Modern AI systems can be astonishingly powerful—but only when guided with well-crafted prompts. This 90-minute session provides a fast-paced, practical deep dive into the core elements of effective prompting and the techniques that consistently produce better, more reliable outputs from LLMs. Attendees will learn the building blocks of strong prompts, explore how to design and iterate prompts for specific goals, and understand when to apply different prompt types including role-based, structured, constrained, few-shot, and chain-of-thought patterns. The session concludes with practical frameworks for evaluating prompt quality, measuring effectiveness, and building repeatable prompting workflows. Ideal for developers, analysts, and technical leaders who want to accelerate their AI effectiveness immediately.

Large language models can solve a broad range of problems, but the difference between mediocre and exceptional results often comes down to how prompts are designed. This session equips attendees with a practical, accelerative approach to prompt engineering—focusing on patterns, structure, and evaluation rather than guesswork.

We begin by breaking down the essential elements of a prompt, including task definition, context, constraints, persona/role setup, and output formatting. Attendees learn how these components shape the model’s reasoning process and influence the reliability and clarity of generated responses.

The session then explores core prompt types used in real-world AI workflows: role-based prompting to guide behavior, structured prompts for predictable formatting, constrained prompts for compliance and safety, few-shot prompts to teach patterns, and chain-of-thought approaches for deeper reasoning. For each type, we discuss practical examples, strengths, limitations, and the scenarios where each method excels.

To ensure prompts are not only functional but optimized, we introduce a measurement framework covering clarity, consistency, controllability, correctness, and cost. Attendees learn how to evaluate prompt performance, iterate intentionally, detect failure modes, and quantify improvement using simple metrics and qualitative benchmarks.

By the end, participants leave with a toolkit of immediately applicable techniques and a systematic mental model for designing, refining, and validating AI prompts—empowering them to work more effectively with models across development, data analysis, automation, writing, and problem-solving tasks.

1. Introduction (5 minutes)
   •Why prompting still matters in 2026
   •The shift from “magic words” to systems-thinking in prompt design
   •Goals of the session

2. Foundations of Effective Prompting (10 minutes)
   •The core elements of a prompt
   •Task
   •Context
   •Constraints
   •Role/persona
   •Output format
   •How LLMs interpret instructions

3. Designing Prompts for High-Quality Results (15 minutes)
   •Framing the problem correctly
   •Precision vs. flexibility
   •Reducing ambiguity
   •Encoding domain knowledge
   •Strategies for decomposing complex tasks

4. Prompt Types and Techniques (30 minutes)

Role-Based Prompts
•When to use personas
•How roles steer behavior and tone

Structured Prompts
•Templates, sections, and predictable formats
•Ideal for analysis, coding, automation, compliance

Constrained Prompts
•Using rules, boundaries, and limitations
•Preventing drift and controlling style

Few-Shot & Pattern-Teaching Prompts
•Teaching the model via examples
•Balancing length, clarity, and guidance

Chain of Thought (CoT)
•Getting transparent reasoning
•When CoT helps vs. when it harms
•Alternatives: stepwise prompting, self-critique

1. Selecting the Right Prompt Technique (10 minutes)
   •A decision tree / mapping prompt type to problem type
   •Combining techniques in layered prompts

2. Measuring Prompt Success and Effectiveness (15 minutes)
   •Evaluation criteria: clarity, consistency, correctness, controllability, cost
   •Using test cases and benchmarks
   •Iteration loops
   •Identifying failure modes

3. Closing Takeaways + Q&A (5 minutes)
   •A reusable checklist for prompt engineering
   •How to continue improving prompts in real workstreams
   •Audience questions

Just as CI/CD and other revolutions in DevOps have changed the landscape of the software development lifecycle (SDLC), so Generative AI is now changing it again. Gen AI has the potential to simplify, clarify, and lessen the cycles required across multiple phases of the SDLC.

In this session with author, trainer, and experienced DevOps director Brent Laster, we'll survey the ways that today's AI assistants and tools can be incorporated across your SDLC phases including planning, development, testing, documentation, maintaining, etc. There are multiple ways the existing tools can help us beyond just the standard day-to-day coding and, like other changes that have happened over the years, teams need to be aware of, and thinking about how to incorporate AI into their processes to stay relevant and up-to-date.

