2025 is a big year for the speaker selections as the talk submissions were so strong that we had to rearrange the speaker schedule a little bit to better accommodate what we were seeing. Here’s a quick comparison of the distribution from 2023 to 2025 across Keynote, Intermediate and Lightning Talks submitted.

In 2023 and 2024, the distribution across categories remained relatively equal. For 2025, we saw a huge shift receiving 170 Intermediate length submissions compared to 84 Keynotes and 64 Lightning Talks. This made the Intermediate category more competitive than it’s ever been.

The quality of submissions across all categories was stellar this year as almost every talk could have easily qualified. In order to adjust to this reality, we removed a Keynote spot and some Lightning Talk spots in order to make room for more Intermediate Talks. In 2024 we had 10 Intermediate length talks. For 2025, we made room for 14!

For the first time, we had a selection committee involved to help rank and compare the slate of talks to make narrowing the field a little bit easier. Thank you Kevin Dees, Luke Kapustka, Olivia Sculley and Robert Roskam for taking the time to meticulously review this year’s submissions!

It’s a fantastic lineup this year. We have talks on AI, Data, Cybersecurity, Gaming, Fundamentals, DevOps, Psychology and even your Career. For the Polyglot we have talks covering Ruby, Python, PHP, JavaScript, COBOL (finally!), Zig, F#, Pony, QuickBASIC, QB64, Elixir, Java, Rust and more!

Quick Notes

We need your help with our Lyrical Code T-shirt!

We still need your help to make this year’s t-shirt really sing! Take your best shot at converting “All Star” by Smash Mouth (as chosen by you!) into code you can sing in your favorite language. Checkout the Github Repo and submit a PR. Checkout our 2024 Bohemian Rhapsody and 2023 Don’t Stop Believing shirts for some inspiration!

You can enter as little as a single verse or a the entire song but give it a try. We’ll combine lines in different languages to make our polyglot t-shirt that you can’t help but sing when you read.

Get your game on. Go play. You’re a rock star! Break the mold…

DEF CON 864 will again run a Capture the Flag

For the 3rd year in a row the team from DC864 will run a CTF throughout the conference for you to flex your hacking skills. As always, we’ll have a prize for the winner. If you’ve never participated one, it’s a great opportunity to experience it for the first time!

Just remember, sometimes they will incorrectly suggest that one of my answers is an opinion. It has happened before (Go Tigers).

Tickets Coming Soon

Next week will begin our early access tickets for prior year attendees, followed by the public release 1 month later. Don’t forget to subscribe to be informed as it happens!

Without further ado, here are…

Your 2025 Carolina Code Conference Speakers!

Keep scrolling for full profiles and session overviews.

// Friday Talks

WITH friday_talks AS ( -- PostgreSQL w/ CTE
    SELECT speaker, title, format, scheduled_at
    FROM talks
    WHERE DATE(scheduled_at) = '2025-08-15'
)
SELECT * FROM friday_talks ORDER BY scheduled_at;

morning.summary()

• 9:00am // Trey Grainger - AI-Powered Search: Exploring the Algorithms Measuring (and Shaping) How We Think #keynote

• 10:00am // Larry Maccherone - Godfather Security: How Development Can Make an Offer that Security Can't Refuse #intermediate

• 10:30am // Nate Argaw - Drawing with Math - Pixel Shaders #lightning

• 10:45am // Andrew MacLean - Turning Over a New Leaf: An Elegant PHP Framework for Modern Web Development #intermediate

• 11:15am // Redvers Davies - Fast, Concurrent, Secure, Correct Actors… and a pony! #lightning

• 11:30am // Ruthie Ballenger - Using an Anti Corruption Layer to Migrate Legacy Data #intermediate

• 12:00pm // Houston Haynes - Firefly - an F# compiler goes native to CPU, GPU and beyond #intermediate

lunch.summary()

• 12:50pm // Blake Coleman - AI, Automation, and the Job Hunt: What You Need to Know #lunch

afternoon.summary()

• 1:30pm // Sarah Matta - Number Sense for Programmers: The Hidden Math You Already Use #intermediate

• 2:00pm // Doug Cone - Beyond Play: Modding Games for Real-World Tech Skills #lightning

• 2:15pm // Karl Groves - Everything you need to know about JavaScript accessibility #intermediate

• 2:45pm // Udit Misra - Zero Downtime, Zero Regressions: Perfecting the Art of Code Releases #lightning

• 3:00pm // James Lowden - The Once and Future COBOL #intermediate

• 3:30pm // Nerando Johnson - And It Was Written ~ An Introspective in the Importance of ReadMes #lightning

• 3:45pm // Craig Kerstiens - Postgres, say what? #keynote

// Saturday Talks

query { # GraphQL
  saturdayTalks: talks(
    where: { scheduled_at: { _eq: "2025-08-16" } }
    order_by: { scheduled_at: asc }
  ) {
    speaker, title, format, scheduled_at
  }
}

morning.summary()

• 9:00am // Matt "Kelly" Williams - Putting the FUN back in Fundamentals: Data Structures, Algorithms, and More! #keynote

• 10:00am // Joel Taddei - Lark and Load: Parsing with Python #intermediate

• 10:30am // Jared Rhodes - Home Lab - Private Cloud on a budget #lightning

• 10:45am // Ethan Foulkes - 10 words for building software successfully. #intermediate

• 11:15am // David Mackey - Retro Coding with QB64 #lightning

• 11:30am // Sam Ruby - Using Kamal 2.0 in Production #intermediate

• 12:00pm // Reet Kaur - Hacking the Machine: Unmasking the Top 10 LLM Vulnerabilities and Real-World Exploits #intermediate

lunch.summary()

• 1:30pm // Kevin Ferretti - Welcome to the era of TigerBeetle #intermediate

• 2:00pm // Louis Burroughs - Throughput in Software Development #lightning

• 2:15pm // Diana Pham - Beyond Badges: The Biology & Psychology Behind Effective Gamification in Mobile Apps #intermediate

• 2:45pm // Sagar Suri - Current Events: Lessons Learned Streaming 14 Trillion Daily Telemetry Events #lightning

• 3:00pm // Zach Daniel - Building on Sand: Elixir's Fundamental Design Advantage #intermediate

