strategies can be applied to any industry vertical that operates critical infrastructure with hybrid cloud deployments.
Key Takeaways:
- The importance of hybrid cloud in modern FinTech operations
- Hybrid cloud architecture and infrastructure best practices
- Data Management and Governance
- Security considerations and risk management in hybrid cloud environments
- Compliance and regulatory challenges (PCI-DSS, GDPR etc.)
- Performance optimization strategies for financial workloads in hybrid cloud deployments
- Business Continuity, Disaster Recovery and resiliency of critical infrastructure
- Cost Management and FinOps
- Vendor Lock-In and Dependency
37
Session
Platform Engineering: Herding the Electric Sheep & Some Frogs
Brett Smith
|
Software Architect
https://sessionize.com/image/5c6d-400o400o1-EzZn52iH1eHmCQ6Eh3x4zi.jpg
Software Architect/Engineer/Developer with 25+ years of experience.
Specialties: Event Driven Automation, Continuous Integration/Delivery/Testing/Deployment, Supply Chain Security
Expertise: Linux, packaging, and tool design.
Currently Engineering and Securing the Supply Chain with Event Driven CI/CD gitOps Pipeline Architectures that leverage Kafka, Go,
and Python running in Containers on Kubernetes and SBOMs.
TUE 4:20 PM - 5:00 PM
All Levels
A talk about platform engineering, DevOps, DevSecOps, sprawl, chaos, bad decisions, compliance, and security. Why engineer an Internal Developer Platform when I have DevOps? DevOps works fine when you are a 20 person start-up, but it often doesn't scale to enterprise-level development efforts. When you have 3,000 developers with different needs and you are responsible for EO compliance and security, a modular self-service platform is a good choice to build. In this talk, I cover the challenges we have faced in a 3,000-developer enterprise, and how we are working to address them. I also cover how we are working on automating, integration, and scaling the creation of our internal developer platform. We talk about the tools we are using including JFrog products like Artifactory, Curation, Xray, and Advanced Security. I also talk about how we are leveraging SBOMs, SLSA, and other tools to help build out a secure and compliant platform.
38
Session
The End of Manual DataOps: Git for Data and the Automation of AI Infrastructure
Ciro Greco
|
Founder and CEO
https://sessionize.com/image/1911-400o400o1-MvHApvyht4FXbwBsyF1yER.jpg
Ciro Greco - founder and CEO at Bauplan, a serverless computing platform for complex data workloads. Developers can write complex, multi-language data pipelines with zero environment management and infrastructure configuration and the same instantaneous feedback loop as running code locally.
Formerly, he was the founder of Tooso, an NLP startup based in San Francisco. Tooso was acquired by Coveo in 2019 and Ciro was in the management team that brought Coveo to IPO in 2021.
In a previous life he got a PhD in Neuroscience at Milan-Bicocca, a postdoctoral fellowship at Ghent University and he was visiting scientist at MIT.
TUE 4:20 PM - 5:00 PM
All Levels
One area where we believe AI agents will be crucial is DevOps automation.
Data and ML workloads have been historically very hard to automate reliably because of their inherent complexity, and because traditional data platforms require specialized expertise and manual oversight.
This talk argues that the future of DataOps is built around code-first abstractions and fully-programmable data platforms that meet the needs of DevOps teams: full replicability, easy automation and transparent security.
We will present very specific real-world examples on how Recommender and RAG systems running in production can become more reliable by abstracting infrastructure complexities behind familiar Python concepts like functions, packages, tables, and version control.
39
5:00 PM
Booth Crawl | Happy Hour
TUE 5:00 PM - 6:30 PM
40
6:30 PM
Gala Dinner: Featuring Celebrity Cellist Tina Guo
TUE 6:30 PM - 10:00 PM
41
10:00 PM
Post Gala Open Bar
TUE 10:00 PM - 11:55 PM
42
7:30 AM
Registration
WED 7:30 AM - 8:45 AM
43
7:45 AM
Breakfast
WED 7:45 AM - 9:00 AM
44
9:00 AM
Keynote
Keynote Kickoff
Jens Eckels
|
VP of Product Marketing
WED 9:00 AM - 9:20 AM
Day 2 of swampUP drives practical application of EveryOps’ quantum shift across our industry.
Join us, as we sharpen our minds for a day of learning and collaboration.
45
9:20 AM
Keynote
Large scale inference for the enterprise – architecture, security, and best practices
Maciej Mazur
|
AI CTO
https://sessionize.com/image/f711-400o400o1-poSUEMU6ZtfdSXBcwpoENw.jpg
Maciej Mazur is a CTO of Artificial Intelligence in EMEA at Dell Technologies. Based in
Wrocław, Poland, Maciej works with enterprise and public sector customers to help them
successfully integrate and leverage AI solutions for strategic growth as part of their digital
transformation.
