The Building Plan: Thinking Architecturally

You are ready to level up your skills. Or, you've already been playing accidental architect, and need to have a structured plan to be designated as one. Well, your wait is over.

From the author of O'Reilly's best-selling “Head First Software Architecture” comes a full-day workshop that covers all that you need to start thinking architecturally. Everything from the difference between design and architecture, and modern description of architecture, to the skills you'll need to develop to become a successful architect, this workshop will be your one stop shop.

We'll cover several topics:

• What is architecture, what is design, and the spectrum between them
• The modern description of architecture
• Understanding architectural characteristics
• A brief coverage of some architectural styles
• Other skills you need to have to become a successful architect

This is an exercise heavy workshop—so be prepared to put on your architect hat!

System Design AI Mastery: Architecting for Scale, Speed, Reliability - Full Day

Modern system design has entered a new era. It’s no longer enough to optimize for uptime and latency — today’s systems must also be AI-ready, token-efficient, trustworthy, and resilient. Whether building global-scale apps, powering recommendation engines, or integrating GenAI agents, architects need new skills and playbooks to design for scale, speed, and reliability.

This full-day workshop blends classic distributed systems knowledge with AI-native thinking. Through case studies, frameworks, and hands-on design sessions, you’ll learn to design systems that balance performance, cost, resilience, and truthfulness — and walk away with reusable templates you can apply to interviews and real-world architectures.

Target Audience

Enterprise & Cloud Architects → building large-scale, AI-ready systems.

Backend Engineers & Tech Leads → leveling up to system design mastery.

AI/ML & Data Engineers → extending beyond pipelines to full-stack AI systems.

FAANG & Big Tech Interview Candidates → preparing for system design interviews with an AI twist.

Engineering Managers & CTO-track Leaders → guiding teams through AI adoption.

Startup Founders & Builders → scaling AI products without burning money.

Learning Outcomes

By the end of the workshop, participants will be able to:

Apply a 7-step system design framework extended for AI workloads.

Design systems that scale for both requests and tokens.

Architect multi-provider failover and graceful degradation ladders.

Engineer RAG 2.0 pipelines with hybrid search, GraphRAG, and semantic caching.

Implement AI trust & security with guardrails, sandboxing, and red-teaming.

Build observability dashboards for hallucination %, drift, token costs.

Reimagine real-world platforms (Uber, Netflix, Twitter, Instagram) with AI integration.

Practice mock interviews & chaos drills to defend trade-offs under pressure.

Take home reusable templates (AI System Design Canvas, RAG Checklist, Chaos Runbook).

Gain the confidence to lead AI-era system design in interviews, enterprises, or startups.

Workshop Agenda (Full-Day, 8 Hours)
Session 1 – Foundations of Modern System Design (60 min)

The new era: Why classic design is no longer enough.

Architecture KPIs in the AI age: latency, tokens, hallucination %, cost.

Group activity: brainstorm new KPIs.

Session 2 – Frameworks & Mindset (75 min)

The 7-Step System Design Framework (AI-extended).

Scaling humans vs tokens.

Token capacity planning exercise.

Session 3 – Retrieval & Resilience (75 min)

RAG 2.0 patterns: chunking, hybrid retrieval, GraphRAG, semantic cache.

Multi-provider resilience + graceful degradation ladders.

Whiteboard lab: design a resilient RAG pipeline.

Session 4 – Security & Observability (60 min)

Threats: prompt injection, data exfiltration, abuse.

Guardrails, sandboxing, red-teaming.

Observability for LLMs: traces, cost dashboards, drift monitoring.

Activity: STRIDE threat-modeling for an LLM endpoint.

Session 5 – Real-World System Patterns (90 min)

Uber, Netflix, Instagram, Twitter, Search, Fraud detection, Chatbot.

AI-enhanced vs classic system designs.

Breakout lab: redesign a system with AI augmentation.

Session 6 – Interviews & Chaos Drills (75 min)

Mock interview challenges: travel assistant, vector store sharding.

Peer review of trade-offs, diagrams, storytelling.

Chaos drills: provider outage, token overruns, fallback runbooks.

Closing (15 min)

Recap: 3 secrets (Scaling tokens, RAG as index, Resilient degradation).

Templates & takeaways: AI System Design Canvas, RAG Checklist, Chaos Runbook.

Q&A + networking.

Takeaways for Participants

AI System Design Canvas (framework for interviews & real-world reviews).

RAG 2.0 Checklist (end-to-end retrieval playbook).

Chaos Runbook Template (resilience drill starter kit).

AI SLO Dashboard template for observability + FinOps.

Confidence to design and defend AI-ready architectures in both career and enterprise contexts.

Thinking Functionally in Java and the JVM

Java has quietly absorbed functional ideas over the last decade. Lambdas, streams, records, sealed types. It has been an amazing journey, but most teams still write code as if none of that really changed anything. This workshop asks a simple question: what if we actually took those features seriously?

In Thinking Functionally in Java, we explore how far disciplined functional design can take us using plain Java with no rewrites, no new language mandates, and no academic detours. Along the way, we address reproducible development environments with Nix, replace exception-driven control flow with explicit error modeling, and uncover why concepts like flatMap, algebraic data types, and composability matter even if you never say the word “monad” out loud.

• Reproducible Java Environments with Nix – Defining a deterministic Java toolchain so “works on my machine” stops being a variable.
• Functional Java: What We Actually Have – Referential transparency, immutability, and total functions using modern Java features.
• Type-Driven Design: Separating data from behavior (Show, Eq) and understanding the limits of Java’s type system.
• Composition with flatMap: Sequencing computations across Optional, streams, and error-handling types.
• Understanding Monads: Context, short-circuiting, composition, and trade-offs without mysticism.
• Algebraic Data Types in Java: Modeling closed domains with sealed types instead of flags and conditionals.
• Errors as Data: Replacing exception-driven control flow with explicit result types (Either, Try).
• Putting It Together: Designing a small, readable service that isolates side effects and composes cleanly.
• Breaking the Java Wall: A look at higher-kinded types, effects, and what Java still can’t express in languages other than Java

Hands-On AI Agent Engineering - Habits for safe, explainable, domain-grounded AI

AI agents are moving from novelty to necessity — but building them safely, predictably, and observably requires more than clever prompts. This workshop gives developers a practical introduction to AI agent engineering using Embabel, with an emphasis on the habits, patterns, and mental models needed to design trustworthy agents in real systems.

