DevOps journeys, failures, successes… get inspired!

March 22-23, 2023 - Online


Emily Freeman

Technologist and Author

Keynote and fireside chat: What’s DX Anyway?

Developer Experience, shortened to DevEx or DX, has risen as one of the primary concerns for product teams catering to developer audiences. Simply put, DX encompasses all the perceptions and feelings a developer experiences when engaging with a product or tool. But what makes great DX? And is it really that important? (Yes!)

This talk focuses on how to inject great developer experience into your design and strategy, ensuring developers love your products for years to come.

Get ready. After her keynote on DX, Emily will engage in a fireside chat with Marc Dillon. Prepare your questions.

Emily Freeman is a technologist and a storyteller who helps engineering teams improve their velocity. She believes the biggest challenges facing developers aren’t technical, but human. Her mission in life is to transform technology organizations by creating company cultures in which diverse, collaborative teams
can thrive.

Emily is the author of DevOps for Dummies and Head of Community Engagement for AWS. Her experience spans both cutting-edge startups and some of the largest technology providers in the world.
Emily Freeman

Simon Wardley

Senior Researcher at DXC Technology

Situation Normal, Everything Must Change

In this talk, with the aid of Wardley Mapping, we will look at the history of cloud, the rise of serverless and the future of conversational programming.

Simon works as a researcher for DXC, best known for the creation of Wardley Mapping. He is a passionate advocate and researcher in the fields of open source, commoditisation, innovation and cybernetics . He is also fond of ducks. As he says "they're fowl but not through choice".
Simon Wardley

Martin Woodward

VP Developer Relations at GitHub

The Future of Building

In this session, Martin Woodward takes us for a quick look back over the recent history of software development and then looks forward to what the future of delivering software will look like. How will AI change how we build, monitor and deploy? He will show what part the culture of your organization has to play and what are the most important things you can be doing now to prepare your business for the rapid changes we will be seeing in the next 5 years.

Martin is the Vice President of Developer Relations at GitHub where he helps developers and open source communities to create delightful things. Prior to that he was part of the team at Microsoft building the tooling for DevOps teams inside and outside the company where he helped change how the company built software, by helping them change how they work with open source communities and how they talk with developers.
Martin Woodward

Liz Rice

Chief Open Source Officer at Isovalent

Keynote: DevOps Superpowers with eBPF

eBPF is a revolutionary technology in the Linux kernel that provides the platform for a new generation of networking, observability, and security tools. In this talk, you’ll learn why it’s so powerful and why it’s generating so much excitement in the cloud native world.

FIRESIDE CHAT: eBPF for security

Andy Allred, Lead DevOps Consultant at Eficode, will chat with Liz about eBPF for security. Prepare your questions, it's an interactive session!

Liz Rice is Chief Open Source Officer with eBPF specialists Isovalent, creators of the Cilium cloud native networking, security and observability project. She is on the Board of OpenUK, and was Chair of the CNCF's Technical Oversight Committee in 2019-2022, and Co-Chair of KubeCon + CloudNativeCon in 2018. She is also the author of Container Security, published by O'Reilly.

She has a wealth of software development, team, and product management experience from working on network protocols and distributed systems, and in digital technology sectors such as VOD, music, and VoIP. 

Liz Rice

Marko Klemetti

CTO of Eficode

Today’s DevOps in the automotive and embedded world

As DevOps is maturing, it has naturally expanded into improving Development Experience, reducing cognitive load, integrating Security and lately, building Platform Engineering as a new kid on the block.

In this talk, you'll learn about the journey of modern DevOps from the automotive and embedded development perspective. I'll share learnings from actual cases.

Marko is the CTO of Eficode. He is also a founder and advisor in many tech startups. Marko is a passionate programmer who believes that design systems and continuous deployment are the enablers of a modern development organization.
Marko Klemetti

Angela Timofte

Director of Engineering at Trustpilot

Scaling Trust: How Event-Driven Architecture Empowered Trustpilot's Growth

The Internet has the remarkable ability to connect people, but establishing trust in online interactions requires the right tools and information. This is where Trustpilot comes in. Founded in 2007 with a vision to create an independent currency of trust, Trustpilot needed to handle the increased traffic volume as demand grew.

In this session, we will explore how Trustpilot utilized event-driven architecture on AWS to scale while maintaining a high level of trust and transparency. The overview provides insights into Trustpilot's journey to build a secure and reliable platform on AWS that has earned the trust of millions of consumers and businesses worldwide.


