devopsdays · nimbinatus · Feb 16, 2026 · Feb 4, 2026 · Feb 14, 2026 · Feb 14, 2026
@@ -0,0 +1,10 @@
++++
+Talk_date = ""
+Talk_start_time = ""
+Talk_end_time = ""
+Title = "The 'DevSecOps' Angle: State Management and Compliance with Terraform"
+Type = "talk"
+Speakers = ["adeola-adeniji"]
++++
+
+As cloud environments grow, the greatest threat to security is often "Configuration Drift"—untracked, manual changes made directly in the cloud console that bypass security protocols. This workshop provides a hands-on deep dive into the DevSecOps methodology for maintaining infrastructure integrity using Terraform.  Moving beyond basic provisioning, participants will explore how to use Terraform as a governance engine. We will cover the creation of "Secure-by-Default" modules that utilize built-in validation to block insecure configurations—such as open SSH ports—before they are ever deployed. The core of the session focuses on the "Drift-and-Recovery" cycle: students will intentionally simulate "rogue" manual changes in the cloud console and learn how to use Terraform’s state management to detect, alert, and automatically revert infrastructure back to a compliant state. By the end of this workshop, students will understand how Infrastructure as Code acts as the ultimate "Source of Truth," ensuring that company security policies are not just documented, but programmatically enforced.
@@ -0,0 +1,10 @@
++++
+Talk_date = ""
+Talk_start_time = ""
+Talk_end_time = ""
+Title = "Vibe UX: Prototyping at the speed of thought"
+Type = "talk"
+Speakers = ["dave-westgarth"]
++++
+
+This talk explores how AI-powered vibe coding tools are transforming Lean UX and Agile delivery. The session re-examines Lean UX principles and shows how Vibe UX collapses the distance between idea and product, creating radically faster feedback loops and enabling instant experimentation. It covers where this approach shines (and where it backfires), practical safeguards, implications for Agile teams, and how Vibe UX tools let anyone prototype, test, and learn in real time finishing with a practical toolkit and a call to action: start vibing, and amplify both learning and value in your team.
@@ -0,0 +1,10 @@
++++
+Talk_date = ""
+Talk_start_time = ""
+Talk_end_time = ""
+Title = "Survival of the curious: Continuous learning in the age of AI"
+Type = "talk"
+Speakers = ["dave-westgarth"]
++++
+
+The half-life of skills was already shrinking but the emergence of modern AI has accelerated that change. Frameworks and certifications that once defined a career path have now fallen out of favour and the most valuable skill for learners today is the ability to learn, unlearn, relearn and build adaptive habits that AI can't replace. In this session, we’ll explore how delivery professionals can future-proof themselves by embracing curiosity, building AI fluency, and shifting from knowledge-hoarding to sense-making. We'll cover practical strategies, real-world examples, and a fresh perspective on how curiosity can become your career’s greatest insurance policy.
@@ -0,0 +1,10 @@
++++
+Talk_date = ""
+Talk_start_time = ""
+Talk_end_time = ""
+Title = "Introduction to intellectual property rights for devops engineers"
+Type = "talk"
+Speakers = ["dr-suki-sandhu"]
++++
+
+This lecture introduces core intellectual property rights through the lens of everyday DevOps work. We will outline the main IP categories relevant to DevOps engineers—copyright, patents, trade marks and trade secrets—and show how they apply to code, configuration, automation, and documentation in a European context.
@@ -0,0 +1,10 @@
++++
+Talk_date = ""
+Talk_start_time = ""
+Talk_end_time = ""
+Title = "Best practices and benefits of intellectual property rights for devops engineers"
+Type = "talk"
+Speakers = ["dr-suki-sandhu"]
++++
+
+This workshop equips DevOps engineers with essential best practices for leveraging intellectual property (IP) rights to safeguard innovations in pipelines, infrastructures, and automation tools. Participants will explore copyright for scripts and configurations; patents for new DevOps processes; trade secrets for proprietary platforms, and trademarks for internal tools. Key benefits include preventing ownership disputes with contractors and mitigating open-source license risks in deployments.