Across two focused sessions, you’ll learn how to ground agents in strong domain models (DICE), design goal-driven behaviours (GOAP), enforce safety through invariants and preconditions, and make every action explainable through observability.

You’ll run and inspect a fully working reference agent, extend its domain, add new actions, and validate behaviour through explainable planning logs. You'll explore how to select and deploy models tuned to provide the best and most cost-effective agent behaviour for your users.

By the end of this full day workshop, you’ll know how to:
Build agents anchored in typed domain models
Design composable, goal-oriented behaviours
Use preconditions and invariants as safety guardrails
Debug agents through explainability, not guesswork
Extend an agent with new domain objects and actions without breaking existing flows
Apply a repeatable habit stack for reliable agent engineering

Whether you’re designing workflow agents, platform automations, or domain-specific assistants, this workshop gives you the practical skills and engineering discipline to build agents that behave safely and reason predictably — fit for production, and even fit for regulated environments.

Bootiful Spring Boot: the Deep-Dive

Hi, Spring fans! Developers today are being asked to deliver more with less time and build ever more efficient services, and Spring is ready to help you meet the demands. In this workshop, we'll take a roving tour of all things Spring, looking at fundamentals of the Spring component model, look at Spring Boot, and then see how to apply Spring in the context of batch processing, security, data processing, modular architecture, miroservices, messaging, AI, and so much more.

Basics
which IDE? IntelliJ, VSCode, and Eclipse
your choice of Java: GraalVM
start.spring.io, an API, website, and an IDE wizard
Devtools
Docker Compose
Testcontainers
banner.txt
Development Desk Check
the Spring JavaFormat Plugin
Python, gofmt, your favorite IDE, and
the power of environment variables
SDKMAN
.sdkman
direnv
.envrc
a good password manager for secrets
Data Oriented Programming in Java 21+
an example
Beans
dependency injection from first principles
bean configuration
XML
stereotype annotations
lifecycle
BeanPostProcessor
BeanFactoryPostProcessor
auto configuration
AOP
Spring's event publisher
configuration and the Environment
configuration processor
AOT & GraalVM
installing GraalVM
GraalVM native images
basics
AOT lifecycles
Scalability
non-blocking IO
virtual threads
José Paumard's demo
Cora Iberkleid's demo
Cloud Native Java (with Kubernetes)
graceful shutdown
ConfigMap and you
Buildpacks and Docker support
Actuator readiness and liveness probes
Data
JdbcClient
SQL Initialization
Flyway
Spring Data JDBC
Web Programming
clients: RestTemplate, RestClient, declarative interface clients
REST
controllers
functional style
GraphQL
batches
Architecting for Modularity
Privacy
Spring Modulith
Externalized messages
Testing
Batch Processing
Spring Batch
load some data from a CSV file to a SQL database
Microservices
centralized configuration
API gateways
reactive or not reactive
event bus and refreshable configuration
service registration and discovery
Messaging and Integration
“What do you mean by Event Driven?”
Messaging Technologies like RabbitMQ or Apache Kafka
Spring Integration
files to events
Kafka
a look at Spring for Apache Kafka
Spring Integration
Spring Cloud Stream
Spring Cloud Stream Kafka Streams
Security
adding form login to an application
authentication
authorization
passkeys
one time tokens
OAuth
the Spring Authorizatinm Server
OAuth clients
OAuth resource servers
protecting messaging code

AI Security for Developers and Practitioners - full day

This full-day, hands-on workshop equips developers, architects, and technical leaders with the knowledge and skills to secure AI systems end-to-end — from model interaction to production deployment. Participants learn how to recognize and mitigate AI-specific threats such as prompt injection, data leakage, model exfiltration, and unsafe tool execution.

Through a series of focused labs, attendees build, test, and harden AI agents and Model Context Protocol (MCP) services using modern defensive strategies, including guardrails, policy enforcement, authentication, auditing, and adversarial testing.

The training emphasizes real-world implementation over theory, using preconfigured environments in GitHub Codespaces for instant, reproducible results. By the end of the day, participants will have created a working secure AI pipeline that demonstrates best practices for trustworthy AI operations and resilient agent architectures.

The course blends short conceptual discussions with deep, hands-on practice across eight structured labs, each focusing on a key area of AI security. Labs can be completed in sequence within GitHub Codespaces, requiring no local setup.
1.Lab 1 – Mapping AI Security Risks
Identify the unique attack surfaces of AI systems, including LLMs, RAG pipelines, and agents. Learn how to perform a structured threat model and pinpoint where vulnerabilities typically occur.
2.Lab 2 – Securing Prompts and Contexts
Implement defensive prompting, context isolation, and sanitization to mitigate prompt injection, hidden instructions, and data leakage risks.
3.Lab 3 – Implementing Guardrails
Use open-source frameworks (e.g., Guardrails.ai, LlamaGuard) to validate LLM outputs, enforce content policies, and intercept unsafe completions before delivery.
4.Lab 4 – Hardening MCP Servers and Tools
Configure FastMCP servers with authentication, scoped tokens, and restricted tool manifests. Examine how to isolate and monitor server–client interactions to prevent privilege escalation.
5.Lab 5 – Auditing and Observability for Agents
Integrate structured logging, trace identifiers, and telemetry into AI pipelines. Learn how to monitor for suspicious tool calls and enforce explainability through audit trails.
6.Lab 6 – Adversarial Testing and Red-Teaming
Simulate common AI attacks—prompt injection, model hijacking, and context poisoning—and apply mitigation patterns using controlled experiments.
7.Lab 7 – Policy-Driven Governance
Introduce a “security-as-code” approach using policy files that define allowed tools, query types, and data scopes. Enforce runtime governance directly within your agent’s workflow.
8.Lab 8 – Secure Deployment and Lifecycle Management
Apply DevSecOps practices to containerize, sign, and deploy AI systems safely. Incorporate secrets management, vulnerability scanning, and compliance checks before release.