Angela is a Director of Engineering at Trustpilot with a successful track record of growing and leading teams to ensure the delivery of high-quality customer-facing products on scalable infrastructure. Based in Copenhagen, Denmark, Angela was awarded the Nordics Developer of the Year in 2020 and was recognised as an AWS Severless Hero. Passionate about serverless technologies and data, Angela enjoys knowledge-sharing, coaching and public speaking and is also considered one of Trustpilot's high-performance, 'All Star' leaders. An advocate for raising awareness about equality, diversity and inclusion within the tech industry, she also regularly organises a community meet-up for Engineers and Developers in Copenhagen.

Gunnar Grosch

Sr. Developer Advocate at Amazon Web Services (AWS)

Scaling Trust: How Event-Driven Architecture Empowered Trustpilot's Growth

The Internet has the remarkable ability to connect people, but establishing trust in online interactions requires the right tools and information. This is where Trustpilot comes in. Founded in 2007 with a vision to create an independent currency of trust, Trustpilot needed to handle the increased traffic volume as demand grew.

In this session, we will explore how Trustpilot utilized event-driven architecture on AWS to scale while maintaining a high level of trust and transparency. The overview provides insights into Trustpilot's journey to build a secure and reliable platform on AWS that has earned the trust of millions of consumers and businesses worldwide.


Gunnar is a Senior Developer Advocate at Amazon Web Services (AWS) based in Sweden. He has previously worked as both a frontend and backend developer, as an operations engineer within cloud infrastructure, and as a technical trainer, in addition to several different management roles. Gunnar is also deeply involved in the developer community by organizing User Groups, Meetups, and conferences in the Nordics.

Stephen Walters

Field CTO at GitLab

Inspecting the flow of Value Streams

The 3 Pillars of Empiricism are Transparency, Inspection and Adaptation. This means working in a fact-based, experience-based, and evidence-based manner as defined by the DevOps Institute. When inspecting the performance of delivery in your value streams, are you looking at the results subjectively or objectively? Is it based on feelings or facts? This presentation will define the measures we should inspect, how we should inspect and when is the best opportunity to do so, demonstrated using examples from GitLab.

Learning points:

  • What are the typical measures for the flow of value?
  • How to inspect value?
  • When is the optimal opportunity to inspect?'
Stephen has been in the IT industry for over 30 years and is an extensively experienced Subject Matter Expert in Value Stream Management, DevSecOps, DevOps, ALM, SDLC and IT4IT, with management & consultancy experience across end-to-end IT disciplines. Currently also operating as an Ambassador for the DevOps Institute and an Influencer in the Value Stream Management Consortium, he has an interest in all things DevOps.

Certified in Value Stream Management, DevOps, SAFe, CMMI, ITIL, TOGAF and Prince2, Stephen is currently implementing leading edge thinking into Value Stream Management at GitLab to enhance the complete DevOps experience.

Stephen Walters

Steve Giguere

Developer Advocate with Prisma Cloud

What I Learned About Supply Chain Security!

Our journey to open source and GitOps heaven has exposed new security challenges as our CI platforms are exposed to the outside world. In this talk we'll look at a journey that started as an attack on our own GitHub Actions workflows. From there we'll show how simple misconfigurations or straight up bad practices in GitHub can leave a supply chain wide open to attackers.

Steve is enjoying life as a Developer Advocate with Prisma Cloud (by Palo Alto) specialising in Cloud Application and Infrastructure Security Automation, establishing DevSecOps best practices for enterprise CI/CD pipelines.
Steve Giguere

Nathen Harvey

Developer Advocate at Google - DORA

The State of DevOps - Capabilities for Building High-performing Technology Teams

Technology drives value and innovation. At Google, we have learned a lot about what it takes to build and scale high-performing technology teams. Our own experience, combined with a multi-year research program by the DevOps Research and Assessment (DORA) team, can be used to help your team transform.

Spoiler alert: The best teams focus on getting better at getting better. You can do this, too!

Nathen Harvey has built a career on helping teams realize their potential while aligning technology to business outcomes. Nathen has had the privilege of working with some of the best teams and open source communities, helping them apply the principles and practices of DevOps and SRE. He is part of the Google Cloud DORA research team and a co-author of the 2021 and 2022 Accelerate State of DevOps Reports. Nathen was an editor for 97 Things Every Cloud Engineer Should Know, published by O’Reilly in 2020.
Nathen Harvey

Amanda Lewis

Developer Advocate at Google - DORA

The State of DevOps - Capabilities for Building High-performing Technology Teams

Technology drives value and innovation. At Google, we have learned a lot about what it takes to build and scale high-performing technology teams. Our own experience, combined with a multi-year research program by the DevOps Research and Assessment (DORA) team, can be used to help your team transform.

Spoiler alert: The best teams focus on getting better at getting better. You can do this, too!

