Niek Palm is a Principal Engineer at Philips, driving secure cloud innovation through DevSecOps and modern engineering practices. He helps teams embed security across the product lifecycle and scale secure development. Niek is also a public speaker, blogger, and organizer of DevOpsDays Eindhoven, sharing his expertise in cloud security and software supply chain resilience. 𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗧𝗶𝘁𝗹𝗲: GitHub Actions Security: From CI Nightmare to Supply Chain Sentinel 𝗦𝘆𝗻𝗼𝗽𝘀𝗶𝘀: GitHub Actions can supercharge CI/CD—but misconfigurations open the door to serious supply chain attacks. This session reveals real-world risks like token leaks, rogue Actions, and compromised runners. You’ll learn practical defenses: enforcing least privilege, securing runners, vetting third-party Actions, and hardening workflows. Walk away with the tools to turn GitHub Actions from a vulnerability into a powerful supply chain defense.

Joris is a Staff Software Engineer in the Resilience Engineering group focused on making Datadog ready to face complex and widespread outages. He joined Datadog 7y ago in the SRE group with an interest in low-level reliability and Linux internals. After developing the now open-source Chaos Controller project providing large-scale fault injection to engineering teams, Joris built the Security Chaos Engineering group now made of 3 teams and 20 people for which he acted as the Engineering Manager for 4 years. He is also part of the Core Incident Commanders group involved in all high severity outages to help with internal coordination and external communication. 𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗧𝗶𝘁𝗹𝗲: From experimentation to continuous verification: how to benefit from the entire spectrum of Chaos Engineering 𝗦𝘆𝗻𝗼𝗽𝘀𝗶𝘀: Chaos Engineering is often misunderstood as simply “breaking things on purpose.” This talk challenges that perception and repositions Chaos Engineering as a critical pillar of reliability and resilience engineering. Rather than focusing on failure injection alone, we explore how to leverage existing knowledge, validate known truths, and foster confidence in complex systems. In the first part, we deconstruct common myths around Chaos Engineering and reframe its core principles. Learn how aligning chaos practices with reliability goals can transform the way your organization perceives and applies these techniques—by emphasizing structured validation over blind experimentation. The second part brings theory into practice with a hands-on framework that reimagines chaos experiments as self-feeding, iterative loops—mirroring the scientific method. We introduce the concept of continuous verification, drawing parallels with integration testing, and show how Chaos Engineering can seamlessly integrate into the Software Development Lifecycle (SDLC) through a shift-left approach. The session wraps up with a visual framework for implementing a sustainable Chaos Engineering strategy, including how to evolve gamedays into repeatable, hypothesis-driven validations that scale with system changes. Whether you're just exploring Chaos Engineering or looking to mature your reliability strategy, this talk will leave you with actionable insights, a modernized mindset, and a clear path to operational resilience.

Martin Dimovski is a Principal DevSecOps Advocate & Team Lead at ABN AMRO with over 20 years of experience in IT. An Microsoft Certified Trainer, and MCT Regional Lead, Martin specializes in embedding security into DevOps practices at scale. He is passionate about empowering organizations to build secure, resilient systems while enabling innovation. As a community leader, podcaster, and mentor, Martin helps shape the next generation of cloud and security professionals. 𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗧𝗶𝘁𝗹𝗲: From -1 to Threat Models: A DevSecOps Journey You Won’t Read in a Book 𝗦𝘆𝗻𝗼𝗽𝘀𝗶𝘀: With 20+ years of DevOps experience, Martin Dimovski stepped into the CISO world to lead a transformation that started not from zero—but from -1. In 2.5 years, he built a full DevSecOps capability inside one of Europe’s largest banks, aligning 600+ DevOps teams through culture, tooling, and measurement. From missing designs and secrets in pipelines to security checklists, threat modeling at scale, and DORA-aligned KPIs—this is the unfiltered story of real-world secure transformation.

𝗠𝗼𝗱𝗲𝗿𝗮𝘁𝗼𝗿: Bogdan is one of the co-founders of Code for Romania and he is currently one of the Technology Officers that help in coordinating the project teams and in delivering the civic apps the organization’s volunteers are working on. Having over 10 years of experience in .net, flavoring from version 2.0 in a POS Windows application, to multi-tenant Azure enterprise solutions, Bogdan is also a Technical Team Lead for a technology company whenever he is not managing the coding teams in the biggest civic tech ONG in Romania.