Outcome:
Participants finish the day with a secure, auditable, and policy-controlled AI system built from the ground up. They leave with practical experience defending agents, MCP servers, and model workflows—plus learning for integrating security-by-design principles into future projects.

Personal Knowledge Management (PKM) for the Modern Knowledge Worker

Join us for a transformative handson workshop on Personal Knowledge Management (PKM), designed specifically to empower developers, architects, and knowledge workers alike to master information in this information age. Based on Tiago Forte's Building a Second Brain methodology and implemented using the Logseq PKM application, this course aims to equip attendees with the strategies, tools, and insights to streamline their knowledge management, increase productivity, and stimulate creativity. Attendees will learn to construct a personal knowledge graph, effectively annotate and reference digital assets, manage tasks, journal for success, leverage templates, and much more. The ultimate goal is to create a personalized system that enables you to instantly find or recall everything you know and learn.

Throughout this fullday, handson workshop, you will be guided to apply the concepts and practices learned to build your own personal knowledge graph. By the end of the session, you will have a comprehensive system to manage your knowledge effectively, enabling you to spend less time searching for notes or lost information and more time utilizing what you know and learn.

This workshop isn't just about learning new concepts or tools; it's about transforming your relationship with information and your productivity. The skills and practices you will learn are universally applicable, irrespective of the tools you use. We will show you how these methods work in Logseq, but the principles can be adapted to other platforms as well.

Join us for this transformative journey, and experience a significant shift in how you manage and utilize your knowledge, leading to increased productivity, creativity, and overall wellbeing in your personal and professional life.

Bring your curiosity, your questions, and your goals. We look forward to seeing you at the workshop!

Staying Grounded in the Chaos: The 4 Skills Every Tech Leader Needs

Leadership isn’t just about making the right calls — it’s about staying steady while everything around you moves fast. From managing tension in meetings, juggling shifting priorities, and fielding last-minute requests, to navigating unclear direction or supporting a stressed-out team, software leaders are constantly pulled in multiple directions. That’s where FLOW comes in: a practical, four-part skillset designed to help you handle pressure, stay grounded in uncertainty, and show up with clarity when it matters most.

You’ll learn how to Focus with Breath, Let It Go, Own Your Part, and Weave FLOW into Your Day through real-world leadership scenarios and peer-to-peer practice designed to reflect the complexity of actual moments you face. These aren't abstract ideas — they’re trainable skills you can use right away to lead with more clarity, presence, and effectiveness. If you’ve been running on adrenaline, reacting on autopilot, or just trying to hold it all together, this workshop will help you become a more nimble, flexible leader who gets the job done — with a whole lot less effort and a lot more ease.

A Back to Front Approach to Design Patterns

For many beginning and intermediate software engineers, design is something of a secret anxiety. Often we know we can create something that works, and we can likely include a design pattern or two tif only to give our proposal some credibility. But sometimes, we're left with a nagging feeling that there might be a better design, or more appropriate pattern, and we might not be really confident that we can justify our choices.

This session investigates the fundamental driving factors behind good design choices so we can balance competing concerns and confidently justify why we did what we did. The approach presented can be applied not only to design, but also to what's often separated out under the term “software architecture”.
Along the journey, we'll use the approach presented to derive several of the well known “Gang of Four” design patterns, and in so doing conclude that they are the product of sound design applied to a context and not an end in themselves.

Course outline
Background: three levels of “design”
Data structure and algorithm
Design
Software Architecture
Why many programmers struggle with design
What makes a design “better” or “worse” than any other?
The pressures of the real world versus a learning environment
A time-honored engineering solution
Identifying the problem
Dissecting the elements
Creating a working whole from the parts
Deriving three core design patterns from principles
Decorator
Strategy
Sidenote, why traditional inheritance is bad
Command or “higher order function”

Setup requirements
This course is largely language agnostic, but does include some live coding demonstrations. Attendees will have access to the code that's created via a git repo. The majority of the examples will work in any version of Java from version 11 onwards. You can use any Java development environment / IDE that you like and no other tooling is required.

Agentic, Assistive & Predictive AI Design Patterns

Building AI isn’t just about prompting or plugging into an API — it’s about architecture. This workshop translates Salesforce’s Enterprise Agentic Architecture blueprint into practical design patterns for real-world builders.

You’ll explore how Predictive, Assistive, and Agentic patterns map to Salesforce’s Agentforce maturity model, combining orchestration, context, and trust into cohesive systems. Through hands-on modules, participants design a Smart Checkout Helper using Agentforce, Data Cloud, MCP, and RAG—complete with observability, governance, and ROI mapping.

Key Takeaways

• Agentic Architecture Foundations: Understand multi-agent design principles — decomposition, decoupling, modularity, and resilience.

• Pattern Literacy- Apply patterns: Orchestrator, Domain SME, Interrogator, Prioritizer, Data Steward, and Listener.

• Predictive–Assistive–Agentic Continuum: Align AI maturity with business intent — from prediction and guidance to autonomous execution.

• RAG Grounding & Context Fabric: Integrate trusted enterprise data via Data Cloud and MCP for fact-based reasoning.

• Multi-Agent Orchestration: Implement Orchestrator + Worker topologies using A2A protocol, Pub/Sub, Blackboard, and Capability Router.

