Loading…
Open Source Summit + Embedded Linux Conference North America...
May 18-20, 2026
Minneapolis, MN
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central DaylightTime (UTC -5). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
Type: cdCon clear filter
arrow_back View All Dates
Monday, May 18
 

11:20am CDT

Keynote: The Revolution Hiding in Plain Sight: CI/CD Platform Is About to Change Forever - Dadisi Sanyika, Sol Duara, Inc.
Monday May 18, 2026 11:20am - 11:45am CDT
200C (Level Two)
Anyone who has worked on a CI/CD platform knows the feeling: the tools are powerful, but too much energy goes into making everything talk to everything else. Teams sense there should be a better way, but the ecosystem keeps pulling them back toward custom integrations.

This is an industry inefficiency. When hundreds of organizations each build integrations for the same tools, enormous effort is spent solving the same problems again and again. We’ve accepted this as normal, but there’s another pattern.

This talk explores why the status quo must change. Not through better tooling or more connectors, but through the same shift that transformed railroads, email, and the internet: shared protocol.

You’ll see the architecture making this inevitable: CDEvents as a shared vocabulary for SDLC, Workflow Segments as the semantic meaning behind “build” and “deploy,” and Conduit as an orchestration engine that understands the entire workflow. We’ll examine where boundaries exist in every pipeline, and how tools that broadcast proof of reaching those boundaries can coordinate without custom integrations.

The future of CI/CD isn’t more integrations; it’s one integration, used by everyone.
Speakers
avatar for Dadisi Sanyika

Dadisi Sanyika

CEO, Sol Duara, Inc.
I am the Governing Board Chair for the Continuous Delivery Foundation (Linux sub-foundation) and the CEO of Sol Duara, Inc. Previously, at Apple, I led a team of engineers dedicated to improving the Continuous Deployment experience for teams and the community. Our contributions are... Read More →
Monday May 18, 2026 11:20am - 11:45am CDT
200C (Level Two)
  cdCon

11:50am CDT

Jenkins - Year in Review and Future Roadmap - Mark Waite, Independent
Monday May 18, 2026 11:50am - 12:00pm CDT
200C (Level Two)

Speakers
avatar for Mark Waite

Mark Waite

Independent Consultant, Self-employed

Monday May 18, 2026 11:50am - 12:00pm CDT
200C (Level Two)
  cdCon

12:15pm CDT

CDF Town Hall - Moderated by Tracy Ragan, DeployHub, Inc.
Monday May 18, 2026 12:15pm - 1:15pm CDT
200C (Level Two)

Speakers
avatar for Tracy Ragan

Tracy Ragan

CEO, DeployHub
Tracy is a recognized expert in software supply chain security and DevSecOps, specializing in managing complex, decoupled architectures. She is the CEO of DeployHub, a scalable post-deployment vulnerability detection platform that empowers software to 'self-heal' by automatically... Read More →
Monday May 18, 2026 12:15pm - 1:15pm CDT
200C (Level Two)
  cdCon
  • about <br>

1:30pm CDT

Lightning Talk: From Embedded Artifacts To Durable Entities: Fixing State in Spinnaker - Ben Powell, Apple
Monday May 18, 2026 1:30pm - 1:40pm CDT
200C (Level Two)
Spinnaker historically embedded artifact data directly into pipeline execution context. As workflows grew more complex, this approach led to oversized context payloads, fragile retries, and tight coupling between pipeline logic and storage representation.

The Entity Store rethinks this model. By replacing embedded state with URI-based references and delegating persistence to pluggable handlers, Spinnaker separates semantic identity from storage mechanics. Execution context becomes lighter, more stable, and easier to evolve.

