🎟️ Ticket sale is open! Join us at Blipz 2025. Get your ticket now
AI Agents are the next big thing everyone has been talking about. They are expected to revolutionize various industries by automating routine tasks, mission critical business workflows, enhancing productivity, and enabling humans to focus on creative and strategic work. Of course, you can apply them to your everyday coding tasks as well. In this talk we’ll go over what those agents can bring to the table of coding world, and why they can deliver the promise of coding smarter that the current generation of coding assistants can’t. We will then dive right into a quick live coding session where I’ll show what such agents can do in real life and how you can start using them to enhance your everyday life already right after the talk. And we’ll finish off with some remarks on what the future of programming might look like in the near future as those agents get included into your everyday life.
"AiTM: Lessons Learned" dives into the evolving threat of AiTM attacks. Our presentation highlights the transition from basic phishing tactics to sophisticated methods that compromise organizational security. The presentation outlines the journey from oldschool phishing attacks, to phishing framework like UADMIN, and the introduction of tools like Evilginx. And now the SaaS providers allowing anyone to buy access to an AiTM platform. We've introduced a simple method of detecting AiTM attacks. Which has allowed us an insight into the scale of AiTM attacks atleast against Microsoft M365 tenants. This prompted the development of a fingerprinting tool to gain an insight into the different actors performing these attacks and typical methods they employ. We give an insight into a popular AiTM SaaS platform and the revenue stream hosting such software creates. The session ends by outlining common techniques to prevent these types of attacks. Most organizations use M365 and experience attacks using AITM to bypass MFA. At the same time SaaS providers are building AITM services that allow targeteted attacks allowing for supply chain attacks (AITM targeted against admin sites for: pypi, npmjs and rubygems). At the same time used for very specific scams for example against booking.com. Attackers use the booking.com hotel login to extract creditcard information for upcomming hotel guests.
Step into the future of cloud-native computing with WebAssembly (WASM) and Kubernetes. This session explores the performance, scalability, and efficiency of applications running in containers versus WASM modules. Learn how WASM’s lightweight, secure design can optimize workloads, reduce resource usage, and lower attack vectors. We’ll cover when and why to choose WASM over containers, how to run WASM workloads on Kubernetes, and real-world metrics comparing the two approaches. Finally, discover tips and tools to start integrating WASM modules into your Kubernetes clusters.
Everybody is talking about AGI, Artificial General Intelligence, or one AI Model that can do everything. Looking at real-world scenarios, there is not one person who can do everything. It takes teamwork to get things done. I see the exact solution for AI. You need a team, a crew, or a swarm to get things done. Discover the power of multi-agent AI systems, where multiple agents collaborate to tackle challenges too complex for a single model. This talk will introduce core concepts of multi-agent systems, highlight some use cases, and feature a live demo showcasing agents working together in real-time. Learn how cooperative AI can create adaptive, resilient solutions to real-world problems. Audience Takeaways: Attendees will gain a practical understanding of multi-agent AI systems, insights into real-world applications, and inspiration for how cooperative AI can address complex challenges in their work.
In the early 1970s, the world was grooving to disco, slide rules were essential tools for engineers, and pocket calculators were considered groundbreaking technology. During this era, NASA engineers achieved something extraordinary—they built Voyager’s data systems with incredible foresight, creating technology that could transmit signals across billions of miles and survive the noise of deep space.  Fast-forward to today, and we’re still decoding these signals. In this talk, we’ll explore how Voyager’s 1970s-era coding genius—developed without modern computing tools—collides with today’s technological breakthroughs. We’ll examine the Viterbi algorithm, a contemporary marvel from the same era, and compare it with the exciting potential of machine learning, a cutting-edge approach that could transform how we process interstellar data.  This isn’t just a history lesson—it’s an exciting adventure in algorithms and innovation. Expect examples of the science and demonstrations of real encoding and decoding methods using hardcore coding and modern machine-learning counterparts. Whether you’re a developer, a data scientist, or a space tech enthusiast, you’ll walk away with fresh insights, some serious “wow” moments, and a new appreciation for the intersection of vintage tech and next-gen innovation.