Governance & Trust: Embed privacy, bias mitigation, observability, and audit trails — design for CIO confidence.

Business Alignment: Use the Jobs-to-Be-Done and Agentic Map templates to connect AI outcomes with ROI.

Agenda
Module 1 – Enterprise Agentic Foundations

• • Why multi-agent architecture > monolithic AI.
• • Core principles: decomposition, decoupling, specialization, modularity.
• • Explore: Agentforce subsystems, Atlas Reasoning Engine, MCP, and A2A protocol.
• • Build: “Hello Agentforce” → Orchestrator + Worker Agent handshake.

Module 2 – The Big 3 Patterns: Predictive, Assistive, Agentic

• • Understand foresight → guidance → autonomy.
• • Map Salesforce maturity levels (1–4) to each pattern.
• • Build: Cart abandonment handled via Predictive, Assistive, and Agentic variants.

Module 3 – Predictive AI → Foresight in Systems

• • Forecast churn, fraud, demand with Data Cloud + Einstein GPT.
• • Pattern Fusion: Prioritizer + Generator + Predictive flow.
• • Build: Predictive scoring embedded in checkout journey.

Module 4 – Assistive AI → Guiding Humans

• • UX patterns: nudges, cards, contextual insights.
• • Listener/Feed Pattern for real-time context surfacing.
• • Build: Service Agent + Promotion Recommender (Next Best Action).

Module 5 – Agentic AI → Autonomy in Action

• • Orchestrator Pattern as Agentic Front Door.
• • Domain SME Pattern for Inventory or Orders.
• • Interrogator for context assembly and reasoning.
• • Build: Refund Agent with human-in-loop fallback and A2A coordination.

Module 6 – Agentic Map & Jobs-to-Be-Done Framework

• • Learn the Agentic Map Template (User, Agent, Context, Source layers).
• • Use JTBD to align patterns with business goals.
• • Exercise: Map Acquire → Convert → Fulfill → Support journeys to AI patterns.

Module 7 – RAG & Context Fabric

• • Why hallucinations occur and how RAG fixes them.
• • Combine vector DB + retriever + Agentforce knowledge actions.
• • Build: Checkout FAQ bot (returns, policies, catalog) with citations.

Module 8 – Multi-Agent Orchestration with MCP

• • Orchestrator/Supervisor → Worker → Capability Router flow.
• • Pub/Sub for events, Blackboard for shared memory.
• • Build: Checkout Agent → Inventory Agent → Pricing Agent → Orchestrator.

Module 9 – Governance & Guardrails

• • Identity & Access, Privacy, Bias Checks, Observability.
• • Patterns: Data Steward + Zen Data Gardener for trusted data ops.
• • Build: Add governance and logging to prototype via MCP telemetry.

Module 10 – From Prototype to Production

• • End-to-end demo of Smart Checkout Helper.
• • Agentic Pattern Matrix + Governance Checklist + ROI Storytelling.
• • Next steps for scaling Agentforce in your enterprise.

What You’ll Leave With

• • Working Smart Checkout Helper (Agentforce + MCP + RAG).
• • Decision Framework: Predictive vs Assistive vs Agentic.
• • Governance Checklist for trust & auditability.
• • Multi-Agent Playbook (Orchestrator, Supervisor, Capability Router).
• • Agentic Map Toolkit linking JTBD → AI → ROI.

AI 3-in-1: Agents, RAG and Local Models

Learning and understanding AI concepts is satisfying and rewarding, but the fun part is learning how to work with AI yourself. In this 1/2 day workshop, author, trainer, and experienced technologist Brent Laster will help you do both! We’ll explain why and how to run AI models locally, the basic ideas of agents and RAG, and show how to assemble a simple AI agent in Python that leverages RAG and uses a local model through Ollama. And you'll get to follow through with hands-on labs and produce your own instance running on your system in a GitHub Codespace

In this workshop, we'll walk you through what it means to run models locally, how to interact with them, and how to use them as the brain for an agent. Then, we'll enable them to access and use data from a PDF via retrieval-augmented generation (RAG) to make the results more relevant and meaningful. And you'll do all of this hands-on in a ready-made environment with no extra installs required.

No experience is needed on these technologies, although we do assume you do have a basic understanding of LLMs.

AI-Powered Coding with Claude Code

This 1/2 day workshop introduces participants to Claude Code, Anthropic’s AI-powered coding assistant. In three hours, attendees will learn how to integrate Claude Code into their development workflow, leverage its capabilities for productivity, and avoid common pitfalls. The workshop also introduces the concept of subagents (specialized roles like Planner, Tester, Coder, Refactorer, DocWriter) to show how structured interactions can improve accuracy and collaboration.

Format: 3-hour interactive workshop (2 × 90-minute sessions + 30-minute break).

Audience: Developers and technical professionals with basic programming knowledge.

Focus Areas:

Core capabilities and limitations of Claude Code.

Effective prompting and iteration techniques.

Applying Claude Code for code generation, debugging, refactoring, and documentation.

Using subagents for structured workflows as an optional advanced technique.

Deliverables:

5 hands-on labs (10–12 minutes each).

Experience with everyday Claude Code workflows plus a brief introduction to subagents.

Automating Security Fixes with OpenRewrite

Security problems empirically fall into two categories: bugs and flaws. Roughly half of the problems we encounter in the wild are bugs and about half are design flaws. A significant number of the bugs can be found through automated testing tools which frees you up to focus on the more pernicious design issues. 

 In addition to detecting the presence of common bugs as we have done with static analysis for years, however, we can also imagine automating the application of corrective refactoring. In this talk, I will discuss using OpenRewrite and the Moderne cli to fix common security issues and keep them from coming back.