This condensed hands-on session provides developers and technical leaders with a practical foundation in AI system security — from understanding the unique attack surfaces of LLMs and agents to applying effective guardrails, validation, and monitoring.
Participants explore key security principles across LLM pipelines, agent architectures, and Model Context Protocol (MCP) environments.
Through five focused labs, attendees learn how to detect vulnerabilities, prevent data leakage, and implement safe execution patterns for AI-driven workflows.

By the end of the session, participants will have a working understanding of common AI attack vectors, defensive design patterns, and secure deployment practices for agents and MCP-based systems.

The workshop combines rapid conceptual overviews with practical, short labs:
1.Lab 1 – Understanding AI Threat Surfaces
Explore how AI systems differ from traditional apps: prompt injection, training data poisoning, model exfiltration, and output manipulation.
2.Lab 2 – Secure Prompt and Context Handling
Implement techniques for input sanitization, instruction filtering, and chain-of-thought isolation in LLM and agent pipelines.
3.Lab 3 – Guardrails and Policy Enforcement
Apply open-source guardrail frameworks (e.g., Guardrails.ai or LlamaGuard) to validate responses and prevent unsafe completions.
4.Lab 4 – Securing Agent Tool Use
Configure tools and connectors with least-privilege access and safe error handling. Examine how to restrict and audit agent actions.
5.Lab 5 – Securing MCP Interactions
Learn how to authenticate, authorize, and scope MCP server calls. Practice securing endpoints and preventing untrusted tool injection.

Outcome:
Participants leave with an actionable framework for assessing AI application risk, implementing safeguards, and integrating secure development practices into their LLM and agent workflows.

This condensed hands-on session provides developers and technical leaders with a practical foundation in AI system security — from understanding the unique attack surfaces of LLMs and agents to applying effective guardrails, validation, and monitoring.
Participants explore key security principles across LLM pipelines, agent architectures, and Model Context Protocol (MCP) environments.
Through five focused labs, attendees learn how to detect vulnerabilities, prevent data leakage, and implement safe execution patterns for AI-driven workflows.

By the end of the session, participants will have a working understanding of common AI attack vectors, defensive design patterns, and secure deployment practices for agents and MCP-based systems.

The workshop combines rapid conceptual overviews with practical, short labs:
1.Lab 1 – Understanding AI Threat Surfaces
Explore how AI systems differ from traditional apps: prompt injection, training data poisoning, model exfiltration, and output manipulation.
2.Lab 2 – Secure Prompt and Context Handling
Implement techniques for input sanitization, instruction filtering, and chain-of-thought isolation in LLM and agent pipelines.
3.Lab 3 – Guardrails and Policy Enforcement
Apply open-source guardrail frameworks (e.g., Guardrails.ai or LlamaGuard) to validate responses and prevent unsafe completions.
4.Lab 4 – Securing Agent Tool Use
Configure tools and connectors with least-privilege access and safe error handling. Examine how to restrict and audit agent actions.
5.Lab 5 – Securing MCP Interactions
Learn how to authenticate, authorize, and scope MCP server calls. Practice securing endpoints and preventing untrusted tool injection.

Outcome:
Participants leave with an actionable framework for assessing AI application risk, implementing safeguards, and integrating secure development practices into their LLM and agent workflows.

Learning and understanding AI concepts is satisfying and rewarding, but the fun part is learning how to work with AI yourself. In this 1/2 day workshop, author, trainer, and experienced technologist Brent Laster will help you do both! We’ll explain why and how to run AI models locally, the basic ideas of agents and RAG, and show how to assemble a simple AI agent in Python that leverages RAG and uses a local model through Ollama. And you'll get to follow through with hands-on labs and produce your own instance running on your system in a GitHub Codespace

In this workshop, we'll walk you through what it means to run models locally, how to interact with them, and how to use them as the brain for an agent. Then, we'll enable them to access and use data from a PDF via retrieval-augmented generation (RAG) to make the results more relevant and meaningful. And you'll do all of this hands-on in a ready-made environment with no extra installs required.