• 3:30pm // Jake Hendley - Software in the EV space #lightning

• 3:45pm // Duncan Michel - Regex for Fun and Profit #keynote

// Full Profiles

Trey Grainger |> Greenville, SC

Author: AI-Powered Search, Founder @ Searchkernel

Social: [ @treygrainger, LinkedIn, Blog, SearchKernel, Sessionize ]

Books: [ AI-Powered Search, Solr in Action ]

TREY GRAINGER is the founder of Searchkernel, a software company building the next generation of AI-powered search. He is an advisor to several startups and adjunct professor of computer science at Furman University. He previously served as CTO of Presearch, a decentralized web search engine, and as chief algorithms officer and SVP of engineering at Lucidworks, an search company whose search technology powers hundreds of the world’s leading organizations. He is also the co-author of Solr in Action (Manning, 2014), the leading book on Apache Solr. Trey has over 18 years of experience in search and data science, including significant work developing semantic search, personalization, and recommendation systems, and building self-learning search platforms leveraging content and behavior-based reflected intelligence. This work resulted in the publication of dozens of research papers, journal articles, conference presentations, and books at the cutting edge of intelligent search systems.

Keynote // AI-Powered Search: Exploring the Algorithms Measuring (and Shaping) How We Think

Category: [ Artificial Intelligence / Machine Learning ]

Languages: [ Python, Java ]

Framework/Platform: [ Search Engines, Vector Databases, LLMs, RAG, Generative AI ]

Every day, AI algorithms are helping you find information, recommending content to you, and learning about your interests and preferences in the process. With the rise of generative AI, the prevalence of these AI-powered search algorithms is growing exponentially. They are now helping generative AI to hold conversations, produce valuable work (planning, writing, coding, creating, conversing, assisting, etc.), and automate away significant amounts of work that can - depending on one’s context, either displace their job or significantly increase their productivity.

In this talk, Trey Grainger, author of the recently published book AI-Powered Search (aipoweredsearch.com), will dive into what these AI-powered retrieval algorithms are, how they work, and the growing influence they have over our daily lives in terms of how we spend our time, what information we see, and how our perceptions are shaped. We’ll discuss some key algorithms and AI models you may have never heard of, like click models, signals boosting, collaborative filtering, LLMs (large language models), semantic knowledge graphs, RAG (retrieval augmented generation), transformer and diffusion models, and multimodal vector search. We’ll cover a high-level overview of how these algorithms work, how they impact us on a daily basis, and how you can also leverage them in your own work.

Larry Maccherone |> Raleigh, NC

Couples Counseling between Security and Engineering

Social: [ LinkedIn, Transformation.dev, Sessionize ]

Larry Maccherone is a DevSecOps/Shift-Left/Dev-centric Security and Development improvement pioneer.

At Comcast, Larry launched and scaled the DevSecOps Transformation program over five years by safely empowering 600 development teams to take ownership of the security of their products. Larry was a founding Director at Carnegie Mellon's CyLab, researching cybersecurity and software engineering. While there, he co-led the launch of the DHS-funded Build-Security-In initiative. Larry has also served as Principal Investigator for the NSA's Code Assessment Methodology Project, which wrote the book on evaluating application security tools and received the Department of Energy's Los Alamos National Labs Fellow award.

Larry firmly believes in learning by doing so in his spare time; he is the author of a dozen open source projects, one of which gets a million downloads per month.

Intermediate // Godfather Security: How Development Can Make an Offer that Security Can't Refuse

Category: [ DevSecOps, Cybsersecurity, Development ]

There is the way development really functions and there is the way security believes development functions. In most organizations, the two don’t match.

Join DevSecOps pioneer Larry Maccherone for an enlightening guide - tried and tested with scaling security in 600 dev teams - that engineering can use to “make a deal” with security so the two functions align more closely. You will hear thoughts on what true Developer-First Security could look like; what practices and tools provide better risk reductions; how productivity doesn’t need to be hampered by security; and, how security can be scaled in engineering terms.

Nate Argaw |> Greenville, SC

Creative Technologist

Social: [ @shader_daily, LinkedIn, Instagram, Shader Daily, Blog, Sessionize ]

Nate Argaw is a freelance creative technologist with a passion for crafting immersive experiences on the web. Specializing in 3D rendering, he create captivating games and interactive visualizations using WebGL/Three.js. Nate also enjoys experimenting daily with computer graphics through GLSL shaders, pushing the boundaries of creativity and technology.

Lightning // Drawing with Math - Pixel Shaders

Category: [ Development ]

Languages: [ GLSL ]

Framework/Platform: [ Three.js ]

Shaders are prevalent across all types of media. Whether it is movies, animation or video games, shaders have a prominent role in creating and elevating the entertainment experience. This talk will introduce the audience to writing shader programs. The talk will cover a brief history of shaders, the role of the GPU and parallel processing, pixel shaders and the role of math and the GLSL language. Furthermore, the talk will explore the idea of using functions as paint brushes, signed distance fields (SDFs), combining and coloring SDFs. The talk will emphasize the role of shaders in artistic expression and how to get started learning the magical art of shaders.

Andrew MacLean |> Victoria, Canada

Staff Developer Educator at Twilio

Social: [ @andrewdmaclean, LinkedIn, Blog, Twilio, Sessionize ]

Meetup: [ #Leaf #Community ]

Andrew is equal parts tech enthusiast, educator, and the kind of person who can’t resist pressing buttons just to see what happens (sometimes even twice). A former classroom teacher with nearly a decade of experience crafting learning experiences for techies of all ages, he traded chalkboards for the keyboards of the tech industry in 2020 and hasn’t looked back. Since then, he’s worn many hats—Community Manager, Developer Advocate, and now Developer Educator at Twilio—where he helps developers connect the dots between imagination and implementation. When he’s not building (or breaking :sweat_smile:) things with tech, you’ll find Andrew soaking up the west coast vibes on Vancouver Island, Canada—where he tries (and often fails) to look outdoorsy.