In this talk, we’ll explore the architectural shift, implementation tradeoffs, migration strategy, and what this change means for future extensibility in Spinnaker and other CD systems.
Speakers
avatar for Ben Powell

Ben Powell

Software Engineer, Apple
Ben is a software engineer at Apple for the Spinnaker team with previous experience at AWS for the AWS SDK and ECS team. He has contributed to various different tools, services, and proposals through the years, governs the Cloud SIG for Spinnaker, and is an active participant for... Read More →
Monday May 18, 2026 1:30pm - 1:40pm CDT
200C (Level Two)
  cdCon

1:45pm CDT

Lightning Talk: Ortelius V12: Post-Deployment Security Defense for DevSecOps - Steve Taylor, DeployHub
Monday May 18, 2026 1:45pm - 1:55pm CDT
200C (Level Two)
Most DevSecOps pipelines stop protecting software once it is deployed, leaving organizations blind to newly disclosed vulnerabilities impacting live systems. Ortelius addresses this gap with post-deployment security powered by a digital twin of deployed software. By mapping SBOMs to running packages, versions, environments, and endpoints, Ortelius continuously correlates live systems with vulnerability databases, detecting critical and high-risk CVEs the moment they are published.

This session will introduce the latest Ortelius release, demonstrate new features, and show how teams can reduce MTTR from months to days by identifying which vulnerabilities truly impact production. Attendees will learn how Ortelius integrate with platform engineering workflows to provide continuous visibility and security beyond release.
Take Aways:
- Why pre-deployment SCA tools alone cannot protect production systems
- How Ortelius builds a digital twin of deployed software across clusters, clouds, and environments
- How SBOMs are mapped to live endpoints to identify true attack surface exposure
- How teams are reducing MTTR for critical CVEs to under 10 days
Speakers
avatar for Steve Taylor

Steve Taylor

CTO, DeployHub
Steve Taylor is a technology leader and innovator with deep expertise in service-based architecture, DevSecOps, open-source security, and secure software delivery. As CTO of DeployHub, he leads product strategy focused on build and release automation, vulnerability management, and... Read More →
Monday May 18, 2026 1:45pm - 1:55pm CDT
200C (Level Two)
  cdCon

2:00pm CDT

Lightning Talk: CDEvents: Ending the "Glue Code" Tax on Engineering Velocity - Mihir Vora & Prem Dhayalan, Capital One
Monday May 18, 2026 2:00pm - 2:10pm CDT
200C (Level Two)
We’ve achieved industry-wide standards for containers (docker) and orchestration (kubernetes), yet our delivery pipelines remain stuck in the "scripting era." In most organizations, the connection between a security scanner, a CI runner, and a deployment engine isn't a standard interface—it’s mostly a fragile web of custom Python scripts and yaml/jenkinsfile hacks.

This is the Glue Code Tax: a massive, invisible drain on resources that forces engineers to spend nearly half of their time maintaining integrations rather than shipping features.

This session tackles the "scripting fatigue" head-on. We will explore how to move away from fragile, one-off pipelines toward a truly modular, event-driven ecosystem. Using something like CDEvents standard as a blueprint, we’ll demonstrate how tools can "signal" their status natively, allowing you to swap out parts of your stack without rewriting your entire delivery logic. We’re moving past the era of digital duct tape and into the era of interoperable DevOps.
Speakers
avatar for Mihir Vora

Mihir Vora

Senior Distinguished Engineer, Capital One
Mihir is a Sr. Distinguished Engineer at Capital One with a passion for empowering teams and driving innovation. Mihir successfully led multiple projects that drive digital transformation and enhance customer experience over the years. Mihir has successfully balanced technical contributions... Read More →
avatar for Prem Dhayalan

Prem Dhayalan

Senior Distinguished Engineer, Capital One
Thought leader, evangelist in the areas of DevSecOps, Continuous Delivery, Developer Experience, Cloud Computing, Open Source Adoption, Digital Transformation. A hands-on developer
Monday May 18, 2026 2:00pm - 2:10pm CDT
200C (Level Two)
  cdCon

2:15pm CDT

Lightning Talk: CI/CD Cybersecurity Guide - Open Source Tools to Improve DevOps Security - Kate Scarcella, Independent
Monday May 18, 2026 2:15pm - 2:25pm CDT
200C (Level Two)

Speakers
avatar for Kate Scarcella

Kate Scarcella

Cybersecurity Architect, Independent
Kate Scarcella is a seasoned cybersecurity leader with over two decades of experience driving innovation and building cyber resilience. At IBM, she served on the Security Board of Advisors, where she guided Fortune 50 enterprises on strengthening their cybersecurity postures.