As a lead architect on more than one hundred AI projects, Maciej is a recognized AI expert
and industry blogger/podcaster. With his security clearance, Maciej is also able to discuss
strategic projects with customers in governmental space.
With cross sector experience, and deep telco and defense knowledge, Maciej works with
the C-Suite and IT leaders to leverage AI across their organizations, breaking down silos
and optimizing data investments.
Customer inquiries often center on sovereign AI cloud strategies and hybrid cloud
optimization, and Maciej works with them to provide expert guidance on architecture,
implementation, and maximizing GPU utilization in these environments.
He also works on the Dell AI Factory program that provides organizations with the building
blocks for seamless integration of AI models and frameworks into their operations,
enabling them to turn their ideas into practical applications.
Maciej joined Dell Technologies in 2024 from Ubuntu, where he was a Principal Machine
Learning Engineer, and has experience as Chief Data Scientist and lead solution architect
with top IT companies.
WED 9:20 AM - 10:00 AM
This keynote presentation will explore large-scale inference infrastructure for enterprises, focusing on architecture, security, and best practices. As an AI CTO at Dell, I had a privilege to be involved in our largest projects and I will share insights into both hardware and software solutions, highlighting deployed architectures and key learnings from customer implementations.
I will show you how to build a SW stack that is able to deliver 30 billion recommendations daily across 4 billion web pages (which is live with one of our customers). Learnings will cover GPU utilization optimization, K8s scheduling mechanisms, monitoring distributed systems using open telemetry approaches balancing security best practices with innovation coming from open source world.
46
10:00 AM
Coffee Break
WED 10:00 AM - 10:15 AM
47
10:20 AM
Keynote
Ensuring Reliable Evaluation Systems for Your ML
Demetrios Brinkmann
|
Founder of MLOps Community
https://sessionize.com/image/857d-400o400o1-3TRhsaR17iDdGD8VEZQ6u.jpg
Demetrios founded the largest community dealing with productionizing AI and ML models. In April 2020 he fell into leading the MLOps community (more than 75k
ML practitioners come together to learn and share experiences) which aims to bring clarity around the operational side of Machine Learning.
Since diving into the nitty gritty of Machine Learning he has felt a strong calling to explore the ethical issues surrounding the new tech he covers. In his free time he can be found building stone stackings in the woods
with his daughters
WED 10:20 AM - 11:00 AM
Standard benchmarks often fall short and can be misleading. Leaderboards can erode trust in model claims, as they rarely address specific, real-world needs. In this talk, Demetrios Brinkmann will detail how MLOps engineers and developers can build and continuously update their own evaluation systems to create a strong competitive advantage. He’ll cover how to build a reliable “golden dataset,” optimize data collection, labeling, and utilize the right tools to ensure evaluations truly reflect their intended use case.
48
11:00 AM
Coffee Break
WED 11:00 AM - 11:10 AM
49
11:15 AM
Stealth Mode Session
WED 11:15 AM - 12:00 PM
Some conference talks are simply too impactful, too important, too forward-looking to expose all the details far in advance. Stay tuned for more info on this exciting session that everyone will be buzzing about - just not yet!
50
12:00 PM
Lunch
WED 12:00 PM - 1:00 PM
51
1:20 PM
Session
Empower Your Organization with Smarter Retention Policies
Gal Zilberman
|
Senior Product Manager
https://sessionize.com/image/2cfe-400o400o1-D2gxD2yWDNZqV4XkcHgSSL.png
2022 - now: Senior Product Manager, JFrog
2021-2022: R&D team leader, Orbit Communication Systems
2018-2021: System engineer, Orbit Communication Systems
2014-2018: Student position, Intel
2005-2014: Naval combat officer, IDF
Kunal Mazumdar
|
Tech Lead
https://sessionize.com/image/f503-400o400o1-7bdeaed8-8a83-4df8-af40-821775dec46f.jpg
Kunal Mazumdar is a seasoned software professional specializing in full-stack web solutions and scaling web applications. With expertise across DevOps, Aviation, and Developer Experience, he brings a unique blend of technical depth and industry insights.
He has contributed to enterprise and commercial SaaS applications, leveraging Java, JavaScript, Go, and Python. His DevOps expertise helps streamline workflows, automate deployments, and enhance software reliability.
Beyond tech, Kunal is a passionate singer who finds harmony in both music and software architecture. His talks are engaging, practical, and packed with real-world insights, making complex topics accessible to developers and architects.