Intermediate // Turning Over a New Leaf in PHP

Category: [ Development ]

Languages: [ PHP ]

Framework/Platform: [ Leaf PHP ]

In the ever-growing forest of frameworks that shape modern web development, Laravel stands tall—a towering redwood that reflects the strength of the PHP ecosystem. But just as forests depend on giant trees for structure, it’s the small, nimble leaves that capture sunlight, fuel growth, and keep the system thriving.

Enter Leaf: an elegant PHP framework built for speed, simplicity, and flexibility. In this talk, we’ll explore how Leaf empowers developers to build modern applications with less overhead and more control. Whether you're a Laravel loyalist or simply searching for a fresh perspective, it might be time to turn over a new Leaf.

Redvers Davies |> Charlotte, NC

Polyglot, Professional InfoSec Troubleseeker, and diaeresis activist.

Red is a full-time InfoSec Troubleseeker who started his professional life building ISPs, when the only interview questions were: "Do you know what a Web-Browser is?", and "Do you think you can get NCSA httpd to compile on AIX?".

After scaling an ISP from a few thousand users to millions, Red wrote award winning network discovery software and promptly had his IP stolen by a company with more Lawyers than developers.

Red now works in Information Security doing "AllTheThings"™, and spends his spare time playing with family, designing electronic badges for Security Conferences, exploring languages (both human and computer), and trying to squeeze every single cycle of performance out of his systems.

Lightning // Fast, Concurrent, Secure, Correct Actors… and a pony!

Category: [ Development ]

Languages: [ ponylang ]

Concrurenyc is hard.

Allowing multiple threads or Actors to access the same resources at the same time results in race conditions, non-deterministic behaviour, and inevitable data corruption.

Different systems mitigate these risks in different ways.

Databases use locks to limit access by time.

The BEAM copies messages to limit access in space.

Python has the Global Interpreter Lock to serialize all access.

Introducing Pony: An open-source, cross-platform, object-oriented, actor-model, capabilities-secure, high-performance programming language… and a pony.

Pony was originally designed to sniff market trades off a network and make very fast decisions based on what it saw. It had to be ridiculously fast, and above all - correct.

Processors aren't getting faster, they're getting wider. Pony was designed from the ground up to implement fast and safe data sharing between actors.

All variables in pony are strongly typed, and tagged with a "reference capability" which describes how that data may (or may not) be shared.

These compile-time only "reference capabilities" implement a mathematically proved model for safe data concurrency. Quickly.

To mitigate the dangers of supply-chain attacks, Pony implements "object capabilities", which are extensible unforgeable tokens which permit external operations such as file, environment, shell, or network access.

You can confidently download a hypothetical "left-pad" package. If you do not provide a token to the package, the package cannot do evil things™.

Pony has no locks.

Pony has no blocks.

Pony is memory-safe.

Pony is type-safe.

Pony has no runtime exceptions.

A program that compiles should never crash. If it crashes for anything other than memory exhaustion, it is likely a compiler or runtime bug that should be reported.

Ruthie Ballenger |> Greenville, SC

Full Stack Architect

Social: [ LinkedIn ]

Ruthie is a Greenville born native who currently works for Michelin as a Platform Architect for the Customer Experience domain with over 29 years of experience in Software Development with wide range of knowledge in many programming languages and frameworks.

Intermediate // Using an Anti Corruption Layer to Migrate Legacy Data

Category: [ Development ]

Languages: [ Java ]

Framework/Platform: [ Springboot, Microservices ]

To modernize applications without migrating outdated database schemas or unused data, it is essential to adopt a strategic approach to this migration. At Michelin IT, my team undertook the task of modernizing our application while simultaneously optimizing the database schema to eliminate redundant data and outdated schemas.

Our goal was to ensure continuous system operation while incrementally enhancing our web application, feature by feature. We aimed to transition our database from MySQL 5.6 to a PostgreSQL PaaS instance to leverage improved availability and advanced features.

Since we needed to keep the legacy application running and keep the data in sync with the new modern functionality however we needed to use the modernized data in the legacy application and modern application. We adopted the strategy of using an Anti Corruption Layer to keep the data in sync.

We gained significant insights into this strategy, including valuable lessons on what to avoid. This presentation outlines our approach to creating and utilizing an Anti-Corruption Layer (ACL), along with the lessons learned. It also includes Java code examples for reference.

Houston Haynes |> Asheville, NC

Founder of SpeakEZ.ai - former F# Software Foundation Board of Trustees

Social: [ LinkedIn, SpeakEZ.ai ]

Houston's career started when his university research advisor Bob Moog was leaving academia and restarting his business. That eventually led to the revival of Moog Music as an international brand. He has since worked in industries ranging from entertainment to automotive, where hardware-driven process automation, software-based decision support and related intelligent devices were always part of the picture. He founded SpeakEZ in 2020 in response to the corporate surveillance proliferating in cloud services and continues his work designing security and privacy-minded intelligent services for organizations of all sizes.

Intermediate // Firefly - an F# compiler goes native to CPU, GPU and beyond

Category: [ Cybersecurity, Artificial Intelligence / Machine Learning]

Languages: [ F#, LLVM, MLIR, F* (F-star) ]

Framework/Platform: [ Native ]

This talk is an exploration of how F#s new Firefly compiler, part of the Fidelity Framework, creates a seamless bridge between high-performance computing and formal verification. Discover how Firefly's direct MLIR/LLVM compilation unlocks native efficiency while F* verification ensures mathematical correctness. Get a glimpse into how this groundbreaking open core initiative enables targeting verifiable AI systems to CPU, GPU and other accelerators "on the metal" - all while maintaining F#'s tooling vaunted reputation for providing guardrails to support developer productivity.

Blake Coleman |> Greenville, SC

Co-Founder @ STEM Search Group

Social: [ LinkedIn, Blog, STEM Search Group, Sessionize ]

Meet Blake—a seasoned technical recruiter since 2005 and co-founder of STEM Search Group, which he helped launch in 2020. Over the years, he's built a versatile career working with VC-backed startups, tech giants, Fortune 500 companies, and bootstrapped SaaS shops across various industries.

A graduate of the University of Georgia, Blake's journey has taken him through six different states before settling in Greenville, SC. Beyond his recruiting work, he enjoys geeking out developing his company’s proprietary AI tools. He also serves on the board of IT-oLogy, a South Carolina-based tech outreach nonprofit.