In this talk we will focus on:

• Introducing the OpenRewrite OSS framework and demonstrate how it can automate common code remediation tasks.
• Using OpenRewrite and the Moderne cli to automatically identify and fix known security vulnerabilities including:
• Common Java flaws
• OWASP Top Ten
• Common Spring Issues
• Checking in credentials
• Integrating security scans with OpenRewrite for continuous improvement.
• Writing custom recipes for defining your own security policies
• Free up your time to address larger concerns by addressing the pedestrian but time-consuming security bugs.

Building Intelligent Spring Applications with Spring AI

By now, you've no doubt noticed that Generative AI is making waves across many industries. In between all of the hype and doubt, there are several use cases for Generative AI in many software projects. Whether it be as simple as building a live chat to help your users or using AI to analyze data and provide recommendations, Generative AI is becoming a key piece of software architecture.

So how can you implement Generative AI in your projects? Let me introduce you to Spring AI.

For over two decades, the Spring Framework and its immense portfolio of projects has been making complex problems easy for Java developers. And now with the new Spring AI project, adding Generative AI to your Spring Boot projects couldn't be easier! Spring AI brings an AI client and templated prompting that handles all of the ceremony necessary to communicate with common AI APIs (such as OpenAI and Azure OpenAI). And with Spring Boot autoconfiguration, you'll be able to get straight to the point of asking questions and getting answers your application needs.

In this handson workshop, you'll build a complete Spring AIenabled application applying such techniques as prompt templating, Retrieval Augmented Generation (RAG), conversational history, and tools invocation. You'll also learn prompt engineering techniques that can help your application get the best results with minimal “hallucinations” while minimizing cost.

Demystifying Generative AI

Everybody is talking about Generative AI and models that are better than anything else before. What are they really talking about?

In this workshop with some hands-on exercise, we will discuss Generative AI in theory and will also try it in practice (with free access to an Oracle LiveLab cloud session to learn about Vector Search).  You'll be able to understand what Generative AI is all about and how it can be used.

The content will include:

• What is Generative AI?
• What is LLM?
• Interacting with LLM models
• Prompt engineering
• Vectors, embedding models and generating embeddings
• Vector Search with Oracle Database 23ai
• Understanding RAG (Retrieval Augmented Generation)

Enforcing Architecture Decisions Using Tests

In the fast-paced world of software development, maintaining architectural integrity is a
continuous challenge. Over time, well-intended architectural decisions can erode, leading to unexpected drift and misalignment with original design principles.

This hands-on workshop will equip participants with practical techniques to enforce architecture decisions using tests. By leveraging architecturally-relevant testing, attendees will learn how to proactively guard their system's design, ensuring consistency, scalability, and security as the codebase evolves. Through interactive exercises and real-world examples, we will explore how testing can serve as a powerful tool for preserving architectural integrity throughout a project's lifecycle.

Key Takeaways
Participants will learn to:
Write architecture-driven tests that validate and enforce design constraints.
Identify architectural drift early and prevent unintended changes.
Maintain consistent, scalable, and secure architectures over time.
Collaborate effectively within teams to sustain architectural excellence.
Prerequisites
Basic Understanding of Software Architecture: Familiarity with architectural patterns and
principles
Experience with Automated Testing: Understanding of unit, integration, or system testing
concepts
Collaboration and Communication Skills: Willingness to engage in discussions and
teamwork
Experience working with Java
Optional
Familiarity with Static Analysis and Code Quality Tools: Knowledge of tools like ArchUnit,
SonarQube, or custom linters is beneficial but not required
Experience with Large-Scale Systems: Prior work on complex systems can enhance the

Key Takeaways:

Participants will learn to:
Write architecture-driven tests that validate and enforce design constraints.
Identify architectural drift early and prevent unintended changes.
Maintain consistent, scalable, and secure architectures over time.
Collaborate effectively within teams to sustain architectural excellence.

Prerequisites:

Basic Understanding of Software Architecture: Familiarity with architectural patterns and principles
Experience with Automated Testing: Understanding of unit, integration, or system testing concepts
Collaboration and Communication Skills: Willingness to engage in discussions and
teamwork
Experience working with Java

Optional
Familiarity with Static Analysis and Code Quality Tools: Knowledge of tools like ArchUnit,
SonarQube, or custom linters is beneficial but not required
Experience with Large-Scale Systems: Prior work on complex systems can enhance the

Engineering Autonomous Agents with Embabel and Spring

The “Hello, World” of Spring AI involves sending a prompt and receiving a text response. This is no longer enough for production. To build enterprise grade AI, we must move beyond simple request and response cycles toward autonomous agents capable of reasoning, planning, and executing complex workflows. The challenge is doing this without losing the type safety, observability, and domain driven design that makes the Java ecosystem the backbone of enterprise software.

Join us for a three hour deep dive into Embabel, the new JVM framework from Rod Johnson designed for disciplined agentic AI. This workshop moves past the “if-else” mess of basic orchestration and introduces an architecture based on OODA loops and Goal Oriented Action Planning (GOAP).

Part 1: From Prompting to Planning (90 Minutes)
In the first half, we move from imperative logic to Goal Oriented orchestration. You will learn the core philosophy of Embabel and how it uses the OODA loop (Observe, Orient, Decide, Act) to maintain stateful awareness. This module focuses heavily on DICE (Domain-Integrated Context Engineering) which allows you to move beyond simple RAG by injecting your existing Java domain models directly into the agent’s reasoning process. You will learn the planning mindset by defining clear goals rather than rigid paths, allowing the AI to navigate your business rules dynamically.

Part 2: Building the Digital Worker (90 Minutes)
The second half is a hands-on lab where we turn theory into a functioning agent. We will explore the process of turning your existing Spring Beans into AI Actions by defining preconditions and effects so that Embabel can construct plans without infinite loops. We will also address what happens when an LLM hallucinates or a tool fails. This includes exploring advanced patterns for error handling and plan repair to demonstrate why the JVM is the superior environment for mission critical AI.

