Thousands of platform engineers and security experts are about to gather for KubeCon + CloudNativeCon Europe 2026, making it the year’s definitive cloud-native event. To help you cut through the noise of a packed agenda, we’ve identified the standout sessions you can’t afford to miss. Whether you're looking for high-level strategy or interactive workshops, here is our curated roadmap to ensure you get the most out of your time on the ground.
📍 RAI Amsterdam (Europaplein 24, 1078 GZ Amsterdam, Netherlands)
🗓️ March 24 - 26, 2026
In this session, research engineers Jacopo Bufalino (CNAM) and Agathe Blaise (Thales SIX GTS France) will dive into the messy reality of the Software Bill of Materials (SBOM). They plan to pull back the curtain on why current open-source and cloud-based tools (despite all their promises) frequently generate conflicting package lists and inconsistent vulnerability reports when tasked with scanning complex container images.
This talk is particularly electrifying for the security community because it tackles the compliance anxiety triggered by the EU’s Cyber Resilience Act (CRA). As the CRA shifts SBOMs from a nice-to-have transparency initiative to a legal necessity for software lifecycles, the industry is waking up to a major problem, which is inconsistent data. By dissecting the technical roots of these discrepancies, Bufalino and Blaise aren't just pointing out flaws, they will also be providing a roadmap for developers to ensure their tooling is actually CRA-compliant. For anyone navigating the shift toward a transparent and trustworthy software supply chain, this session offers the technical clarity needed to turn these metaphorical bombs into secure builds.
In this high-impact lightning talk, Andrew Block, a Distinguished Architect at Red Hat, tackles one of the most pressing bottlenecks in modern infrastructure: the chaotic fragmentation of AI/ML integration within the cloud-native ecosystem. Block, a seasoned expert in helping organisations scale open-source solutions, will break down how the current wild west of competing formats and runtimes is actively stifling innovation. He will introduce ModelPack, a CNCF Sandbox project designed to act as the universal translator for AI/ML artifacts, allowing them to finally speak the same language as established tools like Kubernetes, ORAS, and Harbor.
The security and DevOps communities are closely watching this session because it addresses the Day 2 operations nightmare of managing AI at scale. As AI moves from experimental notebooks to production-grade Kubernetes clusters, the lack of standardisation creates massive technical debt and security blind spots. Block’s exploration of ModelPack and emerging artifact standards offers a glimpse into a future where AI models are managed with the same consistency and rigour as container images. For anyone struggling to bridge the gap between data science and cloud-native engineering, this talk provides the blueprint for a unified, scalable, and manageable AI supply chain.
In this session, Senior Infrastructure Security Engineers Jie Wu and Pulkit Garg will pull back the curtain on how one of the world’s largest e-commerce platforms secures its massive infrastructure monorepo. Drawing from their deep backgrounds in cloud defense and 5G network security, Wu and Garg will detail the high-stakes challenge of managing thousands of services where a single misconfiguration could impact millions of merchants. They will demonstrate how Shopify moved beyond manual checkbox security by building an automated pipeline that combines Semgrep for static analysis and Open Policy Agent (OPA) for real-time policy enforcement.
This talk is a must-attend for the security community because it provides a battle-tested blueprint for solving the velocity vs. security dilemma we’re all too familiar with. While many orgs struggle with friction between DevOps and Security teams, Shopify’s approach shows how to bake guardrails directly into the developer workflow without slowing down deployment. Attendees will gain rare insights into the so-called rough patches of scaling open-source security tools and leave with a practical framework for automating risk detection across complex, high-traffic Kubernetes environments.
In the session, Christos Markou, a Principal Software Engineer at Elastic and an OpenTelemetry code owner, dives into the strategic heart of modern software engineering. Markou moves beyond the typical "open source is good for the soul" narrative to present a pragmatic, business-first case for active maintenance. By sharing a high-stakes story of an OTel component saved from the brink of deprecation, he demonstrates how moving from a passive consumer to an active contributor transformed a potential technical debt nightmare into a rapid-response tool for solving critical customer issues.
This talk is a vital wake-up call for the security and observability communities because it addresses the growing crisis of software supply chain sustainability. In an era where a single abandoned dependency can lead to massive security vulnerabilities or operational outages, Markou provides a concrete example to share with your manager on why upstreaming isn't just altruism, it also can be treated as sensible risk management. For teams building on CNCF projects, this session offers a masterclass in how staying present in the ecosystem pays dividends in architectural control, security posture, and long-term engineering velocity.