Amanda Lewis is the DORA community Development Lead and a developer advocate with Google Cloud, focused on DORA, DevOps, and Developer Productivity.   

Amanda has spent her career building connections across leadership, developers, product managers, project management, and operators through working on teams that developed e-commerce platforms, content management systems, observability tools, and supported developers. These connections and conversations lead to happy customers and better outcomes for the business. She brings her years of experience and empathy to the work that she does helping teams understand and implement DevOps and reliability practices.

Amanda Lewis

Dave Farley

Author, Youtuber and Managing Director of Continuous Delivery Ltd

Fireside chat

Andy Allred, LeadDevOps consultant at Eficode, will chat with Dave about the 2022 State of DevOps report and software architecture. Prepare all your questions for Dave!

Dave Farley, is the managing director and founder of Continuous Delivery Ltd and Creator of the Continuous Delivery YouTube Channel. Dave is co-author of the best-selling Continuous Delivery book. His latest book is also a best seller. Modern Software Engineering describes a coherent, foundational and durable approach to effective software development,  for programmers, managers and technical leads, at all levels of experience. He is one of the authors of the Reactive Manifesto and a winner of the Duke Award for the open source LMAX Disruptor project.
Dave is a pioneer of Continuous Delivery, thought-leader and expert practitioner in CD, DevOps, TDD and software design, and has a long track record in creating high-performance teams, shaping organisations for success, and creating outstanding software.
Dave is committed to sharing his experience and techniques with software developers around the world, helping them to improve the design, quality and reliability of their software, by sharing his expertise through his consultancy, YouTube channel, books and training courses.

Sasha Rosenbaum

Principal at Ergonautic

Making DevOps Valuable

In the past decade, most organizations have invested in DevOps, and by now many of those efforts have failed to meet expectations of the executive sponsors. Organizations have brought in the latest and greatest tools and often sped up their development process without seeing a clear benefit. Some invested in culture only to see collaboration wane and any progress stall. The DevOps pendulum swings between focus on technology and culture. The buzzwords, rituals, and tools keep changing, but the results often seem to worsen over time.  

Optimizing any one part of a system is often suboptimal for the whole system. The goal should never be to adopt but to adapt to the opportunities and challenges of our organizations, but what are those? This talk will give attendees a framework to analyze the flow of work through their unique sociotechnical system, to understand the specific flow of value and propose metrics to identify and prioritize iterative improvements. The presentation will be technology agnostic but will focus on mapping capabilities that appropriate technical tools and skills should achieve together.

Sasha is Principal at a new venture, Ergonautic.

With a degree in Computer Science, an MBA, and two decades of experience across development, operations, product management, and technical sales, Sasha Rosenbaum brings a unique perspective to optimizing the organizational flow of work, bridging gaps with empathy and insight.

Sasha Rosenbaum

Nishant Roy

Engineering Manager at Pinterest

Incident Management

Keeping your systems up and running is the ultimate quest. However, eventually, something will go wrong. Learn about how to run an effective incident management program to minimize your downtime and maintain a strong culture of engineering excellence!

Nishant Roy is the Engineering Manager for the Ads Serving Platform team at Pinterest. His team owns the infrastructure used by 100+ engineers across several teams to develop the models, products, and algorithms that power a multi-billion dollar ad business.
Nishant Roy

Lesley Cordero

Staff Software Engineer, Tech Lead at The New York Times

Psychologically Safe Reliability Management

Psychological safety is particularly important for teams that manage service reliability. The vulnerability that comes with mitigating failures in production requires principles of trust, transparency, and inclusion that can only come from cultures that minimize harm and enable empowerment.

Cultivating this kind of culture requires leaders to think proactively about how to build processes and systems that enable teams to be healthy, productive, and effective, while being adequately prepared for situations when failure inevitably happens.

We’ll review the cultural consequences of chronic issues and the strategies we can use as leaders to align with our shared goal of building excellent teams. We’ll touch upon themes of privilege, power, and accountability.

Lesley Cordero is currently a Staff Software Engineer, Tech Lead at The New York Times. She has spent the majority of her career on edtech teams as an engineer, including Google for Education and other edtech startups.

In her current role, she has focused on building excellent teams and reliability management by setting org-wide vision & strategy for observability, improving on-call processes, introducing chaos engineering, and cultivating culture that builds with the most vulnerable employees in mind first. She shows care for others by holding them accountable to the best versions of themselves – and by buying them the occasional bubble tea.