Lunch // AI, Automation, and the Job Hunt: What You Need to Know

Category: [ Career ]

Why does it seem like there are 100+ applicants for every job? Why do I not hear back about a role I'm a perfect fit for?

AI and automation have shifted the landscape faster than talent acquisition teams, and recruiters have been able to adapt. Both the job seeker and those hiring are feeling the strain.

We'll discuss:

• Tools candidates should be aware of and how to use them

• Share what hiring companies see

• What's changing to combat automated applications

• What job seekers can do to get noticed

Sarah Matta |> Augusta, GA

Thinking beyond the obvious, solving beyond the expected

Social: [ LinkedIn, Blog, Sessionize ]

Sarah has a gift for spotting what most people miss. Whether it's a gap in a process, an unspoken tension in a team, or a hidden opportunity, she has a way of bringing the invisible into the light - and helping others see it clearly, too.

Doing the right thing isn’t just a principle for Sarah; it’s a practice. She brings a strong sense of integrity to everything she does, and she doesn’t shy away from tough decisions when they’re the right ones.

With a solid background in software development, plus real-world skills in project and organizational management, Sarah knows how to get things done without losing sight of the people behind the work. She’s equally comfortable diving into code or untangling a team’s workflow - and she brings her full self to both.

She also gives her time generously, volunteering to support causes and communities she cares about. Thoughtful, reliable, and just the right amount of curious, Sarah brings clarity, heart, and momentum wherever she goes.

Intermediate // Number Sense for Programmers: The Hidden Math You Already Use

Category: [ Development, Cybersecurity, Computer Science ]

Languages: [ Rust, Python, C#, JavaScript ]

Many developers claim they’re "bad at math," yet mathematical thinking is embedded in everything they do. From loops mirroring sigma notation to optimizing search algorithms through factorization, number sense - the intuitive grasp of patterns, estimation, and numerical relationships - shapes how we perform our jobs. From how we approach a challenge, think through an issue, or write efficient code.

Math in programming goes even deeper than that. Can computers generate true randomness, or is it all just clever illusion? Why does 0.1 + 0.2 ≠ 0.3, and how did floating-point errors lead to multimillion-dollar failures? In this talk, we’ll explore how embracing number sense helps developers troubleshoot bugs, write more scalable code, and unlock a deeper understanding of computation. Math isn’t just for theory, it’s a secret weapon every programmer can wield.

Doug Cone |> Greenville, SC

Professional Problem Solver

Social: [ LinkedIn, Blog ]

Doug Cone is a Senior Full Stack Developer with over 2 decades of experience in software development. As the former Director of Tech & Game Design at BlueBird Gaming, Doug led a team developing and maintaining one of Australia's most popular FiveM servers, engaging thousands of gamers. His expertise spans game feature design, infrastructure management, security, and custom interface development using React/Vue. Beyond gaming, Doug has held leadership roles at Flywheel Technologies and MindSize, bringing technical vision to startups and established businesses alike. When not coding, he's an active disaster relief volunteer who has assisted at 25+ natural disaster sites and led volunteer teams for over 8 years.

Lightning // Beyond Play: Modding Games for Real-World Tech Skills

Category: [ Development, Gaming, Security, UI/UX, Accessibility, Testing / QA, Career ]

Odds are you’re a gamer. You might not see yourself that way, but whether it’s the Black Ops, the Sims, Candy Crush, or Wordle, 3+ billion of us play video games. Gamers are no strangers to the thrill of exploring new worlds and conquering challenges, or just having fun. Game modding might seem out of reach, but it’s surprisingly accessible. In this session, I’ll share my own journey from casual gamer, to six figure income as a game modder.

Discover How Modding Can:

• Boost your problem-solving skills

• Improve your coding abilities through hands-on experience

• Provide an outlet for creativity

• Create opportunities in game development, cybersecurity, or other fields

From GameShark to full-stack development, learn how the modder’s hacker mindset translates to professional problem-solving skills

Karl Groves |> Washington, D.C.

Focused on actively fixing accessibility

Social: [ LinkedIn, Mastodon, Blog, AFixt, Sessionize ]

With 20 years of experience in web development, usability, and accessibility, Karl Groves is widely regarded as a pragmatic solution-finder and thought leader in the accessibility industry. In his role as Founder of AFixt, Karl focuses on pragmatic and efficient ways of improving the accessibility of websites and software.

Intermediate // Everything you need to know about JavaScript accessibility

Category: [ UI/UX, Accessibility ]

Languages: [ HTML/CSS, Javascript ]

Accessibility is often seen as nebulous by designers and developers. It is particularly difficult if you don't know anyone with disabilities or have never watched anyone with disabilities use a computer. In this talk, Karl Groves uses a live coding example to walk through the high level requirements for an accessible user experience that relies on JavaScript. In the process, we'll talk about focus management, accessibility, and the proper implementation of WAI-ARIA to ensure the broadest compatibility with browsers and assistive technologies.

Udit Misra |> San Francisco, CA

Software Engineer at Azure Networking

Social: [ LinkedIn ]

Udit is a Software Engineer at Microsoft specializing in Azure Networking. With over 4 years of experience and a Master's in Computer Science, he focuses on designing and developing solutions to tackle real-time challenges, ensuring a seamless experience for Azure customers. Udit is passionate about solving complex issues related to infrastructure, cost management, and production environments.

Lightning // Zero Downtime, Zero Regressions: Perfecting the Art of Code Releases

Category: [ Development, DevOps ,Artificial Intelligence / Machine Learning, Product ]

In today’s rapidly evolving software development landscape, ensuring that code releases are flawless—without introducing regressions—is crucial for maintaining stability and user trust. As new releases become more sophisticated, the risk of unintentionally disrupting the current working behavior of applications increases, leading to potential regressions. This can be particularly damaging for industries where user experience is critical, such as in banking, finance, and retail.

When code is released without thorough checks, it can result in mistrust between the customer and the service, as end-users may experience disruptions that negatively affect their experience. To prevent this, it is essential to implement robust systems that safeguard against regressions and downtime before code reaches production. These systems should include comprehensive checks across different levels of sub-environments—such as testing, pre-production, and staging—ensuring that the code performs as expected at each stage.