At DHL eCommerce Benelux, we scaled our Digital department from 15 to 140 engineers in a few years. This rapid growth exposed cracks in our ability to support fast flow. In this talk, we'll walk you through our journey starting from siloed DevOps teams via a centralized infrastructure team towards a platform organisation with a product mindset. What painpoints were we experiencing and why would platform engineering be the right solution? From getting a grip on TicketOps, re-organising teams around value streams, shifting control and ownership, to dealing with technical debt, we'll dive into four interconnected domains that contribute to the success of a platform organisation: organization, culture, technology, and processes. We will demonstrate how thinking about growth paths continually guide our decisions and actions in these domains. Whether you're grappling with scaling complexities or exploring platform engineering, this session offers practical takeaways for engineering leaders and practitioners on aligning people, tools, and processes to accelerate value delivery in dynamic, fast-growing enterprise environments.
This is the era of rapid and increasing change, adapting rapidly or perishing. Many organizations, big and small, struggle to survive. Their products and software have aged and become hard to maintain until they reach Technical Death, where all available effort goes into mere survival. At the same time, in our global economy, competition comes from anywhere, with better products built at lower costs. Organizations must jump the Innovators’ Dilemma and reinvent themselves to stay ahead of the competition. Speed, agility, and adaptability are more crucial than ever. However, agile frameworks became both a solution and a source of uncertainty and rigidity. Organizations seek fresh perspectives and adaptable strategies and techniques. They are stuck. This talk presents a battle-tested repertoire of practical strategies and techniques that serve as a compass for comprehending and continuously navigating between maintenance, renovation, and innovation, maintaining a solid focus on customer-centricity, reaching your dot on the horizon while instilling transparency, autonomy, and collaboration. These strategies involve leveraging proposed tools such as idea funnels, tech boards, collectives, and microteams. This talk empowers you to evolve from conventional agile and cultivate a culture of continuous growth. Of course, it offers a treasure trove of real-life stories from the trenches, providing an authentic glimpse into agile but redefined for the modern era. This talk will help your organization to get unstuck.
What do a winning Capture the Flag (CTF) team and other high-performing technical teams under high-pressure situations have in common? And what lessons can we draw from the three-time world champion CTF team to apply in our professional lives? In this talk, Sanne Maasakkers, one of team’s coaches, will share insights into the preparation, selection, and training of the winning Team Europe - a group of European students and young professionals competing in the International Cybersecurity Challenge against all other continents.
Make your cold starts feel like hot starts with GraalPy, a Java implementation of the Python interpreter also capable of compiling your python applications into runnable binaries!
Doctors without borders is an independent humanitarian organization providing assistance to people affected by conflict, epidemics, disasters, or exclusion from healthcare . Information is essential in reacting to crises and improving our operations. However we are not an IT company and we have to do a lot more with less. With our modular code and cloud first approach we are rapidly building multiple prototypes to show the possibilities of vector search in combination with LLMs to improve the access to information. This allows us to help multiple departments at the same time, in the hope of saving our staff members essential time in finding information, allowing them to focus on what is really important. Everything is being built in Azure, we use streamlit to quickly test our prototypes and the main services we use are Azure AI Search, Azure Document Intelligence, Azure OpenAI, App Service Plans, Container Registry and several others. In this talk I would like to discuss particularly our approach, our tech stack, a demo and some of the challenges we face.
After almost 16 years in the tech industry, I finally had enough of the never-ending grind and quit my job to pursue performance art. I've ended up with a transformative experience that questioned many truisms I held. As an industry, we worship data-driven decision-making. We believe by collecting vast amounts of data we can machine learn our way to the best outcome. However this approach neglects, that reality is not a petri dish under lab conditions. In the unpredictable world of live theater, directors don’t optimize for perfect execution, but for the cast’s understanding of the vision. And instead of reproducing the same experience every show, each performance is treated as unique. How would we view and measure team work, user experience and developer happiness if we applied this mindset to high pressure situations like deployments or feature releases? Join this talk to find out and learn how to use uncertainty as a canvas on which to be creative, rather than a scenario to avoid.
