Platform Engineers Colombo

Now that the dust has settled on PlatformCon 2025, join Sam Barlien, Head of Ecosystem at Platform Engineering (and NYC Live Day moderator!), as he breaks down the top insights from the world's largest platform engineering event. From over 300 hours of content across 255+ talks, 30 workshops, and 2 full days of Live Day content, discover what's really driving the industry forward and what you need to know for 2025.

Join this exclusive session to discover the game-changing insights from PlatformCon 2025, gathered from industry veterans, leading enterprise execs, and ambitious young platform builders alike. In this session, Sam will explore :

• Why "achieving outcomes" is the new definition of great platform engineering
• How the paradigm shifts from "shift left" to "shift down": embedding security, reliability, and scalability directly into platforms
• The current contradiction of AI dominating 30% of all discussions on the future of platform engineering

After a 30-minute talk there’ll be a 15-minute Q&A, for which we encourage you to submit questions in advance.
A webinar recording and related materials will be shared with all attendees after the event.
________________
Speaker:
Sam Barlien - Head of Ecosystem @ Platform Engineering
Sam is a passionate communicator and tech enthusiast who thrives at the intersection of community, content, and technology. As a key contributor to the world’s largest platform engineering community, Sam engages with tens of thousands of practitioners across Slack, YouTube, global meetups, and a newsletter reaching over 100,000 readers.

Sam’s mission is to make platform engineering accessible, whether by creating insightful articles and videos, hosting events like PlatformCon with over 35,000 attendees, or co-organizing the first ever platform engineering course. With a deep belief in the power of content and community to drive innovation, Sam is shaping the future of platform engineering one conversation at a time.

*Sign up through the zoom link
Join us for a hands-on workshop exploring secure, self-service development workflows. Guided by Head of Product at Coder, Ben Potter, you'll tackle a coding challenge, learning how to enhance efficiency, automation, and security while streamlining development.

This interactive session explores key concepts of self-service workflows, automation, and security by design. You will:

• Learn how standardization reduces cognitive load and improves developer experience through real-world applications and best practices.
• Be guided through a coding challenge setting up secure environments and complete practical exercises, followed by Q&A and troubleshooting.
• Discover how organizations implement scalable, secure self-service solutions and gain actionable strategies to apply these workflows in your own development scenarios.

After a 30-minute talk there’ll be a 15-minute Q&A, for which we encourage you to submit questions in advance.

A webinar recording and related materials will be shared with all attendees after the event.
_____________________
Speaker:
Ben Potter - Head of Product @ Coder
Ben Potter is an engineer and Head of Product at Coder, an open-source platform for cloud developer environments. Before Coder, Ben did all of his professional projects and tinker projects on remote machines and now works with enterprises to move their developer boxes to the cloud.

You’re in the zone. Code’s flowing, features are shipping, infra is scaling. That’s vibe coding - and it feels great... until a misconfigured IAM role or forgotten encryption setting sends you into triage mode.

The truth is, Infrastructure as Code (IaC) wasn’t built to slow you down: it was built to scale infrastructure safely. But without the right approach, it becomes just another source of toil and risk.

Join Ian Amit, CEO of Gomboc AI, for a session on how high-performing platform teams are evolving their relationship with IaC: not just writing better Terraform, but maturing how they validate, govern, and automate it - all without breaking the developer flow. You will learn:

• Why “vibe coding” matters: and where it collides with real-world infrastructure
• What most teams get wrong about IaC (hint: it’s not the code, it’s the lifecycle)
• How to mature your IaC practice: from linting → scanning → auto-fixing → policy-as-code
• What guardrails should really look like in 2025: no tickets, no blockers, no guesswork
• Real-world examples: how teams went from alert fatigue to fast, safe IaC workflows using deterministic AI

After a 30-minute talk there’ll be a 15-minute Q&A, for which we encourage you to submit questions in advance.
A webinar recording and related materials will be shared with all attendees after the event.

________________
Speaker:
Ian Amit - CEO and Co Founder @ Gomboc AI

A seasoned cybersecurity leader with over 25 years of experience, Ian is passionate about building solutions that help engineering teams move fast without compromising safety. With a deep understanding of today’s threat landscape, Ian has spent his career designing practical, scalable strategies that simplify security for developers and platform teams.
Before founding Gomboc AI, Ian held CSO/CISO roles at companies including Cimpress, Rapid7, Amazon, ZeroFOX, and IOActive—where he worked closely with engineering orgs to embed security into developer workflows. A recognized expert in application and cloud security, Ian’s insights have been featured in leading publications and at major industry events.

Ian is driven by a mission to shift security from a blocker to an enabler. He serves on the board of BSides Las Vegas, is an IANS Faculty member, and teaches as an adjunct professor at Pace University.

*Make sure to sign up through the zoom link*

Helm charts streamline Kubernetes deployments, but they introduce potential security vulnerabilities. This practical workshop explores common threats, attack scenarios, and proven strategies for securing Helm charts through Cloudsmith's artifact management, maintaining supply chain integrity and regulatory compliance.

Misconfigured charts, unverified dependencies, and lax RBAC and privilege settings can lead to supply chain attacks in Kubernetes. If your business or open-source project relies on Helm charts, which is likely the case if you’re using Kubernetes, this session covers best practices and automation strategies to secure your containerised workloads, by:

• Verifying every asset: Validate public Helm charts, dependencies, and images from popular OSS projects before deployment
• Automating compliance: Scan for vulnerabilities with Trivy and enforce runtime OPA Gatekeeper security policies in real-time.
• Preventing supply chain attacks: Audit and manage Helm charts before distributing through secure repositories.
• Accept the manual overhead: Understand that most charts are insecure-by-default, and require further security checks by your team.

Bonus: Participants will receive access to a hands-on, interactive Instruqt lab platform that analyzes actual insecure chart templates and demonstrates how to scan and detect these vulnerabilities with open-source tools, implement security standards, and properly validate Helm charts prior to production Kubernetes deployment.

After a 30-minute talk there’ll be a 15-minute Q&A, for which we encourage you to submit questions in advance.
A webinar recording and related materials will be shared with all attendees after the event.
_________________
Speaker:
Nigel Douglas - Head of Developer Relations @ Cloudsmith

Nigel Douglas is the Head of Developer Relations at Cloudsmith. He champions Cloudsmith’s developer ecosystem by creating compelling educational content, engaging with developer communities, and promoting Cloudsmith as the go-to solution for artifact management and supply chain security. Nigel helps build and shape the DevOps community through events, tutorials, and innovative programs.