This talk will explore strategies that can be employed to achieve zero regressions and minimal downtime during code releases. One of the key approaches is leveraging machine learning and A/B testing to gain insights from previous releases, comparing them with the new release to detect any anomalies or potential issues before they reach production. By examining the metrics from previous versions, teams can proactively identify patterns that might signal problems with the new code.

Additionally, this session will emphasize the importance of performance testing in test environments. By stress-testing the code in a controlled environment, teams can identify spikes in metrics that could indicate performance issues in the production environment, enabling early intervention. Through real-world examples, the talk will demonstrate how combining these strategies—along with a robust testing and monitoring pipeline—can ensure that new code releases are seamless, reducing the chances of regressions and downtime while preserving customer trust and satisfaction.

Attendees will walk away with actionable insights into how to build resilient systems that can deliver frequent updates while safeguarding the integrity and performance of their applications.

James Lowden |> Camden, ME

Senior Architect, Symas Corporation, bringing COBOL to GCC

Social: [ LinkedIn, COBOLworx, Sessionize ]

James spent the first 30 years of his career on Wall Street in application programming, database design, and quantitative research. Now he's in pure technology, building compilers and systems for other programmers. After decades in Manhattan, his work life is now fully virtual, and his real life is on the Maine seacoast.

Intermediate // The Once and Future COBOL

Category: [ Development ]

Languages: [ COBOL ]

GCC 15, due for release in May 2025, for the first time includes COBOL among the languages it compiles. Alongside the venerable gcc and g++, there is now gcobol.

The reader may well wonder why a small company would devote years of development to produce a product they don't own and can't sell. The reader might also wonder why GCC decided to include COBOL, and why anyone not retired would care. In short, what use is COBOL?

To those questions and more, we have answers.

As Mark Twain said of himself, news of COBOL's demise is much exaggerated. Industry studies show billions of lines of COBOL still in production. With a probability of 95%, your last ATM transaction went through a COBOL application. Nearly every large firm went through Y2K 25 years ago to add two digits to the date, to adapt their critical software to the 21st century. They didn't do that to throw it all away.

COBOL was and remains useful because it was specifically designed for its problem domain. No language is better suited for nuts-and-bolts unglamorous data processing. For example, COBOL defines an I/O model, numerical precision, 8 forms of rounding, and over 100 runtime exceptions.

Programming languages often have shallow, undeserved reputations. Lisp has too many parentheses, COBOL too many words, Perl is write-only. Let's talk about why COBOL remains viable and vital, and why it's now part of GCC.

Nerando Johnson |> Atlanta, GA

Software Developer | Technology Consultant | Technology Community Organizer

Social: [ @nerajno, LinkedIn, Instagram, Blog, Sessionize ]

Meetup: [ FreeCodeCamp Atlanta ]

Full-stack developer skilled in React/Node.js, led mortgage platform development with 9-person team, building scalable solutions for 5,000 concurrent users. Created JavaScript ad tech at Cartoon Network (Emmy winner 2019) and rebuilt in-house software at Equity Prime Mortgage. Strong in problem-solving, documentation, and QA. Actively mentors new developers through Thinkful and Lighthouse, co-organizes FreeCodeCamp Atlanta. Won $40,000 ATLC3 civic hacking competition, donated to tech education charities.

Lightning // And It Was Written ~ An Introspective in the Importance of ReadMes

Category: [ Development, Career, Ecosystem ]

Languages: [ Typescript, JavaScript, Ruby, Other ]

Situation: You build this awesome project, providing the answers to the universe.... but no one can use it as you have no documentation.

Problem: In the world of open-source tooling, a lot of tools are built without any documentation on how to use them.

Why Talk About This: As the software ecosystem becomes more dependent on open-sourced development, it becomes a greater need to have better and clearly documented software. This talk aims to share tips to enhance documentation, and templates to make the process easier and why this is one of the important habits to develop as a developer/ software craftsman.

Why listen to me: As a former science educator turned full-stack developer, I have gained some insights into the importance of proper documentation and its effectiveness as a communication tool./skill.

Craig Kerstiens |> Albany, CA

Product @ Crunchy Data

Social: [ @craigkerstiens, LinkedIn, Blog, Crunchy Data ]

Craig was an early part of the team at Heroku in large part helping build Heroku Postgres. He lead product team at Citus data and ran the Postgres product team at Microsoft after Citus data was acquired. He has a record of scaling developer focused companies. Craig regularly writes about startups and dev tools companies.

Keynote // Postgres, say what?

Category: [ Development ]

Languages: [ SQL ]

Framework/Platform: [ PostgreSQL ]

We all love Postgres, or so we say. But can we defend it, do we know why we love Postgres?

We'll cover a rapid fire set of what makes Postgres great. Intermixed with a lot of things you had no idea Postgres could do.

Some examples of things we'll cover.

psql is the Postgres CLI. But don't you want a more advanced graphical editor? Not when you realize all it can do.

What if I told you I could do a health check on your database in 5-10 minutes–asking you nothing about your app and find easy wins for performance improvement? Every Postgres database has this information to pull it off and you don't have to be a DBA for Postgres to to take advantage.

What about watching a movie from within Postgres? Does that make any sense at all? And while watching a movie from within Postgres may not help you with your production database, engineering at times should be fun!

Matt "Kelly" Williams |> Loveland, CO

Sustainable IT Innovator Championing Agile Sustainability & Green Tech | | CEO of Sustainable IT Manifesto Foundation | International Speaker | Advisory Board Member

Social: [ @matt_k_williams, LinkedIn, Bluesky, Blog, Making Software Greener, Sustainable IT Manifesto ]

Matt "Kelly" Williams is the founder of Making Software Greener, the CEO of the Sustainable IT Manifesto Foundation, advisory board member for the Green Computing Foundation, and a speaker and mentor on IT practices including DevOps, Cloud Computing, and mental health advocacy. He has always wanted to be a Renaissance person; perhaps one day he will be. In the meantime, he explores IT Sustainability, is learning photography, designs tabletop games, reads, weaves, cooks, hacks, and explores the mountains near Loveland, Colorado.