As companies scale, maintaining code quality while delivering new features becomes a significant challenge. At Picnic, we highly value best practices, standardization, and minimizing technical debt, as having an up-to-date and lean codebase increases our adaptability. However, coordination across many teams and codebases becomes challenging at scale. In this talk, we’ll explain how we leverage a strong engineering culture and heavy automation to move quickly without sacrificing quality. Discover how we introduce new automations, static analysis tools or formatters across many large codebases, step by step. This approach saves countless developer hours and reduces repeated discussions about trivial coding issues. We'll take you through the tools and practices we've applied and share how they worked in practice. Additionally, we'll discuss practical strategies to align everyone in your company when introducing such tools. Walk away knowing how you can confidently do the same in your organization.
In this talk I take you along the concept of neurodiversity, highlighting the importance of self-awareness, empathy, and curiosity in addressing biases. Drawing on personal experiences and the challenges I faced while building a community, I invite the audience to examine their own biases. Rather than offering solutions, my goal is to inspire new perspectives by introducing tools like the Spiky Profiles. I conclude by sharing my personal game changers: the value of understanding individual frames of reference and applying deep democracy principles. A call to step out of your comfort zone.
We need to talk about the elephant in the room: non-prod. Across the IT industry, non-productions environments are costing billions of dollars, and it's almost all waste. Development, testing and QA environments consume large parts of IT budgets (in terms of actual cost and in terms of management overhead) and in return only give us a false sense of security. An irrelevant trial run. We do our best to make these environments as "production-like" as possible while, in the process, conveniently papering over the inevitable issues that arise from them being decidedly *not* production-like. At the same time, out of fear, we refuse to consciously test our code in the only environment that is actually production-like: production. (We actually still test our code in production though, we just don't admit it to ourselves.) We can do better: we must let go of our fear and abolish the money-guzzling red-herring that is non-prod! This talk will argue that for most IT organizations, but especially those running microservice or serverless architectures, abolishing non-prod is long overdue. That non-prod is a historic artifact, a crutch that encourages bad engineering practices and doesn't actually provide the value we think it does. The alternative to non-prod is modern engineering practices such as those long-since adopted by tech companies on the bleeding edge of software delivery (like Google and Netflix): canary releases, first-class observability, a rock-solid continuous-delivery implementation and aggressively shifting left everything that possibly can be. The result of abolishing non-prod is lower IT bills, more robust software and IT practices, lower risk and much, much more confidence in your code when you ship it to production.
Join us for *Purrfect Pentests*, where Brenno de Winter introduces **MIAW** (*Methodology for Information Security Testing with Audit Value*). Tailored for developers, this talk highlights how Miaw provides a structured, reliable framework for security testing. By emphasizing thorough documentation, reproducibility, and audit value, Miaw not only strengthens testing but also empowers developers with clear guidance. Discover how adopting this methodology benefits your code and fortifies your role in creating secure, resilient systems. Don't miss it!
Quantum computing offers the potential to solve problems that can never be solved with classical computers. A quantum computer may also be able to crack popular encryption algorithms, like RSA, which already is a risk now as encrypted data in transit is intercepted and stored to be decrypted later. In this talk Armand Stekelenburg, IBM Quantum Ambassador, explains what makes quantum computing different, what are typical use cases, how the IBM Quantum HW/SW stack will evolve to enable quantum computing, how you can get started, and how you can keep your (clients’) organization quantum secure.
For years we have accepted the position of databases in your infrastructure / cloud landscape: our big solid but expensive heart of our precious application. While the economy started to cool down, some interesting happened... We started to look at our bill again How can it make sense that my high traffic (serverless) application runs for 5 euros a month and my databases costs me 1200 euros? Can't we do this cheaper? The database vendors responded and many innovations are hitting the market currently. Let us look at infinite scaling options, branch schema's, new data storage patterns and optimized compute. As a bonus, let's look how this all positively affects the AI use-cases.
Vulnerability management is a try to integrate finding, managing and mitigating of vulnerabilities in code into your software development workflow. It usually starts with some tools to find vulnerabilities in different areas - let it be with image scanning like Trivy and Clair, classical vuln scanning like Nessus, Static code analysis like Sonar or dependency management with the OWASP dependency tracker. Defect Dojo takes all those reports, dedublicates findings, manages the handling of false positives and gives a Product Owner a tool to the hand how to move that on into your development tracking software like Jira or else.