@@ -0,0 +1,122 @@
++++
+Talk_date = ""
+Talk_start_time = ""
+Talk_end_time = ""
+Title = "Zero Trust Infrastructure for AI Agents: Securing Your Development Workflow"
+Type = "talk"
+Speakers = ["nick-taylor"]
++++
+
+<h3>Securing AI Agents with Zero Trust and MCP</h3>
+
+<h3>The Core Problem</h3>
+
+<p>Your development team wants to deploy AI assistants that can:</p>
+
+<ul>
+  <li>Interact with internal systems</li>
+  <li>Modify configurations</li>
+  <li>Automate workflows</li>
+</ul>
+
+<p>Meanwhile, security teams are asking critical questions:</p>
+
+<ul>
+  <li>How much access do these agents need?</li>
+  <li>How is that access controlled?</li>
+  <li>How is it audited?</li>
+</ul>
+
+<p><strong>The challenge:</strong> How do you give AI agents the access they require without introducing new security risks?</p>
+
+<p>In this talk, I demonstrate how to build secure AI agent infrastructure from day one using Zero Trust patterns and the Model Context Protocol (MCP).</p>
+
+<p>Drawing from real-world production experience building MCP servers at Pomerium, I present practical, deployable patterns using open-source tooling.</p>
+
+<h2>The Infrastructure Challenge</h2>
+
+<p>AI agents require infrastructure access. However, traditional OAuth was not designed for AI-driven automation use cases.</p>
+
+<p>OAuth scopes are typically too coarse-grained:</p>
+
+<ul>
+  <li>GitHub’s <code>repo</code> scope grants read/write access to everything repository-related.</li>
+  <li>Slack’s <code>chat:write</code> allows agents to post anywhere.</li>
+  <li>Internal API tokens often lack granularity entirely.</li>
+</ul>
+
+<p>The result is overprivileged AI agents.</p>
+
+<p>An agent that only needs to create pull requests can also merge pull requests, delete branches, and modify repository settings.</p>
+
+<p>The solution is not to block AI agents. The solution is to build proper infrastructure around them.</p>
+
+<h2>A Practical Approach to AI Agent Security</h2>
+
+<p>I demonstrate a dual-layer Zero Trust architecture using the Model Context Protocol (MCP) that works with any MCP server.</p>
+
+<h3>Layer 1: Identity-Aware Proxy (Pomerium)</h3>
+
+<ul>
+  <li>Handles authentication</li>
+  <li>Provides secure development tunnels</li>
+  <li>Integrates with your existing SSO infrastructure</li>
+  <li>No VPNs or bastion hosts required</li>
+</ul>
+
+<h3>Layer 2: Fine-Grained Authorization</h3>
+
+<ul>
+  <li>Transforms coarse OAuth scopes into precise tool-level permissions</li>
+  <li>Policy-as-code stored in your infrastructure repository</li>
+  <li>Real-time enforcement without agent code changes</li>
+</ul>
+
+<h2>Live Demonstration</h2>
+
+<p>I demonstrate this architecture using the GitHub MCP server:</p>
+
+<ol>
+  <li><strong>Before:</strong> An AI agent with standard OAuth can perform any action allowed by the <code>repo</code> scope.</li>
+  <li><strong>After:</strong> The same agent operates under fine-grained policies — it can create pull requests but is blocked from merging them.</li>
+  <li><strong>Observability:</strong> Every AI action is logged with full context for audit trails.</li>
+  <li><strong>Workflow:</strong> A complete development-to-production deployment with security built in.</li>
+</ol>
+
+<p>The same patterns apply whether you're securing GitHub access, Slack integrations, internal APIs, or any other service your AI agents interact with.</p>
+
+<h2>Why This Matters for Your Team</h2>
+
+<p><strong>Observability:</strong> Complete audit trails of AI agent activity integrated with your existing logging infrastructure.</p>
+
+<p><strong>Developer Experience:</strong> Security patterns that do not slow down development workflows.</p>
+
+<p><strong>Production Ready:</strong> Deploy today using open-source components under the Apache 2.0 license.</p>
+
+<p><strong>Incremental Adoption:</strong> Add security controls to existing AI agent deployments without rewriting everything.</p>
+
+<h2>Key Takeaways</h2>
+
+<ul>
+  <li>Infrastructure patterns for securing AI agents in development and production</li>
+  <li>How to implement fine-grained authorization using Identity-Aware Proxies</li>
+  <li>Observable, auditable AI workflows that satisfy compliance requirements</li>
+  <li>A working reference implementation you can fork and adapt</li>
+</ul>
+
+<h2>Industry Context</h2>
+
+<p>The Model Context Protocol is becoming a standard for extending AI assistants such as Claude, ChatGPT, and VS Code Copilot.</p>
+
+<p>As DevOps teams deploy these agents into production workflows, solid infrastructure patterns make the difference between experimental tooling and production-ready systems.</p>
+
+<p>The live demo uses Pomerium Zero to accelerate policy updates during the presentation. However, all demonstrated patterns are fully implementable in the open-source version via YAML configuration.</p>
+
+<p>Open-source repository: https://github.com/pomerium/pomerium</p>
+
+<h2>Reference Implementation</h2>
+
+<p>The MCP server code and authorization policies will be available immediately after the talk:</p>
+
+<p>https://github.com/nickytonline/github-mcp-http</p>
+
@@ -0,0 +1,10 @@
++++
+Talk_date = ""
+Talk_start_time = ""
+Talk_end_time = ""
+Title = "DevOps Without the Fairy Tales. What Breaks When AI Enters the System?"
