Loading…
Type: Breakout Sessions clear filter
arrow_back View All Dates
Tuesday, June 23
 

12:45pm PDT

AMD Session (Speaker to be Announced)
Tuesday June 23, 2026 12:45pm - 1:10pm PDT
Gold Ballroom

Tuesday June 23, 2026 12:45pm - 1:10pm PDT
Gold Ballroom
  Breakout Sessions

12:45pm PDT

Securing the Future with Azure Confidential Computing - Run Cai & Ashutosh Chickerur, Microsoft
Tuesday June 23, 2026 12:45pm - 1:10pm PDT
Courtyard
Confidential computing is becoming a critical foundation for cloud security in an era defined by AI acceleration, data sovereignty requirements, and rising expectations for end-to-end protection of sensitive workloads. Azure is advancing this space with new infrastructure, stronger platform protections, and innovations designed to make confidential workloads more resilient, scalable, and production ready. This session will highlight the latest Azure Confidential Computing developments, including v6 confidential VMs on AMD and Intel, expanded Azure regional availability, and continued progress in production readiness. We will also look ahead to live migration for confidential VMs, including a live demo, and discuss how this capability improves workload continuity during planned security updates and unexpected hardware events. In addition, we will explore future investments acrossenclaves, platform attestation, and confidential AI. Topics include nested virtualization to enable confidential enclaves, stronger platform attestation with recovery capabilities, protection of Azure trusted computing base services, and the growing need for confidential GPUs to secure prompts, model weights, and distributed inference workloads for modern AI applications at scale.
Speakers
avatar for Run Cai

Run Cai

Principal PM Manager, Microsoft
Run Cai is a Principal TPM Manager at Microsoft, leading large-scale Azure infrastructure and focusing on confidential computing programs. She is shaping future generations of Azure confidential computing platforms, driving product scale-out and elasticity while championing new initiatives... Read More →
AC

Ashutosh Chickerur

Principal Engineering Manager, Microsoft
Ashutosh Chickerur is a Principal Software Engineering Manager at Microsoft, leading Azure confidential computing and cloud infrastructure efforts, with deep expertise in multi-cloud platforms, security, and large-scale distributed systems.
Tuesday June 23, 2026 12:45pm - 1:10pm PDT
Courtyard
  Breakout Sessions

12:45pm PDT

TII Session (Speaker to be Announced)
Tuesday June 23, 2026 12:45pm - 1:10pm PDT
Mint Ballroom

Tuesday June 23, 2026 12:45pm - 1:10pm PDT
Mint Ballroom
  Breakout Sessions

1:15pm PDT

Confidential Computing Consortium Session (Speaker to be Announced)
Tuesday June 23, 2026 1:15pm - 1:40pm PDT
Gold Ballroom

Tuesday June 23, 2026 1:15pm - 1:40pm PDT
Gold Ballroom
  Breakout Sessions

1:15pm PDT

Google Session (Speaker to be Announced)
Tuesday June 23, 2026 1:15pm - 1:40pm PDT
Courtyard

Tuesday June 23, 2026 1:15pm - 1:40pm PDT
Courtyard
  Breakout Sessions

1:45pm PDT

Antoine Delignat-Lavaud, Microsoft - Session Topic to be Announced
Tuesday June 23, 2026 1:45pm - 2:10pm PDT
Gold Ballroom

Speakers
avatar for Antoine Delignat-Lavaud

Antoine Delignat-Lavaud

Principal Researcher, Microsoft
Tuesday June 23, 2026 1:45pm - 2:10pm PDT
Gold Ballroom
  Breakout Sessions

1:45pm PDT

OPAQUE Panel Discussion: David Forman, Midland Credit Management, an Encore Capital Group Company; Shyam Menon, Mitek Systems; Nikhil Gulati, Johnson & Johnson; and Additional Speakers to be Announced
Tuesday June 23, 2026 1:45pm - 2:10pm PDT
Courtyard