WED 1:20 PM - 2:00 PM
All Levels
Learn how JFrog’s Retention Policies — Cleanup and Archival — help optimize storage, reduce costs, and ensure compliance without compromising developer productivity. This session will cover best practices for managing dev and production artifacts, automating cleanup and archival, and aligning storage strategies with business goals. Walk away with actionable insights to implement smarter, more efficient retention policies.
52
Session
The Artifact Avengers: Governance to the Rescue
Nireesh Thiruveedula
|
Lead Software Engineer
https://sessionize.com/image/67b8-400o400o1-GFtHoo2t8Q6SbSYmNUn6F.jpg
I am a Lead Software Engineer and Artifactory administrator at CapitalOne with 18 years of experience in developing enterprise solutions in the Financial Tech and Insurance domains. I hold a patent for a Business-to-Enterprise application developed for StateFarm Insurance, showcasing my innovative approach and technical expertise. My role involves designing and managing scalable solutions, ensuring robust artifact governance.
Outside of work, I enjoy cycling, which keeps me energized and focused. Originally from the southern part of India, I bring a diverse perspective to problem-solving and team collaboration.
WED 1:20 PM - 2:00 PM
All Levels
Enterprise-level, well-structured and efficient artifact governance frameworks can ensure seamless onboarding, security, compliance and lifecycle management - all via Artifactory. This architecture enables application teams to interact with artifacts while reinforcing security and ease of operations.
Key aspects of governance:
Effective team onboarding: this workflow simplifies the process by creating dedicated repositories for each application, ensuring the teams have well-defined space to store and manage their artifacts.
Tailor-made access controls: implemented effectively, allows teams to securely manage their artifacts and maintain role based access.
Security: remains top priority, with authentication enforced for all uploads/downloads and eliminating anonymous access and ensuring that only authorized users and services interact with Artifactory.
Auditing artifacts: tracking the movement of artifacts across all stages of deployment through a structured promotion process with vulnerability detection from test environments through production with traceability and compliance.
Maintain optimized repository structures: by archiving stale artifacts through automated batch process, prevent repository bloat and improve storage efficiency.
This end-to-end artifact governance structure is made possible by harnessing the power of JFrog APIs, enabling automation and operational efficiency at scale.
53
Session
Zero Downtime, Maximum Impact: Migrating Artifactory Database at Scale
Vishal Raina
|
Engineering Manager, Developer Velocity & Tooling
https://sessionize.com/image/e0c0-400o400o1-XttzTM2UdvAA8mLpKctA9B.jpg
Vishal Raina is an engineering manager at Adobe, leading the Developer Velocity & Tooling team. With over 20 years of experience in platform engineering and developer productivity, he has led large-scale initiatives across GitHub, Jenkins, Artifactory, and CircleCI. Vishal specializes in scaling DevOps platforms and delivering impactful migrations that boost performance and reliability.
Kevin Patterson
|
Senior SCM Engineer, Engineering Productivity Tools and Applications
https://sessionize.com/image/7814-400o400o1-f6-1011-41d8-9011-b7424070e4e7.07582064-1606-4c07-88e1-823331458f75.JPG
Once heavily focused on infrastructure, his current interests are now in Software Configuration Management (SCM) and DevOps.
Rahul Srivastava
|
Lead SRE
https://sessionize.com/image/b3b7-400o400o1-TJ7JrsR8nWCMJkiZyyCFN.jpg
Rahul Srivastava is a Lead Senior Site Reliability Engineer at Adobe, where he has been driving critical initiatives to enhance the end-to-end resiliency of large-scale, distributed systems deployed across multiple regions and cloud environments since 2019. A core part of his work includes operating and scaling JFrog Artifactory services in a multi-cloud, multi-region infrastructure.
With over two decades of experience in software engineering and infrastructure reliability, Rahul Srivastav holds an M.S. in Software Management from Carnegie Mellon University and a B.Tech in Computer Science from the Institute of Engineering & Technology, India. He is also a certified Project Management Professional (PMP) recognized by the Project Management Institute.
WED 1:20 PM - 2:00 PM
Intermediate
How do you migrate a mission-critical Artifactory database with zero downtime—while supporting thousands of developers? Join adobe's Vishal Raina, Kevin Patterson and Rahul Srivastava as they share their real-world experience executing a seamless migration from MySQL to PostgreSQL in a high-scale, multi-geo enterprise environment.