By the end of this workshop, you will have built a functional Digital Worker capable of navigating a complex domain and interacting with real Spring managed services. You will leave with a local prototype and a blueprint for bringing agentic AI to your organization. Participants should have experience with Spring Boot and Java or Kotlin as well as a laptop with a JDK 17+ environment.

Stop just calling APIs and start building workers. This workshop provides a code heavy look at the future of Java backend development where systems do not just respond to requests but actively work to achieve goals.

Git features you aren't using

Git continues to see improvements daily. However, work (and life) can take over, and we often miss the latest changelog. This means we don't know what changed, and consequently fail to see how we can incorporate those in our usage of Git.

In this session we'll take a tour of some features that you might or might not have heard of, but can significantly improve your workflow and day-to-day interaction with Git.

Git continues to see improvements daily. However, work (and life) can take over, and we often miss the changelog. This means we don't know what changed, and consequently fail to see how we can incorporate those in our usage of Git.

In this session we will look at some features you are probably aware of, but haven't used, alongside new features that Git has brought to the table.

Inside MCP: Live Protocol Messages, Real-Time Flows, and Smarter Agents

You’ve heard the buzz — now roll up your sleeves and build with it. In this hands-on workshop, you’ll learn exactly how the Model Context Protocol (MCP) works — and you’ll write your own MCP server tool from scratch, then author an Agent that uses it to deliver real-time, context-aware help right inside your dev flow.

We’ll break down the raw MCP protocol step by step:
• How it streams context between your IDE and Agents
• How messages are structured and exchanged
• How to wire up an MCP Client to talk to your new tool

By the end, you’ll not only understand the protocol — you’ll have built a working MCP server tool and your own Agent that plugs into it to automate tasks, provide better suggestions, and boost your productivity.

Bring your curiosity — and your laptop — because you’ll walk away with practical code, a working prototype, and the confidence to build and

Java Generics Clarified

Java's Generics syntax provides us with a means to increase the reusability of our code by allowing us to build software, particularly library software, that can work on many different types, even with limited knowledge about those types. The most familiar examples are the classes in Java's core collections API which can store and retrieve data of arbitrary types, without degenerating those types to java.lang.Object.
However, while the generics mechanism is very simple to use in simple cases such as using the collections API, it's much more powerful than that. Frankly, it can also be a little puzzling.

This session investigates the issues of type erasure, assignment compatibility in generic types, co- and contra-variance, through to bridge methods.

Course outline
Type erasure
Two approaches for generics and Java's design choice
How to break generics (and how not to!)
Maintaining concrete type at runtime
Assignment compatibility of generic types
What's the problem–Understanding Liskov substitution in generic types
Co-variance
Two syntax options for co-variance
Contra-variance
Syntax for contra-variance
Worked examples with co- and contra-variance
Building arrays from generic types
Effective use of functional interfaces
Bridge methods
Review of overloading requirements
Faking overloading in generic types
Setup requirements

This course includes extensive live coding demonstrations and attendees will have access to the code that's created via a git repo. The majority of the examples will work in any version of Java from version 11 onwards, but some might use newer library features. You can use any Java development environment / IDE that you like and no other tooling is required.

Java Testing Lab: Test Driven Development (with Ai)

In this half-day workshop, we’ll practice Test-Driven Development (TDD) by solving a real problem step by step. You’ll learn how to think in tests, write clean code through refactoring, and use your IDE and AI tools effectively. We’ll also explore how modern Java features (like lambdas and streams) enhance testability, and discuss what’s worth testing — and what’s not.

• Process of Testing
• Refactoring and Clean Code
• Benefits
• Setting a Project
• Using IDEs to your absolute advantage
• What role do new Java 8 Lambdas play in testing
• What to test and what not to test
• Integration with Ai
• Property-Based Testing

Mastering Platform Engineering: From Design to Value

Internal developer platforms hold promise: faster delivery, better reliability, happier engineers. Yet they often stall—caught in organisational inertia, tool complexity, and unclear value.

These two high-impact 90-minute sessions give you the core mental models and practical artefacts to shift from tool-chase to strategic platform value. You’ll walk away with real maps, a clear focus, and next-step experiments—not just ideas. If you’re looking to make your platform team a force for value, not just operations, this compact format delivers.

By the end of the workshop you'll know:
How to see your platform ecosystem clearly using tools like Wardley Mapping, User Needs Mapping, Value Stream Mapping and OODA loops.
How to treat the platform as a product, shifting mindset from internal project to self-service, developer-centric product.
How to apply the pattern language of platform design (Golden Path, Self-Service, Abstraction, Composability, Guardrails, Observability, Extensibility, Incremental Roll-out).
How to use DSRP + UNM + VSM to reveal where value stalls, flow breaks, and cognitive load spikes.
How to design smallest viable changes, build an impact roadmap, and influence adoption through “Elephant & Rider” thinking (rational vs emotional mindsets).
You'll also get a sneak peek into the future of platforms: AI/automation, evolving loops, and building resilience into your ecosystem.
If your platform team is stuck in the grind—shipping tickets, fighting fires, juggling tools, and wondering why nothing ever seems to change—this workshop will give you the clarity and leverage you’ve been missing. You’ll learn to read your organisation like a map: where value flows, where it dies, where cognitive load spikes, and where small, strategic platform moves can unlock disproportionate impact.

This isn’t another “tools tour”. Whether you’re building an IDP from scratch or rescuing one that’s drifting, you’ll leave with a clear roadmap, a set of tested patterns, and the influence skills to actually make the work land. Platform engineering is no longer about managing complexity—it’s about creating the conditions where developers can thrive. Join us, map your ecosystem, design the future, and turn your platform team into the strategic engine your organisation needs.