No experience is needed on these technologies, although we do assume you do have a basic understanding of LLMs.

Workshop Requirements

Attendees will need the following to do the hands-on labs:

• A laptop with power
• A GitHub account on the public GitHub.com (free tier is fine)
• Browser

Learning and understanding AI concepts is satisfying and rewarding, but the fun part is learning how to work with AI yourself. In this 1/2 day workshop, author, trainer, and experienced technologist Brent Laster will help you do both! We’ll explain why and how to run AI models locally, the basic ideas of agents and RAG, and show how to assemble a simple AI agent in Python that leverages RAG and uses a local model through Ollama. And you'll get to follow through with hands-on labs and produce your own instance running on your system in a GitHub Codespace

In this workshop, we'll walk you through what it means to run models locally, how to interact with them, and how to use them as the brain for an agent. Then, we'll enable them to access and use data from a PDF via retrieval-augmented generation (RAG) to make the results more relevant and meaningful. And you'll do all of this hands-on in a ready-made environment with no extra installs required.

No experience is needed on these technologies, although we do assume you do have a basic understanding of LLMs.

Workshop Requirements

Attendees will need the following to do the hands-on labs:

• A laptop with power
• A GitHub account on the public GitHub.com (free tier is fine)
• Browser

MCP, or Model Context Protocol, is a standardized framework that allows AI agents to seamlessly connect with external data sources, APIs, and tools. Its main purpose is to make AI agents more intelligent and context-aware by giving them real-time access to live information and actionable capabilities beyond their built-in knowledge.

Join AI technologist, author, and trainer Brent Laster as we learn what MCP is, how it works, and how it can be used to create AI agents that can work with any process that implements MCP. You'll work with MCP concepts, coding, servers, etc. through hands-on labs that teach you how to use it with AI agents.

With MCP, developers can easily integrate AI agents with a wide variety of systems, from internal business databases to third-party services, without having to build custom integrations for each use case. MCP servers act as gateways, exposing specific actions and knowledge to the AI agent, which can then dynamically discover and use these capabilities as needed. This approach streamlines the process of adding new functionalities to AI agents and reduces ongoing maintenance.

MCP is particularly useful for scenarios where AI agents need up-to-date information or need to perform actions in external systems-such as customer support bots fetching live ticket data, enterprise assistants accessing knowledge bases, or automation agents processing transactions. By leveraging MCP, organizations can create more adaptable, powerful, and enterprise-ready AI solutions that respond to real-world business needs in real time

Workshop Requirements

Attendees will need the following to do the hands-on labs:

• A laptop with power
• A GitHub account on the public GitHub.com (free tier is fine)
• Browser

MCP, or Model Context Protocol, is a standardized framework that allows AI agents to seamlessly connect with external data sources, APIs, and tools. Its main purpose is to make AI agents more intelligent and context-aware by giving them real-time access to live information and actionable capabilities beyond their built-in knowledge.

Join AI technologist, author, and trainer Brent Laster as we learn what MCP is, how it works, and how it can be used to create AI agents that can work with any process that implements MCP. You'll work with MCP concepts, coding, servers, etc. through hands-on labs that teach you how to use it with AI agents.

With MCP, developers can easily integrate AI agents with a wide variety of systems, from internal business databases to third-party services, without having to build custom integrations for each use case. MCP servers act as gateways, exposing specific actions and knowledge to the AI agent, which can then dynamically discover and use these capabilities as needed. This approach streamlines the process of adding new functionalities to AI agents and reduces ongoing maintenance.

MCP is particularly useful for scenarios where AI agents need up-to-date information or need to perform actions in external systems-such as customer support bots fetching live ticket data, enterprise assistants accessing knowledge bases, or automation agents processing transactions. By leveraging MCP, organizations can create more adaptable, powerful, and enterprise-ready AI solutions that respond to real-world business needs in real time

Workshop Requirements

Attendees will need the following to do the hands-on labs:

• A laptop with power
• A GitHub account on the public GitHub.com (free tier is fine)
• Browser

Java has quietly grown into a more expressive, flexible, and modern language — but many developers haven’t kept up with the latest features. This two-part workshop explores the most useful additions to Java from recent releases, with hands-on examples and real-world scenarios.