You'll get a behind-the-scenes view into the planning, tooling, and validation strategy that enabled a risk-free migration. We’ll cover how the team identified legacy system limitations, aligned cross-functional stakeholders, and executed the cutover with precision—all without impacting developer velocity. You'll also hear practical lessons learned on operational resilience, automation, observability, and post-migration optimization.
Whether you're preparing for your own DB migration or modernizing your artifact infrastructure, this session will equip you with actionable insights to reduce risk, improve reliability, and elevate the developer experience.
54
Session
Mastering Modern Tech Stacks: Optimizing Performance at Scale
Sai prasad Veluru
|
Software Development Engineer
https://sessionize.com/image/0ea8-400o400o1-KLsLEcYfTLWei66P3UasBK.jpg
A software engineer specializing in large-scale data processing, AI-driven automation, and real-time infrastructure. Currently working at Apple, leading projects that optimize data pipelines, enhance system performance, and integrate AI to streamline operations. Passionate about distributed systems, Kafka, and cloud-native architectures, with a track record of solving complex engineering challenges at scale.
WED 1:20 PM - 2:00 PM
Advanced
In this session, we will explore the best practices and technologies that drive high-performance, scalable systems. Drawing from my experience at Apple, Visa, and other companies, I'll cover how to implement Kafka streaming, Kubernetes, AWS, and machine learning to build and optimize large-scale systems. This will include a deep dive into real-world scenarios and how to improve processing times, reduce latency, and manage large datasets efficiently.
55
2:00 PM
Break
WED 2:00 PM - 2:10 PM
56
2:20 PM
Session
Strengthening SDLC Integrity, Step by Step
Ronny Belenitsky
|
Director of Product
https://sessionize.com/image/6962-400o400o1-UkUiUAN9NWS8QakGbXWXsw.jpg
Ronny is a Product Director at JFrog, where he leads strategic initiatives across DevSecOps and SDLC innovation. With a strong background in cloud-native technologies and application lifecycle management, Ronny plays a key role in shaping products that empower enterprise engineering teams to build and release software more quickly and securely.
Prior to JFrog, Ronny was the VP of Product at Titan, where he scaled product organizations, launched market-leading solutions, and drove enterprise adoption globally. He brings over 15 years of experience in building impactful software products, combining technical depth with strategic vision.
WED 2:20 PM - 2:55 PM
All Levels
In our discussions with customers, we identified a critical challenge in the Software Development Lifecycle (SDLC): package signing often occurs after the package build, altering the package’s SHA in the middle of the process.
While organizations aim to ensure that artifacts pushed to production have a fully signed and verifiable provenance from development to deployment, this intermediate modification disrupts the integrity of the build step and beyond.
Customers recognize the value of immutable release bundles and a robust provenance posture. However, transitioning away from a process that modifies artifacts mid-SDLC for signing to an immutable workflow remains challenging.
This talk will explore how organizations can adopt a step-by-step approach to ensure consistency and predictability across SDLC maturity stages, while enabling the addition of trusted and signed evidence at every stage; a way to enable security, traceability, and compliance without compromising integrity.
57
Stealth Mode Session
WED 2:20 PM - 2:55 PM
Some conference talks are simply too impactful, too important, too forward-looking to expose all the details far in advance. Stay tuned for more info on this exciting session that everyone will be buzzing about - just not yet!
58
Keynote
Farm to Table Software Delivery: DevOps to Platform Engineering
Haggai Philip Zagury
|
DevOps Group & Tech Lead
https://sessionize.com/image/95fc-400o400o1-MuygvjmZtCagbBS7Kd2Zv4.png
25+ years if experience as an IT Systems Engineer.
I lectured in various conferences in Israel and abroad.
Bootstrapped my career as a systems administrator in a small StartUp, and a few years later learned about my passion to learn & teach ;) ,
My Day job was running production for a small ISP running various sub-systems, which quickly grew in demand, my journey continued when I joined Tikal ~16 years ago as a Configuration Manager and grew from there into the DevOps field.
I'm not the traditional geek 😉 I am very passionate about what I do ♾️.
HagZag
WED 2:20 PM - 2:55 PM
Intermediate
The way we build, deliver, and operate software has undergone a massive transformation over the past decade. What started as a DevOps-centric approach—focused on automation, CI/CD, and infrastructure as code—has now evolved into a Platform Engineering paradigm. This shift prioritizes self-service, developer experience, and scalable platform abstractions to enable high-velocity software delivery. In this session, we will explore how organizations are modernizing their software delivery pipelines, infrastructure, and operational models to drive agility, efficiency, and reliability.