Kat... Read More →
Monday May 18, 2026 2:15pm - 2:25pm CDT
200C (Level Two)
  cdCon

2:30pm CDT

Keynote: AI in CI/CD Without the Hype: Practical Patterns for Platform Engineers - Jennifer Mulford, Okta
Monday May 18, 2026 2:30pm - 3:00pm CDT
200C (Level Two)
AI is being discussed as the next evolution of CI/CD, but much of that conversation skips over the realities faced by platform and infrastructure teams responsible for reliability, security, and trust. In practice, introducing AI into pipelines requires restraint, clear boundaries, and a strong understanding of where AI use helps and where it creates risk.
This talk focuses on practical, open-source approaches to using AI in CI/CD pipelines today. We’ll explore patterns where AI acts as a copilot: summarizing pull requests, generating test suggestions, helping engineers interpret CI failures, and enriching security signals while keeping humans firmly in control of decisions.
The session will also cover security concerns, prompt injection risks, secrets exposure, and the importance of treating AI output as untrusted input. We’ll discuss guardrails that help teams experiment safely, such as read-only workflows, explicit review steps, and self-hosted or open-source tooling that avoids sending proprietary code to third-party services.
Attendees will leave with a clear mental model for evaluating AI use cases in their own pipelines and an understanding of the tradeoffs involved.
Speakers
avatar for Jennifer Mulford

Jennifer Mulford

Senior Platform Security Engineer, Okta
Jennifer Mulford is a Senior Platform Security Engineer with 8+ years in DevOps and security, holding certifications including CISSP, CKA, Security+, CEH, and AWS certifications. She focuses on practical, real-world security engineering and automation.
Monday May 18, 2026 2:30pm - 3:00pm CDT
200C (Level Two)
  cdCon
  • Audience Experience Level Any

3:35pm CDT

Lightning Talk: When Pipelines Decide: Governing Speed, Trust, and Accountability in AI-Driven CI/CD - Sundeep Bobba, Southwest Airlines & Naga Sujitha Vummaneni, Ripple
Monday May 18, 2026 3:35pm - 3:55pm CDT
200C (Level Two)
AI and autonomous agents are now coming into CI/CD pipelines more and more. Earlier they only followed instructions. Now they help in testing, deciding releases, approving deployments, and sometimes fixing problems on their own. This is a big change. Because of this, we need to think again about speed, security, and who is responsible when something goes wrong.

This session talks about few important things, in simple way:

• Moving from only making pipelines faster to also adding control. DevOps is not just optimization now, it also needs governance and good system design.
• Practical patterns from real work. Architecture and team setups that people can actually use and scale.
• Rules for bots that do not slow humans. Policy driven guardrails for autonomous pipelines.
• Clear decision points. Who decides what, and when humans must step in.
• Human oversight at scale. Reviews that still matter but do not block delivery.
• Security from the beginning. Audit logs, policy enforcement, and safe handling when signals are not very clear.
Speakers
avatar for Sundeep Bobba

Sundeep Bobba

Tech Lead Cloud DevOps Engineer, Southwest Airlines
Sundeep Bobba is a Tech Lead Cloud DevOps Engineer at Southwest Airlines with 15+ years of experience building large-scale, cloud-native CI/CD and automation platforms. He leads enterprise DevOps modernization supporting millions of customers and billions in digital revenue. He is... Read More →
avatar for Naga Sujitha Vummaneni

Naga Sujitha Vummaneni

Sr. Security Engineer, Ripple
Naga Sujitha Vummaneni is a Senior Security Engineer at Ripple with 10+ years of experience in cloud security automation and infrastructure engineering across Google, Nike, eBay, and other tech leaders. AWS Certified Security and CISM credential holder, she specializes in blockchain... Read More →
Monday May 18, 2026 3:35pm - 3:55pm CDT
200C (Level Two)
  cdCon

4:00pm CDT

Panel Discussion: Protecting the Software Supply Chain with AI - Jennifer Mulford, Okta; Ryo Sugahara, NTT; Mihir Vora, Capital One; Tracy Ragan, DeployHub
Monday May 18, 2026 4:00pm - 4:30pm CDT
200C (Level Two)