Keynote // Putting the FUN back in Fundamentals: Data Structures, Algorithms, and More!

Category: [ Computer Science, Development, Career ]

In this session, we will bring FUN back to Fundamentals as we:

• Look at favorite data structures and algorithms from the 70s, 80s, and 90s: where are they today?

• Discover why hashes aren't just for breakfast.

• Discover the Lolrus' favorite data structure (hint: it's got a bukkit).

• Discover why some searches gallop and others proceed at a snail's pace.

• Face hard truths: sometimes brute force is the best method.

• Face harder truths: someone has to maintain the code you write today... and they know where you live.

• Face the hardest truth: CPU, Memory, Storage, and I/O are not infinite.

And... most importantly... discover the BEST algorithm and the BEST data structure.

Joel Taddei |> Greenville, SC

Sr. Backend Engineer - Zapier

Social: [ LinkedIn, Zapier ]

Hi! I'm Joel. I've lived in upstate South Carolina for the past 10 years, originally moving here to teach at The Iron Yard. I've been coding for about 15 years, though I also have a background in Architecture and Design from my previous career.

I am currently employed at Zapier where I spend all day working on the Tables product and obsessing over process automation. When I feel like coding in my free time, I am currently working on a web based Bingo platform.

EDITOR’S NOTE: Joel is also the Founder of the Carolina Code Conference!

Intermediate // Lark and Load: Parsing with Python

Category: [ Development ]

Languages: [ Python ]

Framework/Platform: [ Lark ]

Parsing structured text isn’t just about JSON or XML—sometimes, you may need to work with unconventional formats, legacy data, or -in the extreme case- create your own pet-language. This talk explores how Lark, a powerful Python parsing library, can help you handle complex text processing challenges with ease.

We’ll discuss how to use Lark to parse uncommon data formats, transforming raw text into structured data. Beyond that, we’ll dive into building your own domain-specific language (DSL), such as a custom formula language or query syntax, empowering users to interact with your application in more expressive ways.

If you've ever wondered about parsing custom text inputs or dreamed of crafting your own lightweight language, this talk will give you the roadmap to make it happen—without getting lost in compiler theory.

Jared Rhodes|> Atlanta, GA

Principal Consultant, EPAM Systems

Social: [ @QiMata, LinkedIn, Facebook, Blog, Sessionize ]

Meetup: [ Atlanta Hardware Builders ]

Jared Rhodes is a Principal Consultant at Epam Systems with over 15 years of expertise in cloud architecture and IoT. Known for his strategic guidance on large-scale cloud migrations and digital transformations, Jared has led projects for Fortune 100 clients across industries such as insurance, retail, automotive, and life sciences, while fostering innovative solutions aligned with Microsoft cloud platforms.

He organizes the Atlanta Developers Conference and the Atlanta Cloud Conference, along with user groups including the Atlanta .NET, Azure in the ATL, and the Atlanta Hardware Builders. A Microsoft MVP and community leader, Jared also has a robust library of video courses on Pluralsight covering Azure AI, IoT, and Xamarin mobile development. His contributions to the tech community reflect a commitment to advancing industry knowledge in cloud and IoT technologies.

Lightning // Home Lab - Private Cloud on a budget

Category: [ Operations ]

Ever wanted to run your own private cloud but thought it was out of reach due to cost? Think again! In this session, we'll show you how to build a powerful, cost-effective private cloud.

• Acquire Cheap Hardware - Learn how to source and select affordable hardware that meets your requirements.

• Utilize Free Software - Discover how to leverage Proxmox, TrueNAS, and pfSense—powerful and free tools that allow you to create a fully functional private cloud without costly licenses.

• Use a Homelab - Understand how to set up, configure, and maintain a home lab environment.

Attendees will leave this session with a clear understanding of how to build and manage their own private cloud on a budget.

Ethan Foulkes |> Greenville, SC

Simplifying work.

Social: [ LinkedIn, Magic Button Labs ]

Ethan is the CEO of Magic Button Labs. His passion for simplifying explanations for how dev, design, and product management interact has led to the creation of Klutch as a bridge between the business and technical worlds. The Klutch framework uses fun, real-life stories to teach the first principles of outcome driven development using plain English.

Intermediate // 10 words for building software successfully.

Category: [ Development, Team Process & Management ]

Software development success doesn't come from how well you build the things you need.

Success comes from knowing what NOT to do, and making sure no one does those things!

Sounds simple, but it's actually incredible hard to do.

You need expertise from designers, product managers, and developers. Each of these teams is full of frameworks, experts and industry jargon.

More importantly, this expertise needs to be aligned with executives, salespeople and marketers.

Alignment is hard when you speak different languages, and if you aren't fluent in someone else's language...it's easy to talk past each other and not even realize it.

After decades of working in this world, we've landed on 10 words that explain the 3 first principles everyone in a company needs to understand for true alignment to happen.

Come check out the 3 animated short stories that will give everyone in your company a common language to understand and combat the most common anti-patterns that take teams off course.

David Mackey |> Augusta, GA

Software Engineer / Owner, Eccentric Quality Solutions LLC

Social: [ LinkedIn, Blog, Eccentric Quality Solutions, Sessionize ]

David Mackey is the founder of Eccentric Quality Solutions, a custom software development company. Dave has experience working with a number of industries over 25+ years including healthcare, higher education, non-profits, legal, social networks, and construction. He currently works primarily with Python and TypeScript but also has experience in PHP, C#/VB .NET, and vanilla JavaScript. HTML is his good friend while CSS is something he works with - but isn't happy about it.

Lightning // Retro Coding with QB64

Category: [ Development, Gaming ]

Languages: [ QuickBasic, QB64 ]

Do you miss the "good old days" of DOS and QuickBasic? Perhaps you've only heard of these ancient technologies. They are still around - here and there. One niche community keeping QuickBasic code going is QB64. It can compile to Windows, Linux, and macOS. In this talk Dave will give you a quick introduction to QB64 and why you might want to give it a spin.

