SECURE. GOVERN. DELIVER
Powering the AI-driven software supply chain with trust
6:00 PM - 9:00 PM
GATHERING & GALA DINNER
Inma Martinez
Inma Martinez is a powerhouse on the global AI stage who moves beyond the typical “tech futurist” label by balancing deep technical foresight with genuine, experienced business value. While many experts get caught up in the “how,” Inma focuses on the “why” and the “what’s next.” She specializes in translating complex digital shifts into actionable strategies that help organizations build a competitive edge while navigating the big-picture realities of global government policy and industrial strategy. In a world of shifting regulations, her unique insights into AI sovereignty are invaluable for anyone building at scale. Join Inma to not just talk about the AI-powered future; help define the roadmap for how we’ll actually live and work in it.
9:00 AM - 5:00 PM
Leap agenda
08:00 AMFuel-Up Gathering and Breakfast
AI and Model Context Protocols (MCP) have unlocked ‘Extreme Velocity,’ but this emerging productivity surge has a dark side. Threat actors are now using the same automation to launch coordinated attacks, like the Shai-Hulud incident, hiding malicious code within the noise of high-frequency releases.
When manual security gates fail, how do you maintain governance? This session provides the blueprint for high-velocity artifact trust. Learn to evolve your definition of ‘trusted software’ and implement strategies that secure your supply chain against new threats – such as malicious MCP servers and risky ML models – without slowing down innovation.
09:00 AMThe Agentic Leap: The Future-Proof Software Supply ChainShlomi Ben Haim, CEO and Co-Founder, JFrog
09:15 AMThe New Rules of Software TrustYoav Landman, CTO and Co-Founder, JFrog
Software is entering an agent-driven era. Autonomous AI agents no longer just assist developers; they write code, resolve dependencies, produce binaries, and trigger releases at machine speed. In this world, the binary, not the source code, becomes the true manifestation of software.
This shift breaks the traditional Software Supply Chain and exposes new risk surfaces. Governance models built for human workflows, pull requests, and periodic releases collapse when non-human actors produce software continuously and at exponential scale. This fundamentally challenges how enterprises establish trust in what agents – co-engineering with humans- produce.
This session explores how the Software Supply Chain must evolve to meet this transformation. The session focuses on enforcing trust, security, and auditability in agent-aware and agent-enabled software pipelines, and on how binaries become the system of record for autonomous agents.
10:00 AMCoffee Break
AI and Model Context Protocols (MCP) have unlocked ‘Extreme Velocity,’ but this emerging productivity surge has a dark side. Threat actors are now using the same automation to launch coordinated attacks, like the Shai-Hulud incident, hiding malicious code within the noise of high-frequency releases.
When manual security gates fail, how do you maintain governance? This session provides the blueprint for high-velocity artifact trust. Learn to evolve your definition of ‘trusted software’ and implement strategies that secure your supply chain against new threats – such as malicious MCP servers and risky ML models – without slowing down innovation.
10:15 AMThe Developer’s Shield: Prioritizing Defense in the AI NoiseEyal Dyment, VP, Security Product, JFrog
Yuval Fernbach, VP, CTO MLOps, JFrog
Yuval Fernbach, VP, CTO MLOps, JFrog
Let’s face it: developers can feel like the extreme velocity of AI hits a solid wall of security noise. When thousands of AI-powered versions and vulnerability alerts flood the pipeline, the new definition of “protection” is now the enemy of flow. Do we add more scanners, tools, and alerts? Hardly.
The real challenge in the modern supply chain is not adding yet more layers of defense; it’s providing an integrated security approach that prioritizes the experience and efficiency of hybrid development teams. In this session, we move past the high-level panic to focus on the individual development workflow. We’ll explore how to navigate the surge of AI-generated threats without being paralyzed by false positives or irrelevant data at scale. You’ll learn a practical framework for identifying high-impact risks in context, ensuring that security is always-on, but not always-present.
Join us to see how great security and great developer experience can coexist, allowing you to scale AI without sacrificing the speed or joy of creating.
11:00 AMCoffee Break
AI and Model Context Protocols (MCP) have unlocked ‘Extreme Velocity,’ but this emerging productivity surge has a dark side. Threat actors are now using the same automation to launch coordinated attacks, like the Shai-Hulud incident, hiding malicious code within the noise of high-frequency releases.
When manual security gates fail, how do you maintain governance? This session provides the blueprint for high-velocity artifact trust. Learn to evolve your definition of ‘trusted software’ and implement strategies that secure your supply chain against new threats – such as malicious MCP servers and risky ML models – without slowing down innovation.
11:15 AMMachine Speed vs. Human Rules: Scaling Governance for the AI ExplosionHaggai Schechtman, VP, DevGovOps Product, JFrog
Ronny Belenitsky, Director, DevGovOps Product, JFrog
Ronny Belenitsky, Director, DevGovOps Product, JFrog
12:00 PMLunch Break
AI and Model Context Protocols (MCP) have unlocked ‘Extreme Velocity,’ but this emerging productivity surge has a dark side. Threat actors are now using the same automation to launch coordinated attacks, like the Shai-Hulud incident, hiding malicious code within the noise of high-frequency releases.