Lesley Cordero

John Willis

Distinguished Researcher at Kosli

Software Supply Chain: The Missing Links
There has been an increased focus on security and software delivery in the past few years. Most of the attention has been focused on vulnerabilities in software libraries and dependencies. Despite its necessity, this narrow focus is insufficient. As a result, many other attack vectors in the software supply chain are still at risk. As part of this presentation, we will discuss how a robust automated governance model based on Modern Governance considers these additional risks. The primary focus of this session will be on securing API development, workflow and operations.


Join Lauri Palokangas from Eficode in a chat with John Willis on Investment Unlimited, the recent book he co-authored. John will share the story behind this bestselling novel about DevOps, Security, Audit Compliance, and Thriving in the Digital Age.

John Willis has worked in the IT management industry for more than 35 years. Currently he is an Evangelist at Docker Inc. Prior to Docker, Willis was the VP of Solutions for Socketplane (sold to Docker) and Enstratius (sold to Dell). Prior to to Socketplane and Enstratius Willis was the VP of Training & Services at Opscode where he formalized the training, evangelism, and professional services functions at the firm. Willis also founded Gulf Breeze Software, an award winning IBM business partner, which specializes in deploying Tivoli technology for the enterprise. Willis has authored six IBM Redbooks for IBM on enterprise systems management and was the founder and chief architect at Chain Bridge Systems.


Myles Ogilvie

Co-author of Sooner Safer Happier

Reimagining Risk & Control in a Rapidly Changing World

In today’s online world data leaks are the new oil spills. Managing risk is a commercial imperative. Continuous change requires continuous risk management and a re-imagination of how to improve outcomes. A new level of transparency is achieved and unexpected conversations with a broader range of business stakeholders opens up. Baking business agility principles into your governance and controls approach is a ninja move to enabling better outcomes!

Based on hands-on experience of introducing new ways of working within regulated financial institutions Myles Ogilvie will present patterns for improving Governance, Risk and Compliance capabilities in order to support the delivery of Better Value Sooner Safer Happier.

Myles Ogilvie, co-author of Sooner Safer Happier, applies lean and agile principles to risk management in the product development process. He brings deep experience of leading Ways of Working initiatives and a career in the financial services industry. Realigned governance and control approaches are now in operation at scale across 10,000’s of colleagues. Myles is a passionate advocate of patterns that can foster a safer, leaner, and more innovative controls culture.
Myles Ogilvie

Andrew Rynhard

CTO of Sidero Labs, and creator of Talos Linux

Fireside chat: How to run super secure Kubernetes on-prem, hybrid, edge, or anywhere

Join Andy Allred, Lead DevOps consultant at Eficode, in a chat with Andrew Rynhard on how to run super secure Kubernetes on-prem, hybrid, edge, or anywhere.

It's an interactive session, bring up your own questions!

Andrew Rynhard is the founder and CTO of Sidero Labs, and creator of Talos Linux. Prior to Sidero Labs, Andrew worked as an SRE designing and maintaining Kubernetes Clusters for Virtustream, and LogicMonitor. Andrew has been a long time open source contributor, with contributions to Kubernetes projects such as kubeadm and bootkube.
Andrew Rynhard

Sharon Goldberg

Researcher and CEO of BastionZero

How to MFA in 2023

After breaches at Okta, Uber, and Dropbox, it’s clear that hackers are coming after our Multi-Factor Authentication (MFA).

This talk covers these 2022 breaches, explains the crypto behind different MFA systems (TOTP, yubikey, Webauthn), and suggests ways to protect your org in the face of inevitable MFA attacks in 2023.

Dr. Sharon Goldberg is the CEO and co-founder of BastionZero, an infrastructure cybersecurity startup, and a tenured computer science professor at Boston University. She has taught courses in cybersecurity for over a decade and has published over 30 peer-reviewed research papers on infrastructure security and cryptography. She is a contributor to BGP, NTP, DNS, Bitcoin, Ethereum standards, has authored cryptography standards at the IETF, and was one of the researchers behind the 2015 attacks on NTP. Lately, she spends most of her time thinking about shell access, Kubernetes and CI/CD pipelines.
Sharon Goldberg

Romano Roth

Chief of DevOps and Partner at Zühlke Group

How to architect for continuous delivery?

In today’s world, everybody wants to do DevOps. But why? What problems are we trying to solve? Together we will take a step back and look at how you can architect for continuous delivery.

In the 20 years where he worked as a software developer, software architect, and consultant for Zühlke, he was able to build up a comprehensive knowledge of software development, architecture, and processes. He has worked with a variety of platforms and technologies, consulting in the sectors of financial, insurance, cyber security, electricity, medical, and aviation. His passion is helping companies bring people, processes, and technology together so that they can deliver continuously value to their customers.

In his free time, Romano is organizing the DevOps Meetups Zürich where the DevOps community of Zürich meets together on a monthly basis. He also organizes the DevOps Days Zürich which is a yearly two-day conference.