Sam Ruby |> Raleigh, NC

Rails Specialist, fly.io

Social: [ @samruby, LinkedIn, Facebook, Instagram, Blog, fly.io ]

Books: [ Agile Web Development with Rails ]

Rails Specialist, fly.io; Author of Agile Web Development with Rails; previously ASF president, W3C HTML WG co-chair; IETF Atom WG secretary; Convener of the C# and .Net CLI WGs in ECMA; PHP Core Group.

Intermediate // Using Kamal 2.0 in Production

Category: [ Operations ]

Languages: [ Javascript, Ruby ]

Framework/Platform: [ Ruby on Rails, Sqlite3, PostgreSQL, Bun ]

Kamal is a tool that offers zero-downtime deploys, rolling restarts, asset bridging, remote builds, accessory service management, and everything else you need to deploy and manage your web app in production with Docker.

Kamal 2.0 was released in September of 2024, and replaced Traefik with a new proxy, enabling automatic HTTPS, and multiple apps to be deployed to a single server.

Rails 8.0 was released in November of 2024, and pre-configures Kamal 2.0 for new applications.

In this talk I want to draw a distinction between using Kamal for deployment (getting your app on a server and starting it there), and using Kamal as a part of a larger effort to put your app in production - with things like automatic backups, logging dashboards, and monitoring.

This will venture into topics that aren't covered by the existing website, "Missing Manual" handbook, or videos which understandably focus only on Kamal itself.

I'll also cover when to chose a PaaS, when to chose Kamal, and how you can even run them side by side, something I do myself.

Reet Kaur |> Portland, OR

CISO, Author, Educator

Social: [ LinkedIn, Sessionize ]

Reet Kaur is a seasoned information security professional experienced in both public and private sectors. She is currently a leader of a consulting company offering CISO services. She was recently an Executive Director of IT Risk Management & Security at Merck Co. & Inc. Formerly, she held the role of Cabinet Executive VP and Chief Information Security Officer (CISO) at a leading higher-ed institute, Portland Community College in Portland, Oregon.

Reet has established herself as a respected industry expert. Renowned for her expertise in organizational transformation and a change agent, she adopts a unique, globally informed, risk-based approach to information security, data privacy, IT, and digital transformation.

Intermediate // Hacking the Machine: Unmasking the Top 10 LLM Vulnerabilities and Real-World Exploits

Category: [ Cybersecurity, Development, Artificial Intelligence / Machine Learning ]

Languages: [ Python, Other ]

Large Language Models (LLMs) are revolutionizing industries, but they also introduce a new and rapidly evolving attack surface. The OWASP Top 10 for LLM Applications (2025) highlights the most pressing security vulnerabilities that organizations face today. From Prompt Injection to System Prompt Leakage, Data Poisoning, and Excessive Agency, these vulnerabilities are actively exploited by threat actors in ways that many security teams are unprepared for.

This talk will be interactive, example-driven, and packed with visuals, ensuring that every attendee walks away with a clear understanding of LLM threats and actionable steps to defend against them.

Kevin Ferretti |> Asheville, NC

Technical Development Lead, also other things

Social: [ LinkedIn ]

Meetup: [ Asheville Coders League ]

Kevin went to college for biomedical engineering and quickly figured out that the only fun part of it was the software stuff, so he ditched the blood and guts and dove head first into the tech industry. Any chance he gets to deep dive into a new technology and share that knowledge with like minded people is a blessing.

Software is cool but can be a lot sometimes, so to balance things out Kevin does some birding, photography, and dancing.

Intermediate // Welcome to the era of TigerBeetle

Category: [ Development, Data ]

Languages: [ Zig ]

Framework/Platform: [ TigerBeetle ]

Data is flying everywhere these days - just imagine what it will be like in 30 years! One notable example of this data explosion is in financial transactions. Existing solutions are mostly custom code on top of general purpose databases. Those will not cut it as this exponential growth continues.

This is why TigerBeetle was created. It's a native database solution for handling absurd volumes of financial transactions not only in the current year but also in the year 2050. But the domain of the database isn't what I want to focus on. What has really captivated me with this project is how they go about achieving such high levels of reliability and performance. After we deep dive into the details together, I guarantee you'll come away from this talk with something valuable - even if you never use TigerBeetle in your life.

Some of the highlights include: centuries of database testing every day, NASA - grade code standards, and a bonus spotlight on the language behind TigerBeetle: Zig

Louis Burroughs |> Greenville, SC

Chief Architect, Business Solutions, Michelin North America

Social: [ LinkedIn, Sessionize ]

Versatile leader with a knack for tackling tough challenges in fast-paced environments. I'm a Software Architect who loves designing and building enterprise apps. I pick up new tech quickly, enjoy digging into research and writing, and have a knack for finding

creative solutions and boosting team productivity with a blend of tech smarts and people skills. I am passionate about building high-performing teams and know my way around Lean and Agile.  I recently achieved my Black Belt in Thinking, which utilizes the

Thinking Processes from the Theory of Constraints.

Lightning // AI-Powered Search: Exploring the Algorithms Measuring (and Shaping) How We Think

Category: [ Development, Team Process & Management ]

Languages: [ Java ]

I created the game Throughput to demonstrate how Queuing Theory and the Theory of Constraints can improve software development flow. The talk involves showing the gameplay in the background while I describe the game and the lessons within (including several common pitfalls most teams fall into). In the game, everyone plays on the same team to maximize the flow of materials through a software development process. Specific randomized events impact performance and choices the team can make to improve their results.

Diana Pham |> Denver, CO

Developer Advocate at Vonage and Appwrite Hero

Social: [ @dianasoyster, LinkedIn, Instagram, YouTube, TikTok, Blog, Vonage Developer Center, Sessionize ]

Food & Lifestyle Socials: [ TikTok, YouTube, Instagram ]

With a high spirit and a low sense of mortality, Diana completed her master’s in CS regardless of never having coded prior to grad school. Through her passion for learning and teaching tech, she found her calling in advocacy, where she exercises her creativity through conference talks and content creation. She likes oysters.

Intermediate // Beyond Badges: The Biology & Psychology Behind Effective Gamification in Mobile Apps

Category: [ Other ]

Let’s level up our knowledge about mobile application development from a scientific perspective–more specifically, gamification! In this talk, you will gain insight into motivation theories, understand the impact of gamification on brain activity, and acquire actionable techniques to enhance your mobile apps through effective gamification. By examining case studies related to this topic, we will discover real-world examples of successful implementations and a gaming company use case of Network APIs.