Whether you’re still catching up from Java 8 or already using Java 21+, this series will give you a practical edge in writing cleaner, more modern Java code.

• sealed classes
• record
• Pattern Matching
• Text Blocks
• switch expressions
• Stream Gatherers
• Flexible Constructor Bodies

Java has quietly grown into a more expressive, flexible, and modern language — but many developers haven’t kept up with the latest features. This two-part workshop explores the most useful additions to Java from recent releases, with hands-on examples and real-world scenarios.

Whether you’re still catching up from Java 8 or already using Java 21+, this series will give you a practical edge in writing cleaner, more modern Java code.

• sealed classes
• record
• Pattern Matching
• Text Blocks
• switch expressions
• Stream Gatherers
• Flexible Constructor Bodies

Java has quietly grown into a more expressive, flexible, and modern language — but many developers haven’t kept up with the latest features. This two-part workshop explores the most useful additions to Java from recent releases, with hands-on examples and real-world scenarios.

Whether you’re still catching up from Java 8 or already using Java 21+, this series will give you a practical edge in writing cleaner, more modern Java code.

• Implicitly Declared Classes & Enhanced Main Methods
• Simple Web Server
• HTTPClient
• Multi-File Source Launching
• JShell
• Stable Values

Java has quietly grown into a more expressive, flexible, and modern language — but many developers haven’t kept up with the latest features. This two-part workshop explores the most useful additions to Java from recent releases, with hands-on examples and real-world scenarios.

Whether you’re still catching up from Java 8 or already using Java 21+, this series will give you a practical edge in writing cleaner, more modern Java code.

• Implicitly Declared Classes & Enhanced Main Methods
• Simple Web Server
• HTTPClient
• Multi-File Source Launching
• JShell
• Stable Values

In this half-day workshop, we’ll practice Test-Driven Development (TDD) by solving a real problem step by step. You’ll learn how to think in tests, write clean code through refactoring, and use your IDE and AI tools effectively. We’ll also explore how modern Java features (like lambdas and streams) enhance testability, and discuss what’s worth testing — and what’s not.

• Process of Testing
• Refactoring and Clean Code
• Benefits
• Setting a Project
• Using IDEs to your absolute advantage
• What role do new Java 8 Lambdas play in testing
• What to test and what not to test
• Integration with Ai
• Property-Based Testing

In this half-day workshop, we’ll practice Test-Driven Development (TDD) by solving a real problem step by step. You’ll learn how to think in tests, write clean code through refactoring, and use your IDE and AI tools effectively. We’ll also explore how modern Java features (like lambdas and streams) enhance testability, and discuss what’s worth testing — and what’s not.

• Process of Testing
• Refactoring and Clean Code
• Benefits
• Setting a Project
• Using IDEs to your absolute advantage
• What role do new Java 8 Lambdas play in testing
• What to test and what not to test
• Integration with Ai
• Property-Based Testing

Since 1994, the original Gang of Four Design Patterns book, “Design Patterns: Elements of Reusable Object-Oriented Software” has helped developers recognize common patterns in development. The book was originally written in C++, but there have been books that translate the original design patterns into their preferred language. One feature of “The Gang of Four Design Patterns” that has particularly stuck with me has been testability for the most part. With the exception of singleton, all patterns are unit-testable. Design Patterns are also our common developer language. When a developer says, “Let's use the Decorator Pattern,” we know what is meant.

What's new, though, is functional programming, so we will also discuss how these patterns change in our new modern functional programming world. For example, functional currying in place of the builder pattern, using an enum for a singleton, and reconstructing the state pattern using sealed interfaces. We will cover so much more, and I think you will be excited about this topic and putting it into practice on your codebase.

Workshop Requirements

Setup Requirements:

• JDK 22 (The latest!)
• Latest IntelliJ Preferred
• Maven 3.8.x
• Git
• GitHub Account

If you do not have the following or don't want to use the following, we can use Github Codespaces or Gitpod.io. Both of these options will have a VSCode instance online

Since 1994, the original Gang of Four Design Patterns book, “Design Patterns: Elements of Reusable Object-Oriented Software” has helped developers recognize common patterns in development. The book was originally written in C++, but there have been books that translate the original design patterns into their preferred language. One feature of “The Gang of Four Design Patterns” that has particularly stuck with me has been testability for the most part. With the exception of singleton, all patterns are unit-testable. Design Patterns are also our common developer language. When a developer says, “Let's use the Decorator Pattern,” we know what is meant.