Drawing from real-world experience as a DevOps consultant and platform engineer, I will take attendees through the journey of software delivery evolution—from early configuration management days to the current Platform Engineering movement. We will discuss the critical role of self-service platforms in empowering developers while ensuring governance, security, and operational excellence at scale.
59
Session
Resiliency by Design: Internal Platforms' Contributions to Cloud Stability
Gaurav Saxena
|
Director of Engineering
https://sessionize.com/image/6dac-400o400o1-Ex75fTAWdKuGV3XCzyaLAC.jpg
Gaurav Saxena is an engineering leader in the field of platform and cloud engineering with over 20 years of experience in the software industry. His technical expertise includes Stream-based architectures, Kubernetes, Service Mesh, and Observability.
WED 2:20 PM - 2:55 PM
Advanced
In today's complex enterprise environments, building and maintaining resilient data streaming platforms requires a strategic approach that empowers developers while ensuring security and operational efficiency. This presentation explores how Internal Developer Platforms (IDPs) can streamline development workflows, enhance application portability, and fortify your software supply chain, including the use of CNCF projects.
We'll delve into:
Internal Developer Platforms (IDPs): Understanding the core principles of IDPs and how they enable self-service infrastructure, reduce cognitive load for developers, and promote consistent development practices.
Open Application Model (OAM): Leveraging OAM to define applications in a platform-agnostic way, separating application logic from infrastructure concerns. This promotes portability and simplifies management across diverse environments.
Crossplane: Using Crossplane to extend your Kubernetes cluster and manage infrastructure resources (databases, message queues, etc.) directly from within your IDP, enabling a unified control plane for both applications and infrastructure.
A key focus will be on building a hardened software supply chain:
Melange, Apko, and Wolfi: Building minimal, secure container images using these next-generation tools. We'll discuss the benefits of reduced attack surface and improved image scanning results.
Sigstore Project (Cosign, Fulcio, Rekor): Ensuring the integrity and authenticity of container images through signing and attestation. We'll demonstrate how to use Sigstore to sign images built from managed CI pipelines and push to jFrog Artifactory securely.
Kubernetes Admission Control: Implementing KubeWarden, a Kubernetes admission controller, to enforce policies and verify image signatures before deployment, preventing the execution of untrusted code.
Workload Attestation using SPIFFE: Using SPIFFE for workload attestations.
60
3:00 PM
Break
WED 3:00 PM - 3:15 PM
61
3:20 PM
Session
Delivering AI You Can Trust
Pavel Klushin
|
Senior Manager, Solution Engineering
https://sessionize.com/image/d89a-400o400o1-7cCD9rHx52pNASrhm67LW8.jpg
Pavel Klushin is an ML expert with over ten years of expertise in cloud engineering. His work focuses on integrating AI with cloud infrastructures, enhancing performance and driving innovation across various industries.
WED 3:20 PM - 3:55 PM
Intermediate
Discover how JFrog enables seamless and secure adoption of both open-source and commercial AI models within the enterprise, enforcing organizational policies without slowing down your AI development velocity.
62
Stealth Mode Session
WED 3:20 PM - 3:55 PM
Some conference talks are simply too impactful, too important, too forward-looking to expose all the details far in advance. Stay tuned for more info on this exciting session that everyone will be buzzing about - just not yet!
63
Stealth Mode Session
WED 3:20 PM - 3:55 PM
Some conference talks are simply too impactful, too important, too forward-looking to expose all the details far in advance. Stay tuned for more info on this exciting session that everyone will be buzzing about - just not yet!
64
Session
JFrog Artifactory Active/Active HA DR infrastructure Split-Horizon DNS for Public/Private Access
Nicholas Shine
|
Principal Software Engineer
https://sessionize.com/image/303a-400o400o1-3MUwHekCNrPa6UEfst6Z8k.png
Nicholas Shine is a Principal Software Development Engineer at Cisco on Splunk's SDLC Infrastructure team, and has been with the team for 4 years innovating several critical components within our SDLC systems supporting engineering as a whole.
When not at work, he enjoys family time with his wife and two daughters and hobbies like homelab / automation, woodworking, and drone photography.
WED 3:20 PM - 3:55 PM
Advanced
Learn how to implement JFrog Artifactory & JFrog Xray as an active/active HA DR implementation (self-hosted in AWS) with a hybrid private/public access model via Split-Horizon DNS resolution.
- Split-Horizon DNS for public/private access
- DNS routing & resolution options
- IAC via Terraform & CI/CD
- Failover operations / upgrade strategy
- Access Federation / Mission Control
65
4:00 PM
Show Closing at Expo
WED 4:00 PM - 4:20 PM
Best Speaker Award & Raffle Winner Announcements