By the end of this half day workshop you'll know:

How to see your platform ecosystem clearly using tools like Wardley Mapping, User Needs Mapping, Value Stream Mapping and OODA loops.
How to treat the platform as a product, shifting mindset from internal project to self-service, developer-centric product.
How to apply the pattern language of platform design (Golden Path, Self-Service, Abstraction, Composability, Guardrails, Observability, Extensibility, Incremental Roll-out).
How to use DSRP + UNM + VSM to reveal where value stalls, flow breaks, and cognitive load spikes.
How to design smallest viable changes, build an impact roadmap, and influence adoption through “Elephant & Rider” thinking (rational vs emotional mindsets).
You'll also get a sneak peek into the future of platforms: AI/automation, evolving loops, and building resilience into your ecosystem.
If your platform team is stuck in the grind—shipping tickets, fighting fires, juggling tools, and wondering why nothing ever seems to change—this workshop will give you the clarity and leverage you’ve been missing. You’ll learn to read your organisation like a map: where value flows, where it dies, where cognitive load spikes, and where small, strategic platform moves can unlock disproportionate impact.

This isn’t another “tools tour”. Whether you’re building an IDP from scratch or rescuing one that’s drifting, you’ll leave with a clear roadmap, a set of tested patterns, and the influence skills to actually make the work land. Platform engineering is no longer about managing complexity—it’s about creating the conditions where developers can thrive. Join us, map your ecosystem, design the future, and turn your platform team into the strategic engine your organisation needs.

Platform Engineering: The What, Why & How

Platform engineering is the latest buzzword, in a industry that already has it's fair share. But what is platform engineering? How does it fit in with DevOps and Developer Experience (DevEx)? And is this something your organization even needs?

In this session we will aim to to dive deep into the world of platform engineering. We will see what platform engineering entails, how it is the logical succession to a successful DevOps implementation, and how it aims to improve the developer experience. We will also uncover the keys to building robust, sustainable platforms for the future

Prompt Engineering Accelerator for AI

In this intensive 3-hour hands-on workshop, you'll learn to master the art and science of prompt engineering. Learn systematic frameworks for constructing effective prompts, from foundational elements to cutting-edge techniques including multi-expert prompting, probability-based optimization, and incentive framing. Through five progressive labs using Ollama and llama3.2:3b in GitHub Codespaces, you'll build production-ready templates and see quality improvements in real-time. Leave with immediately applicable techniques, reusable prompt patterns, and a decision framework for selecting the right approach for any AI task.

Modern AI systems deliver many capabilities, but their effectiveness depends entirely on how well they're prompted. This intensive workshop transforms prompt engineering from trial-and-error guesswork into a systematic, measurable discipline. You'll learn proven frameworks for constructing effective prompts and learn cutting-edge optimization techniques that deliver quality improvements in real-world applications.
Through five hands-on labs in GitHub Codespaces, you'll work with Ollama hosting llama3.2:3b to implement each technique, measure its impact, and build reusable templates. Every concept is immediately validated with code you can deploy tomorrow.

What You'll Master
The workshop progresses through five core competency areas, each reinforced with a practical lab:
Foundations of Effective Prompting begins with the six essential elements every prompt needs: task definition, context, constraints, role assignment, output format, and examples. You'll systematically transform a poorly-constructed prompt into an optimized version, measuring quality improvements at each step. This foundation eliminates the guesswork and establishes a repeatable framework for all future prompt engineering work.

Pattern-Based Techniques introduces few-shot learning and Chain of Thought (CoT) reasoning. Few-shot prompting teaches models through examples rather than explanations, dramatically improving consistency on classification and transformation tasks. Chain of Thought makes reasoning transparent, improving accuracy on complex problems by 20-40% while enabling you to verify the model's logic. You'll build a classification system and compare zero-shot, few-shot, and CoT approaches with measurable accuracy metrics.

Advanced Structural Techniques combines role-based prompting, structured outputs, and constrained generation into enterprise-ready patterns. You'll create an API documentation generator that uses expert personas, enforces strict formatting requirements, outputs reliable JSON, and maintains 90%+ consistency across diverse inputs. This lab produces production templates with automated validation—patterns you can immediately deploy in your organization.

Cutting-Edge Methods explores two powerful techniques gaining traction in 2025-2026. Multi-expert prompting simulates a council of experts (technical, business, security) analyzing complex decisions from multiple perspectives, catching blind spots that single-perspective prompts miss. Reverse prompting flips the traditional interaction: instead of you trying to perfectly specify requirements, the AI asks clarifying questions to discover what you really need. You'll measure 40-60% improvements in decision quality and 80-90% gains in requirement clarity.

Probabilistic and Incentive-Based Optimization introduces the latest research-backed techniques for extracting maximum quality from language models. Stanford's breakthrough probability-based prompting—requesting multiple responses with confidence scores—improves reliability by 30-50% on ambiguous tasks. Incentive framing (yes, “This is critical” and “Take your time” actually work) increases thoroughness by 20-40%. Combined, these techniques deliver 50-70% quality improvements on high-stakes decisions.

Red, Green, Collaborate: Test-Driven Development with AI

In this immersive, hands-on workshop, participants will learn how to combine the discipline of Test-Driven Development with the creative support of AI-powered pair programming.

Working in pairs, developers will build a Booking system from scratch using Java and VS Code, progressively applying the red-green-refactor cycle while integrating AI assistance for test authoring and design validation.

This workshop emphasizes practical workflow habits; starting from unit tests, iterating with context-driven prompts, and applying refactoring techniques, to help participants write more reliable, maintainable, and thoughtful code.

By the end of this workshop, participants will be able to:

Apply the TDD cycle Red → Green → Refactor) effectively while coding a real-world service
Collaborate with AI tools to generate, refine, and extend test cases responsibly
Pass contextual prompts to guide AI toward meaningful, domain-relevant test generation Recognize design and code smells that emerge in the refactor phase and correct them through iterative improvement
Balance speed and intent—leveraging AI to accelerate feedback without compromising software quality
Reflect on workflow improvements, communication with AI tools, and ethical implications of AI-assisted testing

Rust : Making Software Fast and Safe

New languages often carry an operational burden to deployment and involve tradeoffs of performance for safety. Rust has emerged as a powerful, popular, and increasingly widely-used language for all types of development. Come learn why Rust is entering the Linux kernel and Microsoft and Google are favoring it for new development over C++.