+Type = "talk"
+Speakers = ["paulina-dubas"]
++++
+
+AI is increasingly part of DevOps work, even in teams that don’t think of themselves as “doing AI.” Models influence scaling, alerting, cost optimization, and developer workflows, often quietly and without clear ownership.  In this talk, I’ll share real patterns I see when AI enters existing DevOps setups: responsibilities becoming blurred, “trust the model” replacing engineering judgment, costs and energy usage becoming harder to explain, and teams staying accountable for decisions they no longer fully control.  This is a practical talk about what actually breaks when AI meets real-world DevOps —and how teams can adapt without adding more tools, more dashboards, or more process. The focus is on clarity, ownership, and keeping humans meaningfully involved.
@@ -0,0 +1,10 @@
++++
+Talk_date = ""
+Talk_start_time = ""
+Talk_end_time = ""
+Title = "AI Didn’t Break Your DevOps Setup It Just Exposed It"
+Type = "talk"
+Speakers = ["paulina-dubas"]
++++
+
+AI rarely introduces new problems in DevOps. Instead, it amplifies the ones that were already there: unclear ownership, fragile automation, hidden costs, and teams stretched too thin.  This talk looks at how AI acts as a stress test for DevOps practices. I’ll show how issues around reliability, accountability, and communication become impossible to ignore once AI-driven tools and workflows are introduced.  Rather than focusing on models or tools, this session is about how teams can use AI as a signal to fix deeper problems — and avoid turning “AI adoption” into another layer of complexity on top of an already fragile system.
@@ -0,0 +1,10 @@
++++
+Talk_date = ""
+Talk_start_time = ""
+Talk_end_time = ""
+Title = "Cloudy with a Chance of Dynamic Pricing"
+Type = "talk"
+Speakers = ["raluca-mihu"]
++++
+
+Cloudy with a Chance of Dynamic Pricing: Building a Weather Driven IoT System with Raspberry Pi What if the weather could change your prices in real time?  In this session, we connect a Raspberry Pi to a live Weather API and turn temperature, rain and sunlight into dynamic pricing logic. You will see how a small IoT device can fetch external data, process it locally, and display a price that shifts with the forecast.  We walk through the full flow: integrating the API, handling data securely, designing simple pricing rules, and displaying the result on a physical interface. Along the way, we explore DevOps practices for IoT projects, including automation, environment management and secure configuration.  This talk brings together cloud services, edge devices and real world logic in a practical demo that shows how weather data can drive business decisions in real time.
@@ -0,0 +1,10 @@
++++
+Talk_date = ""
+Talk_start_time = ""
+Talk_end_time = ""
+Title = "Resilient by Design: Mental Health Tools for DevOps Engineers"
+Type = "talk"
+Speakers = ["raluca-mihu"]
++++
+
+DevOps engineers operate in high responsibility environments where uptime, security and delivery speed meet constant change. Sustainable performance begins with a resilient nervous system.  In this interactive session, Raluca Mihu introduces practical mental health tools designed for engineers. Together, we will practise guided breathing techniques to regulate stress, short mindfulness exercises to sharpen focus, and EFT tapping to release tension before it escalates. Each method is simple, evidence informed and easy to integrate into a busy workday.  This session offers more than awareness. It offers direct experience. You will leave with concrete tools that support clarity during incidents, steadiness during pressure and long term energy for meaningful work. DevOps culture thrives on continuous improvement, and that includes the human system behind the keyboard.
@@ -0,0 +1,10 @@
++++
+Talk_date = ""
+Talk_start_time = ""
+Talk_end_time = ""
+Title = "AIGenOps: Integrating Generative AI into Platform Engineering for Regulated Software"
+Type = "talk"
+Speakers = ["riccardo-soro","nicolas-fantoni"]
++++
+
+The integration of generative AI into platform engineering opens new possibilities to automate and improve the DevOps lifecycle, even in highly regulated software development environments. However, naive adoption often leads to uncontrolled generation, rising costs, privacy concerns, and low-quality outputs that increase review and compliance effort.  In this talk, we present a practical, zero-trust approach to integrating generative AI into the DevOps cycle without disrupting existing processes. We show how to safely embed AI into platform engineering by combining self-hosted models for privacy and cost control with strict validation gates already familiar to DevOps teams.  Starting from the DevOps lifecycle, we demonstrate how generative AI can be used to analyze and resolve code quality issues detected by tools like Sonar, generate high-quality unit tests using mutation testing techniques, and automatically validate AI-generated results through builds, tests, coverage checks, and issue resolution verification.  We also discuss how to tune LLM hyperparameters to balance determinism, creativity, and cost, avoiding unnecessary generation while focusing AI efforts on high-value outcomes.  Attendees will leave with concrete patterns to integrate generative AI into regulated DevOps pipelines: improving code quality and test coverage, controlling costs, preserving privacy, and keeping humans in control through measurable, automated verification rather than manual review.