Romano Roth

Javier Arias Losada

Senior Software Engineer at Spotify

Learnings from building a distributed cache platform at Spotify

During the last months, at Spotify we’ve been building a Cloud distributed cache service with sharding and replication running in Kubernetes. Client services use our own custom Java library on top of the opensource spotify/folsom Java memcached client.

The aim of this project was twofold: reducing costs and improving the developer experience+productivity. Now the service is serving literally millions of requests per second for some tens of microservices… but the road has been bumpy at times.

Javier Arias Losada is a senior software engineer at Spotify working in the core infrastructure platform area.

In technology matters, transitioned from a fashion victim, jumping to anything trendy or interesting to a more pragmatic getting-things-done attitude, valuing more the challenges than the tools. Might it be the age?

Loves traveling and always moves around using his beloved-old bike. A father of two, who enjoys investing time with friends and family.
Javier Arias Losada

Travis Gosselin

Distinguished Software Engineer at SPS Commerce

Unleashing Deploy Velocity with Feature Flags

A lot of development teams have built out fully automated CI/CD pipelines to deliver code to production fast! Then you quickly discover that the new bottleneck in delivering features is their existence in long-lived feature branches and no true CI is actually happening. Feature flags provide you with the mechanism to reclaim control of your features and deployments.

In this talk, we'll get started with some of the feature flagging basics before quickly moving into some practical feature flagging examples that demonstrate its usage beyond the basic scenarios as we talk about UI, API, operations, migrations, and experimentation.

Travis is an accomplished software developer, architect, and speaker. A tech enthusiast and blogger, Travis finds his niche in architecting and working with teams to compose highly automated service-oriented systems both in the cloud and on-premise. Travis currently works as a Distinguished Software Engineer for SPS Commerce, the world's largest retail network. He has a strong focus on continually learning new architectures and development patterns across different stacks and technologies but has a special place in his heart for Developer Experience and Productivity.

Travis Gosselin

Cecelia Martinez

Developer Advocate for Appflow at Ionic

Customizing your CI/CD for Mobile

Traditional CI/CD doesn’t begin to cover the specific complexities of mobile deployments. Learn what makes building, shipping, and maintaining mobile apps different from the web and how to customize your existing CI/CD infrastructure to accommodate releases on all platforms.

Cecelia Martinez is a Developer Advocate for Appflow at Ionic. She is dedicated to creating better, more inclusive developer experiences for all. Previous companies include Cypress and Replay, with areas of expertise including web development, testing, developer tools, and open source.

She is a Lead Volunteer with Women Who Code FrontEnd, Chapter Head of Out in Tech Atlanta, and a GitHub Star.

Cecelia Martinez

Paweł Piwosz

Lead Systems Engineer at EPAM Systems

Plan CI/CD on the Enterprise level

CI/CD seems to be simple. But let’s take a step back, and look at it from a helicopter view. Let’s think about the design CI/CD processes for the project, team, and even the whole company. Let’s go through the “architecture of CI/CD.” What areas should we cover? How to talk with stakeholders about CI/CD when we design the backbone of DevOps-driven organization?


More than 10 years ago, we developed the term DevOps. Today, we see many different mutations like DevSecOps, DevQaOps, DevTestOps, and even more.

Are those names valid? Mean something? Do those terms really fit the DevOps culture? How much Agile is in DevOps today? Let’s find out!


DevSecOps, DevQaOps, DevTestOps... Are those names valid? Mean something? Do those terms really fit the DevOps culture? How much Agile is in DevOps today?

Join the discussion with Paweł and hear what your peers have to say.

Pawel is a DevOps Institute Ambassador, a CD Foundation Ambassador, and an AWS Community Builder. His focus is on CALMS. He is building better understanding of DevOps as a driver for the organization. And currently, he is leading the DevOps and Cloud Academy at EPAM Systems Poland, where we are shaping new engineers to be professionals. He is devoted to Serverless and CI/CD.
Paweł Piwosz

Peter Murray

Principal Technical Architect at GitHub

Interactive Demo: Secure coding with GitHub and a Copilot

Learn about building a DevSecOps workflow using GitHub, Codespaces and a Copilot to ship changes fast and securely.

Peter Murray

Dan Bennett

Director of Engineering at Sentry

You Build It, You Run It = Empowering Devs

When an application crashes or a page doesn’t load, who is on the hook for fixes? In many organizations, the responsibility is often put on the operations or reliability teams — but is that how it should be?To uncover the preferred culture of modern-day developers, Sentry surveyed DevOps specialists and site reliability engineers worldwide, to get a better understanding of their biggest challenges, headaches, and time sinks. In this session, we will discuss findings from the survey, the real preferred ownership model for engineering teams, and how Cloudflare built a culture of autonomy to empower its modern teams.