Adding features to a widely adopted language like Rego involves more than just a simple pull request. In this lightning session, Apple's Charlie Egan explores the full-stack impact of introducing new syntax, from the initial parser modifications to updating the broader ecosystem of editor tools. Learn the specific engineering hurdles involved in upgrading a mature security project without disrupting the developer experience. At Cloudsmith, we’re huge fans of Open Policy Agent and Rego, so we can’t wait to hear what Charlie has in store for us.
In the session, Shweta Vohra, a Lead Architect at Booking.com and a seasoned authority on platform patterns, tackles the industry's growing complexity bloat. Drawing from 20 years of experience and the literal scars of re-architecting internal platforms at one of the world’s largest travel sites, Vohra argues that the future of infrastructure isn't about building more, it’s really about building just enough. She will break down how to transition from heavy, static systems to lean, right-sized architectures using k3s, Gateway API, and ambient mesh, while layering in AIOps via Kubeflow and Prometheus to transform raw automation into true system intelligence.
This talk is a critical touchstone for the DevOps and platform communities because it offers a pragmatic exit ramp from the scale at all costs mentality that leads to massive cloud waste and operational blindness. Vohra’s AI-native approach is a blueprint for creating self-optimising ecosystems that align infrastructure directly with business value. For engineering leaders and architects feeling the weight of over-engineered clusters, this session aims to be a masterclass in staying lean, staying smart, and evolving platforms to be adaptive rather than just additive.
In the blockbuster panel, an elite group of industry leaders from Cisco, Red Hat, AWS, Solo.io, and the United Nations converges to debate the most disruptive shift in DevOps history. Featuring heavyweights like from the industry, this vendor-neutral discussion moves past the hype to ask the hard questions: Can non-deterministic AI agents actually keep pace with AI-accelerated developers, or are we just inviting unpredictable trouble into our production clusters? The panel will tackle the minimum viable platform foundation required for AI success, the shifting cost implications of agents in production, and how to build human trust in systems that don't always behave the same way twice.
This session is arguably the must-see event for the modern platform engineer because it addresses the looming intelligence gap in infrastructure. As developers pump out code at record speeds, the platform team is traditionally treated as the bottleneck. This panel explores whether AI agents are the ultimate scaling solution or a new category of technical debt. By bringing together perspectives from global tech giants and international organisations, attendees will walk away with a high-level framework for defining golden metrics for AI effectiveness and a roadmap for navigating the transition from static automation to dynamic, agent-led collaboration.
In the maintainer track session, Falco contributors Iacopo Rozzo (Sysdig) and Aldo Lacuku (Kong) provide a deep-dive update on the CNCF’s de facto standard for runtime threat detection. The core of their presentation focuses on the highly anticipated Falco Operator, a game-changer designed to automate the deployment and management of security sensors across massive, distributed clusters, effectively lowering the barrier to entry for enterprise-scale security.
For the security community, this talk is a vital look at the roadmap for high-throughput runtime defense. As cloud-native environments become more complex and data-heavy, traditional security tools often struggle with performance overhead; Rozzo and Lacuku will demonstrate the specific optimisations that allow Falco to maintain deep visibility without sacrificing system reliability. Beyond the code, this session also is a great opportunity to see how the Falco ecosystem is integrating with the broader CNCF landscape, offering attendees a first look at the features that will define Cloud Detection & Response (CDR) in the coming year.
In the session, Rory McCune, a Senior Security Researcher at Datadog, explores the practical (and often perilous) intersection of Generative AI and cluster orchestration. McCune, a veteran KubeCon speaker and a foundational voice in container security, will present the results of his deep-dive research into whether Large Language Models (LLMs) can actually be trusted with the sensitive credentials. Rather than just discussing theory, Rory will aim to demonstrate how LLMs handle specific Kubernetes security tasks, revealing where they provide genuine architectural insight and where they tend to hallucinate dangerous misconfigurations that could leave an organisation exposed.
This talk is a critical reality check for the security community as AI-assisted DevOps moves from a trend to a standard operating procedure. McCune will break down how advanced techniques like improved prompting and chain-of-thought reasoning can significantly shift the safety of an LLM's output, while also highlighting the so-called no-go zones where human expertise remains non-negotiable. For security architects and engineers, this session provides a vital framework for auditing AI-generated IaC templates, ensuring that the speed of AI doesn't come at the cost of a catastrophic security breach.