@@ -0,0 +1,11 @@
++++
+Title = "Adeola Adeniji"
+Twitter = ""
+linkedin = "https://www.linkedin.com/in/adeola-adeniji/"
+image = "adeola.jpg"
+type = "speaker"
+linktitle = "adeola-adeniji"
+
++++
+
+I am a seasoned security professional with over a decade of experience leveraging security in line with best practices to ensure companies are secure and business enabled
@@ -0,0 +1,11 @@
++++
+Title = "Dave Westgarth"
+Twitter = "https://x.com/dave_westgarth"
+linkedin = "www.linkedin.com/in/dave-westgarth"
+image = "dave.jpg"
+type = "speaker"
+linktitle = "dave-westgarth"
+
++++
+
+Dave works as Head of Delivery at Unifeye. He has held numerous roles and built a rich experience in agile delivery, project management and tech, with positions ranging from developer to manager across several industries and verticals. He's an active advocate of agile and works to enhance teams and workplaces by promoting agile ways of working, principles and values.
@@ -0,0 +1,11 @@
++++
+Title = "Dr. Suki Sandhu"
+Twitter = ""
+linkedin = ""
+image = "sukisandhu.jpg"
+type = "speaker"
+linktitle = "dr-suki-sandhu"
+
++++
+
+A seasoned intellectual property rights (IPR) professional who protects inventions and computer-related products using IPRs. I have a technical background from the aerospace industry, and a background in intellectual property law as a patent agent working for multinational corporations and research institutes.
@@ -0,0 +1,11 @@
++++
+Title = "Nick Taylor"
+Twitter = ""
+linkedin = "https://nickyt.online/"
+image = "nicktaylor.jpg"
+type = "speaker"
+linktitle = "nick-taylor"
+
++++
+
+Nick is a Microsoft MVP, GitHub Star, Software Developer, and Developer Advocate. With over two decades in technology and a decade of open source contributions, plus six years of professional open source work at companies like OpenSauced, dev.to, Netlify and now Pomerium, he brings deep community knowledge to his work. You'll often find him live streaming tech content, either solo or with friends from the community.
@@ -0,0 +1,11 @@
++++
+Title = "Nicolas Fantoni"
+Twitter = "https://x.com/nicolas_fantoni"
+linkedin = "https://www.linkedin.com/in/nicolas-fantoni/"
+image = "nicolas.jpg"
+type = "speaker"
+linktitle = "nicolas-fantoni"
+
++++
+
+Platform engineer at Imola Informatica, where he deals with software architecture, DevOps, cloud and security, promoter of innovation and change. Passionate about engines and everything that can be driven, he brings his enthusiasm, resourcefulness and pragmatism to his daily work as well
@@ -0,0 +1,11 @@
++++
+Title = "Paulina Dubas"
+Twitter = ""
+linkedin = "https://www.linkedin.com/in/paulinadubas/"
+image = "paulina.jpg"
+type = "speaker"
+linktitle = "paulina-dubas"
+
++++
+
+I’m an independent DevOps and platform consultant working with teams across Europe. I help organizations run reliable, cost-aware systems and untangle messy operational realities around cloud, platforms, and team ownership. My work is hands-on and pragmatic, usually in environments where “best practices” collide with real constraints.
@@ -0,0 +1,11 @@
++++
+Title = "Raluca Mihu"
+Twitter = ""
+linkedin = "https://www.linkedin.com/in/ralucamihu/"
+image = "raluca.jpg"
+type = "speaker"
+linktitle = "raluca-mihu"
+
++++
+
+Raluca builds systems that teams trust. She works across DevOps, security and governance, bringing hands on experience in cloud platforms, risk management and compliance. She enjoys turning complex challenges into practical solutions that teams can actually use. She leads with clarity and calm focus. Raluca connects engineers, security specialists and business leaders, creating shared direction and real ownership. At DevOpsDays, she brings practical insight and a genuine drive to keep improving how teams build and deliver.
@@ -0,0 +1,11 @@
++++
+Title = "Riccardo Soro"
+Twitter = ""
+linkedin = ""
+image = "riccardo.jpg"
+type = "speaker"
+linktitle = "riccardo-soro"
+
++++
+
+I am a computer engineer deeply passionate about computer science, particularly in the areas of DevOps and generative AI. My journey in the tech world is fueled by relentless curiosity and a strong drive for innovation. In my free time, I never miss the chance to go rock climbing with friends, where I find inspiration and fresh ideas among the cliffs. My thirst for knowledge and determination constantly propel me to explore new technological frontiers and tackle every challenge with enthusiasm.