Speakers
avatar for David Forman

David Forman

Senior Manager IT, EDE, Midland Credit Management, an Encore Capital Group Company

avatar for Shyam Menon

Shyam Menon

Senior Director of Product- Machine Learning & Fraud, Mitek Systems


avatar for Nikhil Gulati

Nikhil Gulati

Global Head, Engineering & AI, MedTech Digital, Johnson & Johnson


Tuesday June 23, 2026 1:45pm - 2:10pm PDT
Courtyard
  Breakout Sessions

2:15pm PDT

Panel Discussion: Speakers to be Announced from Microsoft, AMD, CCC, TII, OPAQUE & Additional Companies
Tuesday June 23, 2026 2:15pm - 2:45pm PDT
Courtyard

Tuesday June 23, 2026 2:15pm - 2:45pm PDT
Courtyard
  Breakout Sessions

3:00pm PDT

From Pixels To Agents: Optimizing On-Device Performance of Confidential Computing in AI Evolution - Savas Ozkan, Samsung Research UK, Samsung Electronics
Tuesday June 23, 2026 3:00pm - 3:25pm PDT
Mint Ballroom
Unlike server-side confidential AI, on-device confidential AI must balance strong protection of sensitive personal data with efficient operation under limited computational resources.

In this talk, we explore the impacts of CC on on-device AI performance for various AI models and tools by identifying some root-causes. First, we recognise that CC overheads vary across AI models during critical operations such as data read/write, model loading and inference phases, supported by detailed experiments. Second, we investigate multiple designs for AI agent tools in CC, especially by considering different AI memory modules, that present distinct overheads compared to traditional AI models. To enable systematic evaluation, we develop a modular software framework integrated with the open-source ISLET CC project. This framework supports configurable benchmarking of AI agent tools, and will be publicly released to foster the reproducibility and collaboration within the CC community. Lastly, since these performance drops can negatively impact the user experience, we propose a set of techniques that minimise the overhead related with model loading while ensuring robust privacy protection.
Speakers
avatar for Savas Ozkan

Savas Ozkan

Engineering Manager, Samsung Research UK
Savas Ozkan received the Ph.D. degree from the Department of Electrical and Electronics Engineering, Middle East Technical University, Ankara, Turkey. Currently, he is leading Efficient Machine Learning Group at Samsung Research UK, focusing on on-device AI solutions for vision, language... Read More →
Tuesday June 23, 2026 3:00pm - 3:25pm PDT
Mint Ballroom
  Breakout Sessions

3:00pm PDT

NVIDIA Confidential Computing Attestation for Next-Generation AI Hardware - Rob Nertney & Spencer Gilson, NVIDIA
Tuesday June 23, 2026 3:00pm - 3:25pm PDT
Courtyard
NVIDIA's attestation infrastructure was born from Confidential Computing - securing Hopper GPUs with hardware-rooted, in-band attestation. As AI hardware evolves to rack-scale systems like Vera Rubin NVL72, attestation must evolve with it: new devices, new modes, and new challenges.

This talk covers three dimensions of that evolution. First, we discuss how CC attestation scales to rack-level with Vera Rubin, including NVIDIA's multi-node solution for CC and the challenge of attesting dozens of GPUs, CPUs, and NVSwitches as a unified trusted system. Second, we show how attestation patterns proven in CC are extending to new modes and device types - including fleet intelligence and out-of-band attestation. Third, we share the standards and interoperability challenges we have encountered along the way: inconsistent implementations across the ecosystem, gaps in attestation policy standards, and binding discrete components into trusted subsystems to prevent relay and substitution attacks.

Attendees will leave understanding where NVIDIA attestation is heading and what we have learned about the open problems the ecosystem must solve together.
Speakers
avatar for Rob Nertney

Rob Nertney

Principal software architect, NVIDIA, NVIDIA
Rob Nertney is a principal software architect for confidential computing. He has spent nearly 15 years architecting the features and deployment of accelerator hardware into hyperscale environments for both internal and external use by developers. He has several patents in processor... Read More →
avatar for Spencer Gilson

Spencer Gilson

Senior Systems Software Engineer, NVIDIA
Spencer is a senior system software engineer working on attestation at NVIDIA. He specializes in designing, developing, and maintaining critical services with an emphasis on security and reliability.
Tuesday June 23, 2026 3:00pm - 3:25pm PDT
Courtyard
  Breakout Sessions