What's new, though, is functional programming, so we will also discuss how these patterns change in our new modern functional programming world. For example, functional currying in place of the builder pattern, using an enum for a singleton, and reconstructing the state pattern using sealed interfaces. We will cover so much more, and I think you will be excited about this topic and putting it into practice on your codebase.

Workshop Requirements

Setup Requirements:

• JDK 22 (The latest!)
• Latest IntelliJ Preferred
• Maven 3.8.x
• Git
• GitHub Account

If you do not have the following or don't want to use the following, we can use Github Codespaces or Gitpod.io. Both of these options will have a VSCode instance online

Architectural decisions are often influenced by blindspots, biases, and unchecked assumptions, which can lead to significant long-term challenges in system design. In this session, we’ll explore how these cognitive traps affect decision-making, leading to architectural blunders that could have been avoided with a more critical, holistic approach.

You’ll learn how common biases—such as confirmation bias and anchoring—can cloud judgment, and how to counteract them through problem-space thinking and reflective feedback loops. We’ll dive into real-world examples of architectural failures caused by biases or narrow thinking, and discuss strategies for expanding your perspective and applying critical thinking to system design.

Whether you’re an architect, developer, or technical lead, this session will provide you with tools to recognize and mitigate the impact of biases and blindspots, helping you make more informed, thoughtful architectural decisions that stand the test of time.

When Eliyahu Goldratt wrote The Goal, he showed how local optimizations (like adding robots to a factory line) can actually decrease overall performance. Today, AI threatens to repeat that mistake in software. We’re accelerating coding without improving flow. In this talk, Michael Carducci explores what it means to architect for the goal: continuous delivery of value through systems designed for flow.

Drawing insights from Architecture for Flow, Domain-Driven Design, Team Topologies, and his own Tailor-Made Architecture Model, Carducci shows how to align business strategy, architecture, and teams around shared constraints and feedback loops. You’ll discover how to turn automation into advantage, orchestrate AI within the system of work, and build socio-technical architectures that evolve—not just accelerate.

Agile has become an overused and overloaded buzzword, let's go back to first principles. Agile is the 12 principles. Agile is founded on fast feedback and embraces change. Agile is about making the right decisions at the right time while constantly learning and growing.

Architecture, on the other hand, seems to be the opposite. Once famously described by Grady Booch as “the stuff that's hard to change” there is overwhelming pressure to get architecture “right” early on as the ultimate necessary rework will be costly at best, and fatal at worst. But too much complexity, too early, can be just as costly or fatal. A truly practical approach to agile architecture is long overdue.

This session introduces a new approach to architecture that enables true agility and unprecedented evolvability in the architectures we design and build. Whether you are a already a seasoned architect, or are simply beginning that path, this session will fundamentally change the way you think about and approach software architecture.

REST APIs often fall into a cycle of constant refactoring and rewrites, leading to wasted time, technical debt, and endless rework. This is especially difficult when you don't control the API clients.

But what if this could be your last major API refactor? In this session, we’ll dive into strategies for designing and refactoring REST APIs with long-term sustainability in mind—ensuring that your next refactor sets you up for the future.

You’ll learn how to design APIs that can adapt to changing business requirements and scale effectively without requiring constant rewrites. We’ll explore principles like extensibility, versioning, and decoupling, all aimed at future-proofing your API while keeping backward compatibility intact. Along the way, we’ll examine real-world examples of incremental API refactoring, where breaking the cycle of endless rewrites is possible.

This session is perfect for API developers, architects, and tech leads who are ready to stop chasing their tails and want to invest in designing APIs that will stand the test of time—so they can focus on building great features instead of constantly rewriting code.

Microservices architecture has become a buzzword in the tech industry, promising unparalleled agility, scalability, and resilience. Yet, according to Gartner, more than 90% of organizations attempting to adopt microservices will fail. How can you ensure you're part of the successful 10%?