Dan Bennett is currently the Director of Engineering at Sentry. Having worked in the industry for the past 25 years, he started his career as a software engineer and eventually moved into overseeing Operations as a Service. Having experienced organizations with poor communications practices between teams, he has been committed to formalizing and improving the handoffs between infrastructure and product engineering teams.
Dan Bennett

Sachin Fernandes

Tech Lead at Cloudflare

You Build It, You Run It = Empowering Devs

When an application crashes or a page doesn’t load, who is on the hook for fixes? In many organizations, the responsibility is often put on the operations or reliability teams — but is that how it should be?To uncover the preferred culture of modern-day developers, Sentry surveyed DevOps specialists and site reliability engineers worldwide, to get a better understanding of their biggest challenges, headaches, and time sinks. In this session, we will discuss findings from the survey, the real preferred ownership model for engineering teams, and how Cloudflare built a culture of autonomy to empower its modern teams.

Sachin is currently a technical lead at Cloudflare and is passionate about all-things software.

Sachin Fernandes

Gerie Owen

Lead Quality Engineer at ZS

Reimaging the Role of Testing in DevOps; It’s a New Mindset

The transition to DevOps requires reimagination; both to the test process and to the role of the tester. This dual reimagination requires a new mindset and a commitment to quality from all members of the DevOps team. Continuous testing, increasing both velocity and quality by optimizing the test process to focus on mitigating business risk is the new foundation of the test process. 

The new role of the tester must focus on the unique skills that a tester brings to the team. 
In this session, we’ll explore new approaches to both the role of the tester and the test process. We will look at ways to reimagine the testing process through the collaboration of all team members and their commitment to quality. Finally, we will suggest a framework for aligning test activities in ways that make the best use of the individual skills of each team member.
Gerie Owen is a Lead Quality Engineer at ZS. She is a Certified Scrum Master, Conference Presenter and Author on technology and testing topics. She enjoys analyzing and improving test processes and mentoring new Quality Engineers as well as bringing a cohesive team approach to testing. Gerie is the author of many articles on technology including Agile and DevOps topics. She chooses her presentation topics based on her experiences in technology, what she has learned from them and what she would do to improve them. Gerie can be reached at gerie@gerieowen.com
gerie owen

Francesco Beltramini

Security Engineering Manager at ControlPlane

Untrusted Execution: Attacking the Cloud Native Supply Chain
Should we trust the code we run in production? Not if a motivated attacker can compromise our system’s complex supply chains. While hardened runtimes and detection can mitigate some zero day attacks, malicious internal threat actors and software implants are much harder to detect. 
Supply chain security looks to address some of these concerns, but with so many signing options available to us, what do we really care about? Our source code, open source dependencies, CI/CD, built containers, vendor software — or the hardware and operating systems we run on? Securing the whole supply chain is a non-trivial task, and requires consideration at all of these levels. 
In this talk we:
- Undertake a risk-based threat model of supply chain attacks against our systems
- Compare the open source supply chain security controls available to us
- Examine trusted execution environments and their security properties
- Propose a solution for end-to-end supply chain security
Francesco is a Security Professional with 10+ years of working experience and deep technical competence matured on a number of high-end projects for both public and private sector organizations. Francesco had the opportunity of working on a variety of technology stacks in designing and implementing complex security architectures in both the IT and OT spaces, from Cloud to mission-critical/safety-critical/high-assurance infrastructure. Francesco does enjoy to manage teams of highly-skilled security professionals, setting and implementing security objectives, strategy and culture.
Francesco Beltramini

Changying (Z) Zheng

Principal DesignOps Manager at Cloudflare

Leveraging Jira to expose Product Design Process, and facilitate cross-functional collaboration
Jira is not your friendly tool? Have you had a hard time with designers adopting Jira?
For developers, Jira is a popular tool to track progress and surface bugs. In addition, PMs use Jira to explain business goals and set quarterly product shipping targets. So why is there a hard time getting designers to adopt Jira as a tool?
It is not about the tool but understanding each discipline, how we work and collaborate, and how we approach problems differently.

In this talk, I would like to share our journey working with the designers and IT to update our Jira design ticket. Some simple updates can facilitate the conversation between all disciplines in a balanced team. It doesn't matter how many designers we have to work with and whether the design org stands on its own or reports to the product org, or, in some cases, reports to the engineering org. The team will deliver value when we make the tools work for people. DesignOps can bridge the gap and make it happen.
Z leads DesignOps for Cloudflare—a global network and security company. She is passionate about improving the lives of those she works with daily. Prior to joining Cloudflare, Z led design teams in-house and at design consultancy firms. In addition, Z has a background in EdTech and spent her time teaching and mentoring the next generation of designers.