3:00pm PDT

Trust Is the Next Bottleneck: Why the Agentic Economy Needs Confidential Computing - Pawan Khandavilli, Microsoft
Tuesday June 23, 2026 3:00pm - 3:25pm PDT
Gold Ballroom
Agents can authenticate, but they still cannot prove what actually ran. When an agent transfers value, calls a sensitive tool, or acts on delegated authority across a boundary, the relying party has no cryptographic way to verify what code executed, what policy governed it, or whether sensitive data stayed inside a trustworthy boundary. OAuth handles authorization, not runtime integrity. IAM labels principals, not measured execution. Prompt-level governance shapes intent, not enforceable policy. These are necessary but insufficient for agents acting autonomously across trust boundaries.

Confidential computing already has the primitives to close this gap: hardware attestation, measured execution, cryptographic evidence of runtime state. This talk presents a practical framework for applying those primitives to agent trust. I walk through a payment-approval agent scenario end-to-end, identify four concrete gaps (hardware-rooted agent identity, measured policy-as-code, portable attestation evidence, cross-cloud federation), and show which are solvable today and which need ecosystem work. Attendees leave with a framework they can use to evaluate or design agent trust architectures.
Speakers
avatar for Pawan Khandavilli

Pawan Khandavilli

Senior Product Manager, Microsoft
Pawan Khandavilli is a senior product manager in Azure Confidential Computing (ACC) with a focus on serverless and confidential computing. Pawan has previously worked at Fortanix and the Royal Bank of Canada in a variety of roles with a focus on applying innovative security technologies... Read More →
Tuesday June 23, 2026 3:00pm - 3:25pm PDT
Gold Ballroom
  Breakout Sessions

3:30pm PDT

"If It's Shared, It's Vulnerable": Is Kubernetes the Right Platform for Confidential Compute? - Zvonko Kaiser, NVIDIA
Tuesday June 23, 2026 3:30pm - 3:55pm PDT
Mint Ballroom
Kubernetes shares host kernels, network stacks, storage paths, and control planes across tenants. These shared primitives become attack surfaces when tenants cannot trust each other or the infrastructure operator.

We enumerate the threat surfaces in confidential Kubernetes deployments, from eBPF snooping and conntrack hijacking to hardware-assisted virtualization rootkits. We then present a production architecture that eliminates shared-trust assumptions by flattening the virtualization stack so every workload runs as a TEE-protected guest, gating all secrets, identities, and device access on a composite attestation chain, and wrapping each shared primitive in a hardened overlay for compute, network, storage, control-plane, identity, and observability.

Attendees will learn which Kubernetes primitives leak across tenant boundaries, how composite attestation closes those gaps, and practical steps toward true multi-tenancy in confidential Kubernetes deployments.
Speakers
avatar for Zvonko Kaiser

Zvonko Kaiser

Principal Systems Engineer, NVIDIA
Zvonko is a Principal Systems Engineer at NVIDIA, working on the Cloud Native Technologies team. Focusing right now on all things related to confidential computing, zero-trust, especially in the context of accelerators.
Tuesday June 23, 2026 3:30pm - 3:55pm PDT
Mint Ballroom
  Breakout Sessions

3:30pm PDT

GKE Hypercluster: Kubernetes TEEs for AI at Scale - Komei Nakamoto & Keith Moyer, Google
Tuesday June 23, 2026 3:30pm - 3:55pm PDT
Courtyard
GKE Hypercluster brings large-scale operation of Trusted Execution Environments to Kubernetes, and was co-designed with Anthropic to meet their security and scale. In this talk we explain the linked runner architecture that drastically reduces the Trusted Compute Base (TCB) by completely separating high-value workload execution from the standard container orchestration control plane. In this model, sensitive AI workloads are offloaded to a dedicated, “sealed” virtual machine. The Kubernetes scheduling and orchestration remains on a non-sealed "parent" node, preserving Kubernetes primitives (ie. Pods, Network Policy) and operational familiarity while achieving workload isolation. The execution environment is built on a hardened and attested OS, removing non-essential services and preventing administrative shell access. Integrity is guaranteed through attestation and container signature verification.

