I speak at international developer and security conferences on application security program design, DevSecOps transformation, and the practical realities of building secure software at scale.
Europe's largest developer conference. Julian will be speaking on the Application Security track, bringing a practitioner's perspective on how development managers and DevSecOps teams can build AppSec programs that actually stick — beyond the tool purchase.
All talks are available as keynotes, deep-dive sessions, or panel contributions. Topics can be shaped around your audience and format.
Most AppSec programs fail before a tool is deployed because organisations solve a process problem with a technology purchase. This talk gives managers a framework for fixing that.
A structured breakdown of when each testing methodology applies, how to evaluate vendors without being a security expert, and what actually differentiates tools in practice.
Translating security risk into business language. How to build the business case for AppSec investment and structure a programme your CISO and CFO will actually support.
A grounded assessment of how AI is actually changing vulnerability detection, remediation guidance, and AppSec posture management — and what to look for from vendors claiming AI capabilities.
The cultural, process, and tooling shifts that separate DevOps organisations that talk about security from ones that actually ship it. Practical, based on 15+ years of field experience.
What development managers need to understand about container image scanning, IaC misconfiguration detection, and how to build shift-left security into cloud-native engineering workflows.
Selected conferences, developer summits, and security events from the past four years — plus ongoing regular presence at European industry events.
Available for keynotes, conference sessions, panels, corporate workshops, and podcast appearances. Topics tailored to your audience — managers, practitioners, or executive leadership.