Moderators
avatar for Tracy Ragan

Tracy Ragan

CEO, DeployHub
Tracy is a recognized expert in software supply chain security and DevSecOps, specializing in managing complex, decoupled architectures. She is the CEO of DeployHub, a scalable post-deployment vulnerability detection platform that empowers software to 'self-heal' by automatically... Read More →
Speakers
avatar for Jennifer Mulford

Jennifer Mulford

Senior Platform Security Engineer, Okta
Jennifer Mulford is a Senior Platform Security Engineer with 8+ years in DevOps and security, holding certifications including CISSP, CKA, Security+, CEH, and AWS certifications. She focuses on practical, real-world security engineering and automation.
avatar for Mihir Vora

Mihir Vora

Senior Distinguished Engineer, Capital One
Mihir is a Sr. Distinguished Engineer at Capital One with a passion for empowering teams and driving innovation. Mihir successfully led multiple projects that drive digital transformation and enhance customer experience over the years. Mihir has successfully balanced technical contributions... Read More →
avatar for Ryo Sugahara

Ryo Sugahara

Evangelist, NTT DATA GROUP Corporation
I joined NTT Data in 2005. Currently, I'm dedicated to driving modernization through the integration of CI/CD and infrastructure automation, transforming traditional projects.
Monday May 18, 2026 4:00pm - 4:30pm CDT
200C (Level Two)
  cdCon

4:35pm CDT

The Probabilistic Pipeline: From Green To Safe - Mihir Vora, Capital One
Monday May 18, 2026 4:35pm - 4:55pm CDT
200C (Level Two)
CI/CD has trained us to trust one signal: green means go. But modern systems don't fail in binary. A one-line UI tweak can trigger a 45-minute test marathon, while a risky change can go green and still take production down. The issue isn't "bad pipelines" - it's that pass/fail is no longer a reliable proxy for safe.

In this talk I introduce the Probabilistic Pipeline: shipping as risk management, not static gating. The pipeline produces a per-change risk/confidence score from signals you already have: diff blast radius, service criticality, incident hotspots, flaky tests, dependency/config deltas, and real-time system health (delivery events + telemetry). That score routes changes through adaptive lanes - Fast, Standard, Hardened - so low-risk work gets lightweight checks + automated canaries, while higher-risk work earns deeper validation, safer rollout, and tighter oversight.

You'll leave with a reference architecture, a concrete example and guardrails that keep trust: explainable scores, deterministic security/compliance hard floors, and a feedback loop that learns from outcomes. No ML background required - this is about practical delivery design.
Speakers
avatar for Mihir Vora

Mihir Vora

Senior Distinguished Engineer, Capital One
Mihir is a Sr. Distinguished Engineer at Capital One with a passion for empowering teams and driving innovation. Mihir successfully led multiple projects that drive digital transformation and enhance customer experience over the years. Mihir has successfully balanced technical contributions... Read More →
Monday May 18, 2026 4:35pm - 4:55pm CDT
200C (Level Two)
  cdCon

5:00pm CDT

Lightning Talk: Why Don't AI Technologies and CI/CD Pipelines Get Along? - Ryo Sugahara, NTT DATA GROUP Corporation
Monday May 18, 2026 5:00pm - 5:10pm CDT
200C (Level Two)
AI technologies are fundamentally transforming the landscape of IT system development. While they are increasingly applied across a wide range of development tasks, their potential remains largely untapped within CI/CD pipelines.

I have personally experimented with applying AI technologies to CI/CD pipelines in an effort to build more effective and intelligent workflows. However, these attempts did not lead to the expected results. This experience raises an important question: why is the integration of AI technologies into CI/CD pipelines so challenging?

In this session, I will explore the practical and conceptual barriers encountered when applying AI technologies to CI/CD pipelines, and examine the underlying reasons behind their apparent lack of compatibility, drawing on firsthand experience. This exploration is still a work in progress. Rather than presenting a success story, this session aims to frame the problem clearly and honestly.