This design establishes a strict chain of trust, offers isolation from the Kubernetes operator and Cloud Service Provider, supports high-performance AI accelerators within the sealed boundary, and enhances scalability by managing isolated environments with a reduced system footprint.
Speakers
avatar for Keith Moyer

Keith Moyer

Senior Staff Software Engineer, Google
Keith Moyer is the Technical Lead for Confidential Computing at Google Cloud. He has spent the last 10 years dedicated to making verifiable trust accessible and useful, with over 20 years of experience spanning cloud security and embedded systems. He holds a BS in Computer Engineering... Read More →
avatar for Komei Nakamoto

Komei Nakamoto

GKE AI Security Tech Lead, Google
Komei is a software engineer at Google, and the Tech Lead for the GKE AI Security team focused on making GKE a secure platform for running AI workloads.
Tuesday June 23, 2026 3:30pm - 3:55pm PDT
Courtyard
  Breakout Sessions

3:30pm PDT

Resilient Real-Time Payments With Confidential Computing Architectures - Abhinav Reddy Jutur, J P Morgan Chase and Co.
Tuesday June 23, 2026 3:30pm - 3:55pm PDT
Gold Ballroom
Real-time payment systems are transforming the global financial ecosystem, with 69 countries implementing real-time networks and transaction volumes continuing to grow. As expectations shift toward instant transactions, infrastructures must support high throughput while maintaining reliability, data integrity, and stronger data protection during processing.

This session explores how modern distributed architectures enable scalable and resilient payment systems while aligning with confidential computing principles. It examines key concepts like the CAP theorem and trade-offs between consistency, availability, and partition tolerance in financial platforms handling sensitive data.

It also covers architectures such as microservices, event-driven systems, CQRS, and serverless computing, along with techniques like distributed caching, database sharding, and dynamic load balancing. Attendees will gain practical insights into building fault-tolerant, scalable payment systems for real-time digital transactions.
Speakers
avatar for Abhinav Reddy Jutur

Abhinav Reddy Jutur

Software Engineer 3, J P Morgan Chase and Co.
Abhinav Reddy Jutur is a Senior Software Engineer at JPMorgan Chase with 10+ years of experience building scalable, secure enterprise systems in finance and healthcare. He specializes in Java, microservices, and cloud platforms, leading real-time payments and cross-border solutions... Read More →
Tuesday June 23, 2026 3:30pm - 3:55pm PDT
Gold Ballroom
  Breakout Sessions

4:00pm PDT

Agentic Zero Trust: at Rest, in Transit, and at Runtime - Nina Polshakova, Solo.io & Josh Halley, Cisco
Tuesday June 23, 2026 4:00pm - 4:25pm PDT
Gold Ballroom
AI workloads handle some of the most sensitive data in modern enterprises, from proprietary training datasets to user prompts and high-dimensional embeddings. Yet many AI pipelines are built without the rigorous security practices applied to traditional systems, leaving critical gaps.

Josh and Nina from the CNCF AI Working Group show how to apply Zero Trust principles to secure AI data at every stage: at rest, in transit, and in runtime. Attendees will learn why conventional approaches fail for AI, highlighting risks like prompt injection, embedding poisoning, and GPU memory leakage, and how Zero Trust, combined with confidential computing, provides a stronger security foundation.

We’ll demonstrate how agent identity, continuous attestation, and trusted execution environments (TEEs) enforce runtime trust, while encryption, fine-grained access control, and mTLS protect data at rest and in transit.

