BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.coscup.org//coscup-2026//speaker//B7RWEC
BEGIN:VTIMEZONE
TZID:CST
BEGIN:STANDARD
DTSTART:20000101T000000
RRULE:FREQ=YEARLY;BYMONTH=1
TZNAME:CST
TZOFFSETFROM:+0800
TZOFFSETTO:+0800
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-coscup-2026-JRCCHW@pretalx.coscup.org
DTSTART;TZID=CST:20260808T110000
DTEND;TZID=CST:20260808T113000
DESCRIPTION:The industry is rapidly moving from single LLM applications tow
 ard systems composed of multiple agents\, tools\, memory layers\, and work
 flows. But most discussions around AI agents focus heavily on frameworks a
 nd demos\, while avoiding the larger systems question:\n\nWhat does agent 
 infrastructure actually look like?\n\nThis talk takes a cloud native and s
 ystems-oriented view of AI agents. We’ll explore how ideas from distribu
 ted systems\, containers\, orchestration\, and platform engineering are be
 ginning to shape the next generation of AI tooling.\n\nTopics include:\n\n
 - Why AI agents resemble distributed systems more than chatbots\n- The eme
 rging role of protocols like MCP\n- Declarative workflows versus imperativ
 e orchestration\n- Reproducibility and portability challenges in AI system
 s\n- Why infrastructure concepts like OCI artifacts and YAML workflows are
  reappearing in AI tooling\n\nUsing Docker cagent as a concrete example ra
 ther than the centerpiece\, we’ll examine how modern agent runtimes are 
 evolving toward infrastructure-style abstractions.
DTSTAMP:20260713T132525Z
LOCATION:TR212
SUMMARY:YAML is the New Dockerfile: Building AI Agent Systems with Docker c
 agent - Hrittik Roy\, Parth Goswami
URL:https://pretalx.coscup.org/coscup-2026/talk/JRCCHW/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-coscup-2026-UPWEEP@pretalx.coscup.org
DTSTART;TZID=CST:20260808T160000
DTEND;TZID=CST:20260808T163000
DESCRIPTION:Every container you deploy carries debt you didn't write. The a
 verage base image ships with 200-400 packages your application never calls
 \, each one a potential CVE\, each one expanding the blast radius of a bre
 ach. Teams run Trivy or Grype\, get a wall of 400 alerts\, patch the criti
 cals\, suppress the rest\, and ship. The scan-patch-suppress cycle creates
  an illusion of security hygiene while the actual attack surface stays eno
 rmous.\n\nThe good news: the ecosystem is finally pushing back. Google's d
 istroless project has been around for years\, Chainguard built a business 
 on minimal images\, and Docker Hardened Images went fully open source unde
 r Apache 2.0 in late 2025\, putting 1\,000+ minimal\, SBOM-signed images o
 ne pull away from every developer. Yet most teams still default to node:la
 test.\n\nThis talk dissects why container supply chain debt accumulates an
 d what a different default looks like. Through live audits comparing stand
 ard\, slim\, distroless\, and hardened base images for the same applicatio
 n\, we'll examine size\, CVE counts\, and actual runtime dependencies. You
 'll leave with practical patterns: multi-stage builds done right\, automat
 ed base image rebuild pipelines\, and policy-as-code for image provenance\
 , so minimal becomes the default without slowing teams down.
DTSTAMP:20260713T132525Z
LOCATION:TR209
SUMMARY:Your Container Images Are a Liability: The Supply Chain Debt Nobody
  Is Paying Down - Hrittik Roy\, Parth Goswami
URL:https://pretalx.coscup.org/coscup-2026/talk/UPWEEP/
END:VEVENT
END:VCALENDAR