In the session, Nischay Goyal, VP of Cloud Platform Engineering at JP Morgan Chase, and Jim Bugwadia, CEO of Nirmata and co-creator of Kyverno, provide a rare under the hood look at building a cloud platform within the high-stakes world of regulated retail banking. Goyal, who manages the end-to-end Kubernetes ecosystem for Chase UK, will detail how his team transformed a massive compliance undertaking into a streamlined, automated engine. By leveraging Kyverno, OpenReports, and Grafana, they successfully shifted security left, allowing their backend engineers to ship code at speed while maintaining a real-time policy-as-code safety net that satisfies stringent financial regulators.
This talk is a beacon for the security and compliance communities because it addresses the ultimate white whale of enterprise DevOps: reducing audit times from weeks to minutes. Bugwadia’s deep perspective as a Kubernetes Policy Working Group co-chair, combined with Goyal’s real-world production perspective from JP Morgan Chase, offers a definitive guide on how to empower security teams to write independent policies without bottlenecking development. For any platform team operating in a regulated sector (or simply running mission-critical workloads) this session provides a proven framework for turning compliance from a manual, fear-driven process into a better, more transparent, and scalable process.
Alibaba Cloud engineers Mingshan Zhao and Zhen Zhang tackle the next massive infrastructure hurdle for AI: the Model Context Protocol (MCP). As maintainers of the OpenKruise project with experience managing Alibaba's million-container scheduling system, Zhao and Zhang are uniquely qualified to address the so-called “session explosion” problem. They will introduce the Sandbox Operator, a specialised Kubernetes controller designed to manage the lifecycle of AI tool executions without the massive resource waste or state loss typical of traditional Pod deployments.
This talk is a game-changer for the cloud-native community because it solves the sparse invocation dilemma, where these AI tools often sit idle, eating up expensive cluster resources while waiting for a user's next prompt. By integrating cutting-edge Checkpoint/Snapshot mechanisms, the Sandbox Operator allows tools to be paused and resumed without losing the memory of the conversation. For platform engineers and AI architects, this session shows how developers can efficiently scale AI agents to hundreds of thousands of concurrent users while keeping infrastructure costs low and user context intact.
In the session, Jinhong Brejnholt, Chief Cloud Architect at Saxo Bank, presents a sophisticated solution to the two-speed IT problem facing large enterprises. As a certified Kubestronaut and a leader in the Danish cloud-native community, Brejnholt details how Saxo Bank moved beyond the bottleneck of manual ticketing for DNS, certificates, and load balancing. She will showcase the Saxo Service Blueprint, a platform powered by Kubernetes Operators that exports the speed and reliability of GitOps to traditional VM-based applications, effectively unifying legacy infrastructure with modern cloud-native workflows.
This talk is particularly compelling for the platform engineering community because it addresses the last mile of digital transformation: managing the heavy, non-containerised dependencies that still power most financial institutions. Brejnholt will share how this architecture has saved thousands of developer hours and significantly bolstered disaster recovery capabilities for both cloud-native and legacy stacks. For architects struggling to reconcile modern Kubernetes automation with entrenched enterprise systems, this session offers some valuable real-world experiences and a roadmap for other banks to accelerate delivery across the entire organisational footprint.
For our final recommended talk, the academic precision of Radostin Stoyanov (undergoing his PhD at the University of Oxford) meets the enterprise-scale expertise of Andrey Velichkevich (AI Engineer at Apple & Kubeflow Steering Committee member). Together, they aim to address the GPU tax that plagues modern AI development: the massive costs incurred when long-running training jobs fail or when idle interactive workloads, like Jupyter notebooks, waste expensive compute resources. The duo will present a breakthrough approach using transparent GPU checkpointing integrated with Kubernetes-native APIs like Kueue, JobSet, and TrainJob to capture and restore the state of training jobs automatically, ensuring no progress is lost during failures or preemptions.
This talk is really exciting for the ML and Platform communities because it unlocks the holy grail of AI infrastructure: the ability to run reliable, high-stakes model training on preemptible spot instances. By moving checkpointing from the application layer to the infrastructure layer, Stoyanov and Velichkevich show how organisations can slash their cloud bills by up to 90% without risking their training timelines. For anyone tasked with scaling AI workloads while maintaining strict cost-efficiency and cluster utilisation, this session offers a sophisticated technical roadmap for turning unstable, expensive hardware into a resilient, high-performance training engine.
Cloudsmith will be at booth 570, and we are bringing plenty of action to keep you busy. If you are ready to put your security skills to the test, join our capture the flag workshop: Stop the AGI apocalypse. You will hunt hidden malware, lock down LLM weights, and earn a shot at some great prizes. We also have a lineup of fun events to help you unwind, from canal cruises and kickoff drinks to beach-themed parties. Check out the full schedule of Cloudsmith activities here: https://cloudsmith.com/events/in-person-events/kceu26