Success begins with looking beyond the superficial topology and understanding the unique demands this architectural style places on the teams, the organization, and the environment. These demands must be balanced against the current business needs and organizational realities while maintaining a clear and pragmatic path for incremental evolution.

In this session, Michael will share some real-world examples, practical insights, and proven techniques to balance both the power and complexities of microservices. Whether you're considering adopting microservices or already on the journey and facing challenges, this session will equip you with the knowledge and tools to succeed.

As code generation becomes increasingly automated, our role as developers and architects is evolving. The challenge ahead isn’t how to get AI to write more code, it’s how to guide it toward coherent, maintainable, and purposeful systems.

In this session, Michael Carducci reframes software architecture for the era of intelligent agents. You’ll learn how architectural constraints, composition, and trade-offs provide the compass for orchestrating AI tools effectively. Using principles from the Tailor-Made Architecture Model, Carducci introduces practical mental models to help you think architecturally, communicate intent clearly to your agents, and prevent automation from accelerating entropy. This talk reveals how the enduring discipline of architecture becomes the key to harnessing AI—not by replacing human creativity, but by amplifying it.

Everyone’s talking about AI models, but almost no one is talking about the data architecture that makes them intelligent. Today’s AI systems are brittle because they lack context, semantics, and shared understanding. In this session, Michael Carducci explores how linked data, RDF, ontologies, and knowledge graphs solve the very problems that leave the industry floundering: hallucination, inconsistency, and lack of interoperability.

Drawing from real-world examples, Carducci connects decades of overlooked research in semantic web technologies to the challenges of modern AI and agentic systems. You’ll see how meaning itself can be modeled, linked, and reasoned over; and why the future of AI depends not on bigger models, but on smarter data.

Everyone’s talking about AI models, but almost no one is talking about the data architecture that makes them intelligent. Today’s AI systems are brittle because they lack context, semantics, and shared understanding. In this session, Michael Carducci explores how linked data, RDF, ontologies, and knowledge graphs solve the very problems that leave the industry floundering: hallucination, inconsistency, and lack of interoperability.

Drawing from real-world examples, Carducci connects decades of overlooked research in semantic web technologies to the challenges of modern AI and agentic systems. You’ll see how meaning itself can be modeled, linked, and reasoned over; and why the future of AI depends not on bigger models, but on smarter data.

Security problems empirically fall into two categories: bugs and flaws. Roughly half of the problems we encounter in the wild are bugs and about half are design flaws. A significant number of the bugs can be found through automated testing tools which frees you up to focus on the more pernicious design issues. 

 In addition to detecting the presence of common bugs, however, we can also imagine automating the application of corrective refactoring. In this talk, I will discuss using OpenRewrite to fix common security issues and keep them from coming back.

In this talk we will focus on:

Using OpenRewrite to automatically identify and fix known security vulnerabilities.
Integrating security scans with OpenRewrite for continuous improvement.
*Free up your time to address larger concerns by addressing the pedestrian but time-consuming security bugs.

One of the nice operational features of the REST architectural style as an approach to API Design is that is allows for separate evolution of the client and server. Depending on the design choices a team makes, however, you may be putting a higher burden on your clients than you intend when you introduce breaking changes.

 By taking advantage of the capabilities of OpenRewrite, we can start to manage the process of independent evolution while minimizing the impact. Code migration and refactoring can be used to transition existing clients away from older or deprecated APIs and toward new versions with less effort than trying to do it by hand.

In this talk we will focus on:

Managing API lifecycle changes by automating the migration from deprecated to supported APIs.
Discussing API evolution strategies and when they require assisted refactoring and when they don’t.
*Integrating OpenRewrite into API-first development to ensure client code is always up-to-date with ease.

If you are getting tired of the appearance of new types of databases… too bad. We are increasingly relying on a variety of data storage and retrieval systems for specific purposes. Data does not have a single shape and indexing strategies that work for one are not necessarily good fits for others. So after hierarchical, relational, object, graph, columnoriented, document, temporal, appendonly, and everything else, get ready for Vector Databases to assist in the systematization of machine learning systems.