Adriaan Knapen

DevOps Consultant at Eficode

Interactive demo: Outsource your Continuous Delivery Pipeline by Deploying Directly from Source-Code

Before any line of written code creates business value, we first need to deploy it. As a result, we have re-invented the Continuous Delivery-wheel time after time again.

However, many applications have source code which is structured rather similar. These similarities have allowed specialized tooling and platforms to emerge which offer reusable delivery pipelines. These products allow deploying straight from source code with minimal configuration needed. In turn, they offer completely managed and hardened continuous delivery pipelines, which relieves you from doing unnecessary undifferentiated heavy lifting.

In this interactive demo, we will together go from zero to a fully working continuous delivery pipeline for a web app on several different platforms. Showing you how powerful, frictionless and empowering their features can be.

Adriaan is a DevOps Consultant at Eficode where he helps clients improve their development processes and build value-adding software. He specializes in cloud technologies, modern web development technologies, and optimizing developer tooling experiences. If he’s not using his free time to read HackerNews or fiddle with bleeding-edge technology, he likes to spend time in the kitchen and at the gym.
Adriaan Knapen

Kalle Mäkelä

DevOps Lead at Sensible 4

Fire side chat: GitOps - the heart of software development in the automotive industry

GitOps is revolutionizing the way we deliver software in the automotive industry. However, there are a number of things to resolve to make it work in the real world. GitOps cannot be “inserted” into an existing system, but instead, it should be the driving force of the SW/HW architectural, operational, and business decisions.

Kalle drives change wherever he goes. He is on an undying mission to clear any obstacle and build any bridge to get his teams where they yearn to be. Today he is building autonomous vehicles because he wants to be there where the change for the better is done. His role is DevOps Lead, but he takes development and operations to the core of what they represent, which usually means how the whole company and even the suppliers work and think!
kalle makela

Sohan Maheshwar

Senior Developer Advocate at AWS

Architecting in the Cloud for Sustainability

Efficiency in every aspect of cloud infrastructure can accelerate the sustainability of your workloads through optimization and informed architecture patterns.

This session will dive deeper into Sustainability techniques for your cloud workloads and provide direction on reducing the energy and carbon impact of your cloud architectures. The talk will also cover user patterns and software design that customers of any size can apply to their workloads. Let’s build a greener future together!

Sohan is a Senior Developer Advocate based out of Amsterdam, Netherlands. He is deeply passionate about emerging technologies and how it is shaping the world around us. He frequently works with developers in startups, ISVs, and enterprises on their cloud strategy. He previously worked as an Alexa Evangelist at Amazon, and has been in the developer relations space since 2013.
Sohan Maheshwar

Matt Johnson

Developer Advocate at Prisma Cloud

Supply chain best practices, AKA, Easy things to improve your cloud security posture

Secure infrastructure, secure pipelines, secure dependencies, secure code, oh my! None of these alone will provide security, with attackers always looking for the weakest part of the system.Before you throw in the towel, join us as we step through risks from code to runtime, and look at super simple steps which can be taken to give ourselves a much healthier security posture!

Matt is a Developer Advocate for all things cloud security and open source at Prisma Cloud (part of Palo Alto). Hobbyist pentester, network and container geek, he specialises in Cloud Infrastructure and developer ecosystem security.
Matt Johnson

Nigel Budd

Head of the Solution Architects team at Clearvision (now part of Eficode)

Escaping Water-Scrum-Fall

Water-Scrum-Fall is prevalent in software development, often organisations are stuck in a rut unable to escape from this way of working.  This session discusses the effect on productivity that this way of working has on an organisation and approaches to help organisations break out.

Nigel is Head of the Solution Architects team at Clearvision (now part of Eficode). His role is to coach teams on delivering value more rapidly within a culture of experimentation, learning, and relentless improvement.
Nigel Budd

Mario Di Francesco

Professor at Aalto University and Senior DevOps Consultant at Eficode

Panel discussion: DevOps and Platform Engineering

How does building internal developer platforms support DevOps? What are the advantages and the challenges in their adoption? What is their impact on culture and ways of working?

Join our discussion with panelists: Bjørn Hald Sørensen (Head of Technology at Lunar), Tuomas Leppilampi and Dan Grøndahl Glavind (DevOps consultants at Eficode).

Take part in the discussion and bring up your own questions and comments.