Sagar Suri |> Charleston, SC

Director, Data Foundations @ Rapid7

Social: [ LinkedIn, Blog, Rapid7 ]

Sagar has 14 years of experience in data engineering, software engineering, AI/ML, business intelligence and data governance across various industries including cybersecurity, e-commerce, commercial real estate and investment banking. Currently, Sagar is the Director of Data Foundations at cybersecurity firm, Rapid7.

Lightning // Current Events: Lessons Learned Streaming 14 Trillion Daily Telemetry Events

Category: [ Cybersecurity, Operations, DevOps ]

Languages: [ Python, SQL ]

Framework/Platform: [ Kafka, Kubernetes, TimescaleDB, Snowflake, AWS, InfluxDB ]

In this talk, we'll discuss experiences leveraging technologies such as Kafka, Kubernetes, TimescaleDB, Snowflake, AWS, InfluxDB and more to stream over fourteen trillion telemetry events daily in the cybersecurity space. There were ups. There were downs. Join me for the entire roller coaster ride as I do my best to ensure you don't repeat the same mistakes. If all goes well, you'll leave armed with some helpful tips and if nothing else, some re-assurance that we are all forever learning. And that's ok.

Zach Daniel |> Greensboro, NC

Principal Platform Engineer at Alembic, Creator of Ash Framework

Social: [ @ZachSDaniel1, LinkedIn, GitHub, YouTube, Mastodon, Blog, Ash Framework, Sessionize ]

Zach is a software engineer with ten years of experience with production Elixir applications. He is the creator of Ash Framework, a resource-oriented declarative design framework for Elixir, and principal platform engineer at Alembic. He has a passion for declarative design, functional programming, and contributing to the open source community. When not programming, he enjoys spending time with his wonderful wife, pets, friends and family.

Intermediate // Building on Sand: Elixir's Fundamental Design Advantage

Category: [ Development, Ecosystem ]

Languages: [ Elixir, Erlang ]

I've been writing Elixir for over 10 years, and have consistently seen teams deliver software to a higher degree of quality, at a higher rate of speed, and at significantly lower cost to build and to operate than with any other toolchain. Elixir is still a "niche" language, and lacks the centralized corporate backing that many other ecosystems have. Without the same community mass and financial backing, how is it possible for Elixir to be so productive and effective?

As a framework author, I often deal with high level abstractions and business logic. In this talk, however, we will peel back the covers to illustrate the small design choices underpinning the Elixir programming language that manifest in exponentially more efficient and understandable applications. Together, we will see how the core design choices in any system are multiplied and magnified when we build on top of them.

Most importantly, we will come to understand the fundamental reason that Elixir manages to be so productive and effective: We aren't building on sand.

Jake Hendley |> Greenville, SC

Senior Director of Engineering @ Ford Pro

Social: [ LinkedIn, Blog, Ford Pro ]

A bit about me - I'm a Greenville native and spent years working out of Openworks and arranging as many happy hours as possible. Over the last 4 years, I've gone from the first US engineering hire at a small startup in the bay area to leading an engineering org at Ford Motor Company. That small bay area startup was acquired by Ford in 2021, and we've been building cool stuff ever since.

Lightning // Software in the EV space

Category: [ Development, Operations, DevOps ]

Languages: [ Go, Python, JavaScript ]

Framework/Platform: [ Nestjs, Kafka, Kubernetes ]

Software in the EV space is a super wide topic. There's OCPP, which allows us to control chargers. OCPI, which allows us to publish available public chargers on various networks. ISO-15118, which gets more nitty-gritty and allows us to receive data from both chargers and vehicles. And a ton more - it's a world of acronyms and standards and protocols, but at the end of the day, we have node apps in kubernetes clusters controlling distributed physical hardware (the chargers).

We're solving some interesting problems - EV charger comms go over cell networks, so there's connectivity problems built right in. Chargers hold onto data while offline, but that amount of data varies and runtime decisions have to be made when a charger comes back online. I could probably talk for days about the whole problem space, but a high-level primer may make more sense for this talk.

My teams specifically build software that manage the flow of energy to electric vehicles. We have fleets of thousands of chargers across the globe, which we maintain direct websocket connections to and control via a protocol called OCPP. Last year, we also launched the first OEM public charging network (Ford Charge Network), which allows the general public to charge their EVs at various locations across the US and Canada. There are a ton of other features we've built - power company integrations to help charge cheaply, complex authorization logic to determine whether a vehicle should be able to charge at a specific charger, EV route planning to ensure the vehicle receives enough energy before departure, provisioning systems for tracking the physical charger's lifecycle from manufacturing to installation to eventual decommissioning. Faults and error states, ton of reporting (built on kafka with the event-sourcing paradigm).

I'm excited to talk about the EV charging ecosystem and the role software plays in that - chargers talk to vehicles, chargers and vehicles talk to our central systems, our systems talk to utilities, payment providers, public charging networks, etc. and all this is enabled by software.

Duncan Michel |> Greenville, SC

Trinity Cyber - Senior Detection Engineer

Social: [ LinkedIn, Trinity Cyber ]

Meetup: [ DEF CON 864 ]

Duncan is a cybersecurity professional and former Army officer with over thirteen years of experience in military operations, intelligence gathering, threat modeling, detection engineering, and security research.

Keynote // Regex for Fun and Profit

Category: [ Cybersecurity, Development ]

Languages: [ Python, Bash/Shell, All ]

Framework/Platform: [ Linux CLI, grep, YARA ]

A primer on regular expressions, highlighting the specific applications of this skill for cybersecurity analysis. This presentation reviews the background, basic syntax, pitfalls, development tools and cybersecurity applications of regular expressions. Example syntax is based on the Perl-compatible Regular Expression (PCRE) flavor. This talk also contains a discussion of Regular Expression Denial of Service (REDoS) - both how this vulnerability is introduced and how to test for it. Practical applications demonstrated include searching through logs, utilizing the regex functionality in YARA to detect malware files, and including pattern matching in Python scripts.

It’s going to be a great year!