Attendees will gain actionable strategies for securing every stage of the AI data lifecycle using modern encryption, policy enforcement, and runtime hardening.
Speakers
avatar for Nina Polshakova

Nina Polshakova

Senior Principal Software Engineer, Solo.io
Nina is a software engineer at Solo.io, working on AI Gateway projects. She contributes to open source projects, including Kubernetes, Istio, kagent, agentgateway, and kgateway. A CNCF Ambassador and former Kubernetes v1.33 Release Lead, she’s also a member of the Cloud Native AI... Read More →
avatar for Josh Halley

Josh Halley

Principal Architect, Cisco
Josh Halley, is a Principal Architect and published technical author, in the office of the CTO at Cisco,
focused on next generation technologies and technical transformation for some
of Cisco’s largest global customers. His main focus today is in the domains of AI Operations, leading and supporting multiple teams in their generation of Agentic AI systems to support todays and tomorrows future technologies use cases... Read More →
Tuesday June 23, 2026 4:00pm - 4:25pm PDT
Gold Ballroom
  Breakout Sessions

4:00pm PDT

Governing AI Agents at the Hardware Boundary - Imran Siddique, Microsoft
Tuesday June 23, 2026 4:00pm - 4:25pm PDT
Courtyard
AI agents are making real decisions: filing tickets, moving money, deploying code, operating infrastructure. The question is no longer what the agent should do. The question is: can you prove governance was actually enforced?

Right now, all agent governance is software. Policy engines, identity checks, audit logs, credentials: everything lives in the same trust boundary as the agent itself. If someone compromises the runtime, every control disappears. Policies get bypassed. Credentials get exfiltrated. Audit logs get forged.
Software governance makes promises. Hardware governance provides proofs.

I will walk through what my team has built (the Agent Governance Toolkit), where the software limits are, and how TEE-backed enforcement closes those gaps. Concrete architecture, real code, honest gap analysis.
Speakers
IS
Tuesday June 23, 2026 4:00pm - 4:25pm PDT
Courtyard
  Breakout Sessions

4:00pm PDT

Running AI Agents Inside TEEs Without Losing Your Mind - Sonali Mishra, Nutanix
Tuesday June 23, 2026 4:00pm - 4:25pm PDT
Mint Ballroom
AI agents are making decisions, calling tools, and talking to other agents, often with access to sensitive data they shouldn't be able to see in plaintext. The usual answer is to just trust the infrastructure, but that falls apart in multi tenant clouds and cross org workflows. This talk covers what it actually takes to run agentic AI workloads inside Trusted Execution Environments. I'll walk through the architecture for isolating agent-to-agent communication using confidential VMs, how attestation works when agents need to dynamically invoke external tools, and the gotchas we hit around key management and session state. We'll look at real performance numbers and what the overhead looks like on GPU backed inference inside TEEs and where the bottlenecks actually are. Attendees will leave with a concrete reference architecture for deploying AI agents with hardware-rooted trust boundaries, plus practical guidance on attestation flows for multi-party agent pipelines. If you're building agentic systems that handle regulated or sensitive data, this talk gives you a starting point that doesn't require rearchitecting everything from scratch.
Speakers
avatar for Sonali Mishra

Sonali Mishra

Principal Product Manager - AI & Cloud Native, Nutanix
As a Principal Cloud Native at Nutanix, I am passionate about driving innovation and empowering organizations to build secure and resilient solutions in their cloud-native journey. With our significant presence in US government, I aim to ensure organizations can adopt Kubernetes securely... Read More →
Tuesday June 23, 2026 4:00pm - 4:25pm PDT
Mint Ballroom
  Breakout Sessions
 
  • Filter By Date
    Jun 23 - 24, 2026
  • Filter By Venue
    San Francisco, CA, USA
    All
    Column Ballroom
    Courtyard
    Gold Ballroom
    Mint Ballroom
    Salon 3
    The Mint
  • Filter By Type
    Breakout Sessions
    Breaks / Exhibits / Special Events
    Keynote Sessions
    Poster Sessions
    All
    Innovation
    Research
    Use Cases
  • Audience
    Any
  • Timezone

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Event Planning App Privacy Terms
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Tuesday, June 23
Wednesday, June 24
Column Ballroom
Courtyard
Gold Ballroom
Mint Ballroom
Salon 3
The Mint
  • Breakout Sessions
  • Breaks / Exhibits / Special Events
  • Keynote Sessions
  • Poster Sessions
  • Audience
  • Any