When manual security gates fail, how do you maintain governance? This session provides the blueprint for high-velocity artifact trust. Learn to evolve your definition of ‘trusted software’ and implement strategies that secure your supply chain against new threats – such as malicious MCP servers and risky ML models – without slowing down innovation.
01:00 PMSecuring the Core: The Strategic Evolution of Deutsche Börse Group’s Software Supply ChainChristian Gorke, CISO / Chief ICT Risk Officer, Deutsche Börse
Sigurd Pollmann, SVP, Head of DevSecOps Toolchain & Operations, Deutsche Börse
Sigurd Pollmann, SVP, Head of DevSecOps Toolchain & Operations, Deutsche Börse
Since 2016, the partnership between Deutsche Börse Group and JFrog has evolved from a tactical repository solution into a cornerstone of our global security architecture.
This session explores our journey from managing binary storage to navigating a critical security landscape, highlighted by a pivotal 2024 security intelligence report from the JFrog Security Research team. We will detail our transition toward a comprehensive security posture – leveraging JFrog Xray, JFrog Advanced Security, and JFrog Curation – to insulate our software supply chain against emerging threats.
Finally, we will share our strategic vision for an “AI-infused SDLC,” where agentic automation and platform synergy redefine operational resilience in a highly regulated financial environment.
01:45 PMCoffee Break
02:00 PMYour Global Nervous System: Scaling for the Distributed Enterprise Yossi Shaul, SVP, DevOps Product, JFrog
Shai Ben-Tovim, VP, DevOps Product, JFrog
Shai Ben-Tovim, VP, DevOps Product, JFrog
AI and Model Context Protocols (MCP) have unlocked ‘Extreme Velocity,’ but this emerging productivity surge has a dark side. Threat actors are now using the same automation to launch coordinated attacks, like the Shai-Hulud incident, hiding malicious code within the noise of high-frequency releases.
When manual security gates fail, how do you maintain governance? This session provides the blueprint for high-velocity artifact trust. Learn to evolve your definition of ‘trusted software’ and implement strategies that secure your supply chain against new threats – such as malicious MCP servers and risky ML models – without slowing down innovation.
02:45 PMClosing Session
Scale is the final barrier to AI-driven velocity. As operations go global, complexity often kills the speed you’ve worked so hard to gain. This session provides the blueprint for scaling DevOps from one high-performing team to a unified global organization—without sacrificing integrity or governance.
Learn how to deconstruct enterprise complexity using JFrog Projects and Federation to eliminate cross-border drift. We’ll demonstrate how High Availability keeps your engine running and how modern Distribution handles massive edge environments with absolute precision. Stop managing noise and start scaling impact!
03:00 PMBreak
Noise is the new bottleneck. As AI accelerates development, teams are increasingly drowning in security alerts that stall progress. This session outlines how to silence the chaos and refocus your resources on what truly matters.
Discover how to transition to contextualized insights and agentic security to fix only the vulnerabilities that pose a real risk to your applications. We will explore how to automate governance and risk decisions, ensuring your security posture scales alongside your innovation. Join us to learn how to build a high-velocity supply chain where trust is automated, not manual.
03:15 PMCustomer Meetings
Noise is the new bottleneck. As AI accelerates development, teams are increasingly drowning in security alerts that stall progress. This session outlines how to silence the chaos and refocus your resources on what truly matters.
Discover how to transition to contextualized insights and agentic security to fix only the vulnerabilities that pose a real risk to your applications. We will explore how to automate governance and risk decisions, ensuring your security posture scales alongside your innovation. Join us to learn how to build a high-velocity supply chain where trust is automated, not manual.
Featured Customers
Sigurd Pollmann
SVP, Head of DevSecOps Toolchain & Operations
Deutsche Börse
Christian Gorke
CISO / Chief ICT Risk Officer
Deutsche Börse
Sigurd Pollmann
SVP, Head of DevSecOps Toolchain & Operations
Christian Gorke
CISO / Chief ICT Risk Officer
Meet the Frogs
Eyal Dyment
VP, Security Product
Shlomi Ben Haim
CEO and Co-Founder
Yoav Landman
CTO and Co-Founder
Yuval Fernbach
VP, CTO MLOps
Haggai Schechtman
VP, DevGovOps Product
Yossi Shaul
SVP, DevOps Product
Ronny Belenitsky
Director, DevGovOps Product
Shai Ben-Tovim
VP, DevOps Product
Yoav Landman
CTO and Co-Founder
Shlomi Ben Haim
CEO and Co-Founder
Yuval Fernbach
VP, CTO MLOps
Eyal Dyment
VP, Security Product
Yossi Shaul
SVP, DevOps Product
Haggai Schechtman
VP, DevGovOps Product
Ronny Belenitsky
Director, DevGovOps Product
Shai Ben-Tovim
VP of Product
The Venue
Access Only Via, Opernpl. 16, 60313
Frankfurt am Main, Germany
