I speak at conferences and other events fairly regularly. I normally aim to speak at 4 or 5 events a year and I’m happy to do a other occasional talks at professional organisations or companies who think one of my topics would be of value.
The talks I give evolve over time, but at any time I normally have 4 or 5 topics that I can speak at without too much notice and I’m always interested in developing talks on new topics if I have a little notice of the date of the talk.
The talks that I can currently give without too much preparation are:
- Democratising Software Architecture – a new and still evolving talk, othat originated at a keynote talk at ICSA 2019, and has been presented a couple of times since, on how I see architecture work evolving to be less about an architect and more about something that an entire team undertakes together. Intended to be thought provoking rather than a set of concrete practices at this stage.
- System Security Beyond the Libraries – a talk which has gone down well at a number of events, where I talk about the fundamental security knowledge that developers need to know before they start worrying about specific security technologies. It covers what security really is, how to go about designing secure systems and specific techniques like threat modelling, risk assessment and principles for designing secure systems.
- Common Webapp Vulnerabilities and What To Do About Them – this is a talk that in some ways follows on from System Security Beyond the Libraries and gets more specific. The purpose of the talk is to introduce people to the OWASP Top 10 Web Application Vulnerabilities list, to explore how it has changed over the last few versions in 2013 and 2017, and to explain each of the vulnerabilities and how they can be mitigated. I’ve given this talk at a couple of conferences and to clients too and it’s been very well received. I also have an interactive workshop version where people get to try to exploit the vulnerabilities themselves using a deliberately insecure application running in a VM.
- Security Principles for the Working Architect – this talk has been presented at a number of large conferences and has received very good feedback each time. It presents a set of 10 practical security principles to guide architects, designers and teams to make design decisions that help to make their systems more secure.
- Building Applications Securely – this is a relatively new talk (2019) which has gone down well at a development conference. It explains how to move beyond secure analysis and design and explains the practices that help regular teams to increase the security of their software in a practical and accessible way.
- Uniting Architecture Work with Reality using Architecture Principles – this talk, which can be tailored to various lengths, explains what an architecture principle is and how principles can be a practical tool to align the work of enterprise and application architects with the development teams delivering the real work.
- Software Architecture with Stakeholders, Viewpoints and Perspectives – historically, one of my most popular talks, explaining how to go about developing the architecture of a system using the approach described in our highly acclaimed book. Introduces software architecture, explains how to deal with a varied stakeholder community and how to develop and describe an architecture that meets their conflicting needs.
- Getting Your System to Production and Keeping It There – a talk explaining why getting a system into production is often a painful process and the set of design principles, technology decisions and processes that can ease the pain.
- UML the Good Bits – how to use some key parts of UML and its best kept secret (profiles) to describe the design of systems in a way that people will actually understand.
- A Team, A System, Some Legacy and You – I developed this talk for QCON based on my experience of joining projects that have been established for some time and so have their fair share of problems as well as achievements. I explain why architecture is all the more important when things start going wrong and the practices architects need to use to be successful in these situations.
- Event Driven Systems – a talk that explains the principles, patterns and pitfalls of developing systems that use events as one of their primary abstractions. Event driven systems (and architectures – EDA) look easy and obvious until you try to use them for a real system. This talk explains the power of events and how to apply them to real information systems.
Most of these talks are 60 – 90 minutes in their current form, with the exception of the “Software Architecture with Stakeholders, Viewpoints and Perspectives” talk that can be presented in a number of forms from 60 minutes to a full day tutorial.