For event organizers, conference planners and journalists — bios in three lengths, press photos, talk catalog and booking contact.
Three lengths, ready to copy & paste — short for footers, standard for conference programs, long for keynote announcements.
Sven Ruppert has been programming Java in industrial projects since 1996, with over 25 years of professional experience as developer, architect, lead and consultant across automotive, aerospace, insurance, banking, the United Nations and the World Bank. Based in Braunschweig, Germany.
Today he works as a freelance Developer Advocate. Former Developer Advocate at JFrog (2020–2024, covering DACH and APAC) and Vaadin (2017–2020). He is a JCP Member, Oracle Developer Champion, DevOps Institute Ambassador and advisory board member at MicroStream. He founded and ran the Kotlin User Group Munich (1,700+ members, 2015–2026) and leads the Cloud Native Security SIG of the German Oracle Users Group (DOAG).
He has delivered over 1,000 talks, workshops and keynotes worldwide — across the United States, Canada, all major European countries, Australia, New Zealand and Singapore. Recurring talk topics span DevSecOps, Application Security (OWASP, supply-chain, CWE/CVE), Java internals (JVM, virtual threads, performance) and pure-Java server-side UI with Vaadin and EclipseStore.
He is the author of seven books on Java and DevSecOps published by entwickler.press and dpunkt.verlag — including Kotlin in Produktion, Dynamic Proxies (with Heinz Kabutz), Dependency Injection in Java and the Java 8 / Java 9 Streams series. He contributes regularly to the leading German-speaking IT magazines — JavaSPEKTRUM, Java aktuell, JAVAPRO and Java Magazin — reaching ~200,000 monthly readers, and to international developer outlets including DZone (Core Member), foojay.io, Vaadin Blog, JAXenter and Golem.de. He produces video courses on heise academy on JUnit5 and Mutation Testing.
Beyond the keyboard, he runs Arctic winter survival trainings and outdoor education under the Skadi Squad brand — bringing the same hands-on, practitioner-focused approach to wilderness skills as he does to code.
Free for editorial use. Please credit “© Sven Ruppert”. Each photo is available in multiple resolutions, in colour and grayscale.
All talks available in English 🇬🇧 and German 🇩🇪, adaptable from 30 min lightning to full-day workshop. Full live catalog with availability on Sessionize.
If your audience needs a different angle — Java internals deep-dive, tailored security training for your stack, DevOps culture, mutation testing, or a fireside chat — get in touch and we'll shape a session for your event.
Secure design, configuration, code review processes, common vulnerabilities and defensive programming for Java developers — with real-world case studies for building resilient applications.
Balancing security practices with intellectual property protection through obfuscation strategies — from identifier renaming to bytecode manipulation — while addressing performance and maintainability trade-offs.
Secure login processes, cryptographic storage, advanced hashing, public-key approaches, virtual threads with access control, zeroing strategies, memory obfuscation and ephemeral key generation in Core Java.
Real-world attack vectors and common vulnerabilities in security-critical systems. SLSA frameworks, supply chain security and developer responsibility in an AI-driven threat landscape.
Starting security in agile environments — essential first steps, methodologies, tools and strategic orientation for defending against sophisticated supply-chain attacks.
Retrieval-Augmented Generation security challenges with sensitive data: vector-database security, AI hosting, LLM protocol attention, and Java-based trust anchors for RAG systems.
The line between vulnerabilities and malicious packages — structures and techniques, obfuscation methods, security payloads, historical examples and defensive open-source projects.
Threats and classic attack points from source code to binary, free tooling, and preparation strategies against sophisticated CI/CD pipeline attacks targeting open-source infrastructure.
Linux Foundation SLSA specifications for protecting against supply-chain threats. Project limitations and implications for typical software development operations.
CVSS values, contextual analysis, operational risks, secrets detection, IaC security and obfuscation techniques for evaluating vulnerabilities within specific project contexts.
CVSS component structure and zero-to-ten severity assessment. How to adapt evaluations to organisational needs and embed them into triage workflows.
Low-hanging fruit for integrating security into software development. Practical first steps that pay back immediately, with concrete tooling and anti-patterns to avoid.
DevOps vs. SRE — how both bridge the development–operations gap and where security integration fits within these models. Practical guidance for evolving teams.
JUnit5 from `@Test` through custom extensions to building your own TestEngine. Full-stack testing variants and developing custom TestEngines for project-specific requirements.
Functional and reactive programming using plain JDK without external frameworks. Functional aspects combined with basic reactive patterns using minimalist, core-based solutions.
Mutation testing beyond code-coverage metrics — practical integration into existing projects, coverage definitions, achievements, and applicability to UI testing.
Lightweight tech stacks for persistent data handling without Kubernetes or Hadoop, designed for developers managing significant data volumes independently.
Modelling object-oriented data for high-performance persistence using MicroStream / EclipseStore — transitioning from relational mapping challenges to direct Java object-graph storage.
Topics, fees and travel terms are flexible — we’ll find a fit for your event format and budget. Available worldwide; based in Braunschweig, Germany. Native German, fluent professional English.
Direct email is the fastest path to a booking conversation. Include date, location, format and a one-paragraph audience description.
📧 sven.ruppert@gmail.comWithin 48 hours on weekdays