Also, by raising key questions and sharing lessons learned from failed attempts, this session seeks to encourage broader discussion and invite more practitioners to engage with this challenge and collaboratively explore possible paths forward.
Speakers
avatar for Ryo Sugahara

Ryo Sugahara

Evangelist, NTT DATA GROUP Corporation
I joined NTT Data in 2005. Currently, I'm dedicated to driving modernization through the integration of CI/CD and infrastructure automation, transforming traditional projects.
[cdCon2026] Why don't AI technologies and CICD pipelines get along pdf
Monday May 18, 2026 5:00pm - 5:10pm CDT
200C (Level Two)
  cdCon
  • Audience Experience Level Any

5:15pm CDT

Lightning Talk: The Era of Agentic Continuous Delivery - Vibhav Bobade, Red Hat
Monday May 18, 2026 5:15pm - 5:25pm CDT
200C (Level Two)
How do we ensure that Agentic Delivery follows the same rigour as tools when only humans created software? With AI Agents, we are slowly being forced to look at software development and delivery that looks more like a statistical distribution than a carefully implemented solution. The software delivery lifecycle is now completely touched by AI, from writing code and testing to pushing to production and testing against production code.

In this talk, we will peel the layers of Continuous Delivery and see the new verticals in delivery AI is giving rise to and problems yet to be solved from a first principle basis, and with guidance on what questions we can ask to choose the right AI tools and keep up without exhausing outselves.
Speakers
avatar for Vibhav Bobade

Vibhav Bobade

Senior Software Engineer, Red Hat
I am an open-source developer who enjoys containers, audio, and running. I work at Red Hat as a Senior Software Engineer and help maintain Tekton Pipelines.
Monday May 18, 2026 5:15pm - 5:25pm CDT
200C (Level Two)
  cdCon

5:30pm CDT

Lightning Talk: Simple Yet Scalable MLOps: Bridging the Gap Between Data Science and CI/CD - Sachin Garg, NavankurIT; Sameeksha Garg, Carnegie Mellon University
Monday May 18, 2026 5:30pm - 5:40pm CDT
200C (Level Two)
The transition of Machine Learning (ML) models from experimental notebooks to reliable production environments often reveals a significant disconnect between Data Scientists and Infrastructure/Operations teams. While traditional DevOps has mastered code delivery, the unique "state" of ML—comprising both code and massive datasets—requires a specialized evolution: MLOps. This session provides a practical roadmap for building a simple yet highly scalable CI/CD pipeline using a purely open-source stack.

We begin by addressing the critical challenge of Model Reproducibility. Standard version control systems like Git excel at managing algorithms but fail when handling the 500MB weights or multi-gigabyte training sets typical of modern ML. Our proposed architecture integrates DVC (Data Version Control) to version-control data alongside source code, ensuring that every deployment is fully traceable and repeatable.
Speakers
avatar for Sachin Garg

Sachin Garg

CTO, NavankurIT
Dr. Sachin Garg built India's early FOSS infrastructure: MNNIT's first internet server (1995) over 9.6 kbps VSAT, core BLUG member (1996-2002), IT.com '99 Linux Pavilion participant, and architect of Wipro's landmark FOSS.in 2006 sponsorship. At C-DAC, championed Linux for PARAM supercomputers... Read More →
avatar for Sameeksha Garg

Sameeksha Garg

Student, Carnegie Mellon University
Sameeksha Garg is a Computer Science student at Carnegie Mellon University (graduating May 2026), specializing in Machine Learning. With hands-on experience in open-source security at Visa, building ML monitoring systems using Grafana and Prometheus, and developing AI-driven pipelines... Read More →
Monday May 18, 2026 5:30pm - 5:40pm CDT
200C (Level Two)
  cdCon

5:45pm CDT

Lightning Talk: Taming MCP Challenges at Scale: Move Fast and Build Right - Muktesh Mishra, Adobe
Monday May 18, 2026 5:45pm - 5:55pm CDT
200C (Level Two)
Tired of governance slowing you down while you’re racing to ship AI features? You’re not alone—every AI builder has felt that friction.