This Introduction to Rust will introduce the students to the various merits (and complexities) of this safe, fast and popular new programming language that is taking the world by storm. This
three day course will cover everything students from various backgrounds will need to get started as a successful Rust programmer.

Attendees will Learn about and how to:

• Understand the purpose and consequences of Rust's Memory model
• The concept of ownership and borrowing
• The robust and friendly toolchains
• Idiomatic Rust practices
• The basics of lifetimes
• The Rust Standard Library
• Generics and Traits
• The power of Pattern Matching

Securing LLMs: DevSecOps in the Age of AI

As enterprises rush to embed large language models (LLMs) into apps and platforms, a new AI-specific attack surface has emerged. Prompt injections, model hijacking, vector database poisoning, and jailbreak exploits aren’t covered by traditional DevSecOps playbooks.

This full-day, hands-on workshop gives architects, platform engineers, and security leaders the blueprint to secure AI-powered applications end-to-end. You’ll master the OWASP LLM Top 10, integrate AI-specific controls into CI/CD pipelines, and run live red-team vs blue-team exercises to build real defensive muscle.

Bottom line: if your job involves deploying, securing, or governing AI systems, this workshop shows you how to do it safely—before attackers do it for you.

What You’ll Learn

• Where LLM vulnerabilities arise—and how attackers exploit them
• How to apply the OWASP LLM Top 10 to enterprise pipelines
• Building AI-specific guardrails: input sanitization, output filters, role controls
• Embedding AI-aware scans and tests into GitHub/GitLab CI/CD workflows
• Securing RAG systems, vector databases, and multi-agent environments
• Red-team tactics (prompt injection, vector poisoning) and defensive countermeasures
• Metrics and frameworks to prove AI security posture to executives and regulators

Who Should Attend

• Software Architects designing AI-powered systems
• Platform Engineers & DevSecOps Leads embedding LLMs into pipelines
• Security Engineers assessing AI attack surfaces
• CTOs, CISOs & Product Owners accountable for safety, trust, and compliance

Takeaways

• OWASP LLM Top 10 → Mitigation Playbooks
• Templates with AI-aware guardrails
• Risk scoring model for AI attack surfaces
• Red-/Blue-team lab scripts to rerun in your org
• Executive briefing deck to align security with compliance & business impact

Agenda

Module 1 – The New AI Attack Surface

• Anatomy of an LLM-powered app (prompts, RAG, embeddings, agents)
• Why traditional DevSecOps misses AI-native risks
• Mapping AI threats to enterprise trust boundaries

Module 2 – OWASP LLM Top 10 Deep Dive

• Prompt injection & jailbreak exploits
• Training data leakage & poisoning
• Excessive agency in autonomous agents
• Vector database & plugin/toolchain exploits
• Model theft, shadow prompting, and output handling flaws

Module 3 – DevSecOps Patterns for LLMs

• Designing input/output filters and schema validation
• Prompt fuzzing, red teaming, and adversarial testing
• Embedding AI guardrails into GitHub/GitLab CI/CD workflows
• AI firewalls, inference governance, and runtime monitoring

Module 4 – Real-World Threat Simulations

• Live prompt injection on an AI agent
• Poisoning a vector database to manipulate RAG retrieval
• Detection strategies for abnormal prompts and outputs
• Hands-on ethical hacking tools for LLMs

Module 5 – Business Impact & Mitigation Framework

• Risk scoring and prioritization for AI systems
• Aligning AI security with KPIs: trust, uptime, compliance, brand protection
• NIST AI RMF, ISO/IEC 42001, and EU AI Act readiness
• Delivering an executive-ready AI security scorecard

Web Security for APIs

There's a clear need for security in the software systems that we build. The problem for most organizations is that they don't want to spend any money on it. Even if they did, they often have no idea how much to spend. No particular initiative is likely to imbue your system with “security”, but a strong, deep defensive approach is likely to give you a fighting chance of getting it right.

Web Security as applied to APIs in particular are an important part of the plan. In this workshop, we'll show you how approaches to defining “enough” as well as concrete techniques to employ incrementally in your designs.

In this workshop, we will pick a hands on framework for implementation, but the ideas will generally be standards-based and transcend technology choice so you should have a strategy for mapping the ideas into your own systems.

We will cover a broad range of topics including:

• The concepts behind Building Security in
• Designing for Security
• Authentication and Authorization Strategies
• Identity Management
• Protecting Data in transit
• Protecting Data at rest
• Frameworks for selecting security features
• Attack and Threat Models for APIs

What's New In Java Half-Day Part 1

Java has quietly grown into a more expressive, flexible, and modern language — but many developers haven’t kept up with the latest features. This two-part workshop explores the most useful additions to Java from recent releases, with hands-on examples and real-world scenarios.

Whether you’re still catching up from Java 8 or already using Java 21+, this series will give you a practical edge in writing cleaner, more modern Java code.

• sealed classes
• record
• Pattern Matching
• Text Blocks
• switch expressions
• Stream Gatherers
• Flexible Constructor Bodies

What's New In Java Half-Day Part 2

Java has quietly grown into a more expressive, flexible, and modern language — but many developers haven’t kept up with the latest features. This two-part workshop explores the most useful additions to Java from recent releases, with hands-on examples and real-world scenarios.

Whether you’re still catching up from Java 8 or already using Java 21+, this series will give you a practical edge in writing cleaner, more modern Java code.

• Implicitly Declared Classes & Enhanced Main Methods
• Simple Web Server
• HTTPClient
• Multi-File Source Launching
• JShell
• Stable Values