Mario Di Francesco is a professor in software systems with the Department of Computer Science at Aalto University and a senior DevOps consultant at Eficode. He has more than 15 years of experience with network systems and software technologies, from wireless communications to mobile and distributed computing. He has also been teaching courses on cloud software and DevOps.
mario di francesco by photographer Jaakko Kahilaniemi

Nataliya Remez

Director of Platform Engineering at PayPal

Lightning talk: How to scale your business in the cloud in a sustainable way

Today, more than 200 global organizations have signed The Climate Pledge and are pursuing ambitious carbon-reduction activities, including operational changes in the race to fight climate change and switch to renewable sources of energy. In this short talk we will explore how to continue scaling your business in the cloud while keeping track of minimising carbon footprint and energy consumption.

Nataliya started her career as a software engineer back in 2005. She experimented with different roles in tech and spent most of her career working in distributed cross-functional teams, building products that customers love. Nataliya has broad experience managing teams and operations in small startups as well as coaching teams in mature corporate environments.

Currently, Nataliya is leading Platform Engineering teams at PayPal. She was one of the early adopters of Continuous Delivery and DevOps culture and believes that the best way to succeed is to build a team of passionate people who care about each other and work on shared outcomes in a self-organised way.

Nataliya Remez

Sofus Albertsen

DevOps Consultant, Trainer & Team Lead at Eficode

Lightning talk: We all need to practice more SLSA

When buying food in the supermarket, there are a variety of regulations on what information the producer is required to give us. Yet, we serve our software without any "nutritional information" or ingredient list. This means that your customers have to "just trust" you. But in the last years, software supply chain attacks have shown that we need to make trust in security an integral part of our release.

In this lightning talk, I will introduce SLSA (Supply-chain Levels for Software Artifacts) and show the first easy steps you can take to enhance your security and ability to reproduce.

Sofus is a DevOps team lead at Eficode in  Copenhagen. He helps clients ship software faster to their customers by upskilling their teams in subjects like CI/CD, artifact management, and container applications. Before joining Eficode, he was an assistant professor in an Applied Science Bachelor program.

Ixchel Ruiz

CD Foundation Ambassador and DA/DX at Jfrog

Lightning talk: DevOps for Java developers

In recent years, how we approach development has dramatically changed with the rise of DevOps, Cloud Computing, and Container technologies. Many stakeholders at our organizations are ecstatic about Shift Left, DevSecOps and VSM, but how are we as Java developers embracing this new cultural shift? In this session we will explore the most common Critical Challenges to Adopt DevOps Culture in Software Organizations, best practices and some excellent news with success stories.

Ixchel Ruiz has developed software applications and tools since 2000. Her research interests include Java, dynamic languages, client-side technologies, DevSecOps, and testing. A Java Champion, Groundbreaker Ambassador, SuperFrog, Hackergarten enthusiast, open source advocate, public speaker, and mentor, Ixchel travels around the world (sometimes virtually) sharing knowledge—it’s one of her main drives in life.
Ixchel Ruiz


Marc Dillon

Marc Dillon

Lead Consultant, Transformations at Eficode

Conference host

Marc is fascinated with inspiring others and loves how peer-to-peer education makes us a wiser community.


Pinja Kujala

Agile and Product Management coach at Eficode

Conference host

Curiosity is one of Pinja's strongest motivators and she has a strong passion for seeking understanding of people and the surrounding world.


Vilma Pohjonen

DevOps Consultant at Eficode


Vilma connects people, processes and technology. She is passionate about delivering value to end users and embracing the human element of DevOps.

Ville Vartiainen

Ville Vartiainen

DevOps consultant at Eficode

CI/CD Track host

An enthusiastic visionary and a practitioner of both DevOps and Design. Ville is committed to keeping the user at the center of things and working towards a future where technology delights people and helps us work smarter.

Julia Aalto

Julia Aalto

Scrum Master at Eficode

Interactive track host

Passionate about helping people to reach their goals and to release their full potential. Interested in team dynamics, communication, human mind and coffee.

Tuomas L

Tuomas Leppilampi

Lead Transformation Consultant at Eficode

Developer Experience track host

A digital transformer aiming to balance the triangle of business, culture and technology, Tuomas wants to support companies and people in forming the future of software development and delivery. 

Darren Richardson

Darren Richardson

Security Architect at Eficode

Dev*Ops track host

Cyber-security specialist and giant with a great bushy beard. Darren Richardson works to develop the architecture of DevOps & supply chain security, and is the result of crossing an InfoSec nerd with a brown bear who just awoke from hibernation.

mauno-profile (1)

Mauno Ahlgren

Business Architect at Eficode

Interactive track host

Mauno has been working with a wide variety of companies and is passionate about making sure the processes, people, technologies and practices go all hand-in-hand.