Enterprise AI builders struggle to move fast: governance feels like a roadblock, data access is inconsistent and risky, best practices and security controls are manually enforced (or ignored), and every team reinvents the wheel—leading to slow delivery, compliance gaps, quality issues, and mounting technical debt.

Join us for a hands-on session featuring code examples and demos to learn how we overcome these challenges at Adobe, enabling AI builders at scale without compromising quality and speed.

Through a series of code snippets and demos, we will show:
- Paved paths via reusable templates and reference architectures to accelerate onboarding and iterations.
- Automated governance gates covering evaluations, best practices, access controls, and security
- Interoperability and discoverability, via an automated well-formed AI registry
- Standardized data access patterns that ensure compliance, auditability, and efficiency

Join us for a fun session, and let's learn together.





Speakers
avatar for Muktesh Mishra

Muktesh Mishra

Lead Engineer, AI Foundations and Platforms, Adobe
Muktesh is Lead AI Builder at Adobe. Active contributor to 20+ open-source projects and enjoys solving problems at scale. Conference junkie who has spoken at MongoDB Local, JavaOne, API World, OSCON, DockerCon, Open Source Summit & more. Active in teaching and development across Apache... Read More →
Monday May 18, 2026 5:45pm - 5:55pm CDT
200C (Level Two)
  cdCon
 
  • Filter By Date
    May 17 - 22, 2026
  • Filter By Venue
    Minneapolis, MN, USA
    All
    101 A-J (Level One)
    200A (Level Two)
    200B (Level Two)
    200C (Level Two)
    200D (Level Two)
    200E (Level Two)
    200F (Level Two)
    200G (Level Two)
    200H (Level Two)
    200I (Level Two)
    200J (Level Two)
    204B (Level Two)
    205C+D (Level Two)
    208A+B (Level Two)
    208C+D (Level Two)
    211A+B (Level Two)
    Ballroom Foyer (Level One)
    Ballroom Lobby (Level One)
    Mill City Museum
    Minneapolis Convention Center
    Seasons (Level Two)
    Solutions Showcase, Ballroom A+B (Level One)
    TBA
  • Filter By Type
    Ask the Experts
    cdCon
    Cloud + Orchestration
    Co-located Event
    Digital Trust
    Embedded Linux Conference
    Keynote Sessions
    Linux
    Mini Summit
    Open AI & Data
    Open Source 101
    OSS Enabling & Management
    All
    Blockchain and Distributed Ledger Technologies
    Operations Management & OSPOs
    Project Leadership
    Standards & Specifications
    Technical Documentation
    Packages + Images + Containers
    PX4 Dev Summit
    Safety-critical Software
    Special Events / Exhibits / Breaks
    Zephyr
  • Audience Experience Level
    Advanced
    Any
    Beginner
    Intermediate
  • Timezone

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Event Planning App Privacy Terms
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Sunday, May 17
Monday, May 18
Tuesday, May 19
Wednesday, May 20
Thursday, May 21
Friday, May 22
101 A-J (Level One)
200A (Level Two)
200B (Level Two)
200C (Level Two)
200D (Level Two)
200E (Level Two)
200F (Level Two)
200G (Level Two)
200H (Level Two)
200I (Level Two)
200J (Level Two)
204B (Level Two)
205C+D (Level Two)
208A+B (Level Two)
208C+D (Level Two)
211A+B (Level Two)
Ballroom Foyer (Level One)
Ballroom Lobby (Level One)
Mill City Museum
Minneapolis Convention Center
Seasons (Level Two)
Solutions Showcase, Ballroom A+B (Level One)
TBA
  • Ask the Experts
  • cdCon
  • Cloud + Orchestration
  • Co-located Event
  • Digital Trust
  • Embedded Linux Conference
  • Keynote Sessions
  • Linux
  • Mini Summit
  • Open AI & Data
  • Open Source 101
  • OSS Enabling & Management
  • Packages + Images + Containers
  • PX4 Dev Summit
  • Safety-critical Software
  • Special Events / Exhibits / Breaks
  • Zephyr
  • Audience Experience Level
  • Advanced
  • Any
  • Beginner
  • Intermediate