This will be an overview of the benefits of vectors databases as well as an introduction to the major players.

We will focus on open source versus commercial players, hosted versus local deployments, and the attempts to add vector search capabilities to existing storage systems.

We will cover:

• A brief overview of vectors
• Why vectors are so important to machine learning and datadriven systems
• Overview of the offerings
• Adding vector search to other systems
• Sample use cases shown with one of the key open source engines

If you are getting tired of the appearance of new types of databases… too bad. We are increasingly relying on a variety of data storage and retrieval systems for specific purposes. Data does not have a single shape and indexing strategies that work for one are not necessarily good fits for others. So after hierarchical, relational, object, graph, columnoriented, document, temporal, appendonly, and everything else, get ready for Vector Databases to assist in the systematization of machine learning systems.

This will be an overview of the benefits of vectors databases as well as an introduction to the major players.

We will focus on open source versus commercial players, hosted versus local deployments, and the attempts to add vector search capabilities to existing storage systems.

We will cover:

• A brief overview of vectors
• Why vectors are so important to machine learning and datadriven systems
• Overview of the offerings
• Adding vector search to other systems
• Sample use cases shown with one of the key open source engines

If you ask the typical technologist how to build a secure system, they will include encryption in the solution space. While this is a crucial security feature, in and of itself, it is an insufficient part of the plan. Additionally, there are a hundred ways it could go wrong. How do you know if you're doing it right? How do you know if you're getting the protections you expect?

Encryption isn't a single thing. It is a collection of tools combined together to solve problems of secrecy, authentication, integrity, and more. Sometimes those tools are deprecated because they no longer provide the protections that they once did.Technology changes. Attacks change. Who in your organization is tracking and validating your encryption strategy? How are quantum computing advancements going to change the game?No background will be assumed and not much math will be shown.

If you ask the typical technologist how to build a secure system, they will include encryption in the solution space. While this is a crucial security feature, in and of itself, it is an insufficient part of the plan. Additionally, there are a hundred ways it could go wrong. How do you know if you're doing it right? How do you know if you're getting the protections you expect?

Encryption isn't a single thing. It is a collection of tools combined together to solve problems of secrecy, authentication, integrity, and more. Sometimes those tools are deprecated because they no longer provide the protections that they once did.Technology changes. Attacks change. Who in your organization is tracking and validating your encryption strategy? How are quantum computing advancements going to change the game?No background will be assumed and not much math will be shown.

There's a clear need for security in the software systems that we build. The problem for most organizations is that they don't want to spend any money on it. Even if they did, they often have no idea how much to spend. No particular initiative is likely to imbue your system with “security”, but a strong, deep defensive approach is likely to give you a fighting chance of getting it right.

Web Security as applied to APIs in particular are an important part of the plan. In this workshop, we'll show you how approaches to defining “enough” as well as concrete techniques to employ incrementally in your designs.

In this workshop, we will pick a hands on framework for implementation, but the ideas will generally be standards-based and transcend technology choice so you should have a strategy for mapping the ideas into your own systems.

We will cover a broad range of topics including:

• The concepts behind Building Security in
• Designing for Security
• Authentication and Authorization Strategies
• Identity Management
• Protecting Data in transit
• Protecting Data at rest
• Frameworks for selecting security features
• Attack and Threat Models for APIs

There's a clear need for security in the software systems that we build. The problem for most organizations is that they don't want to spend any money on it. Even if they did, they often have no idea how much to spend. No particular initiative is likely to imbue your system with “security”, but a strong, deep defensive approach is likely to give you a fighting chance of getting it right.

Web Security as applied to APIs in particular are an important part of the plan. In this workshop, we'll show you how approaches to defining “enough” as well as concrete techniques to employ incrementally in your designs.

In this workshop, we will pick a hands on framework for implementation, but the ideas will generally be standards-based and transcend technology choice so you should have a strategy for mapping the ideas into your own systems.

We will cover a broad range of topics including:

• The concepts behind Building Security in
• Designing for Security
• Authentication and Authorization Strategies
• Identity Management
• Protecting Data in transit
• Protecting Data at rest
• Frameworks for selecting security features
• Attack and Threat Models for APIs