Ken Sipe
Salt Lake Software Symposium
Salt Lake City · July 9 - 10, 2010

Cloud Architect & Tech Leader
Ken is a distributed application engineer. Ken has worked with Fortune 500 companies to small startups in the roles of developer, designer, application architect and enterprise architect. Ken's current focus is on containers, container orchestration, high scale micro-service design and continuous delivery systems.
Ken is an international speaker on the subject of software engineering speaking at conferences such as JavaOne, JavaZone, Great Indian Developer Summit (GIDS), and The Strange Loop. He is a regular speaker with NFJS where he is best known for his architecture and security hacking talks. In 2009, Ken was honored by being awarded the JavaOne Rockstar Award at JavaOne in SF, California and the JavaZone Rockstar Award at JavaZone in Oslo, Norway as the top ranked speaker.
Presentations
Debugging your Production JVM
So your server is having issues? memory? Connections? Limited response? Is the first solution to bounce the server? Perhaps change some VM flags or add some logging? In todays Java 6 world, with its superior runtime monitoring and management capabilities the reasons to the bounce the server have been greatly reduced.
So you want to be an Architect
This session is a quick look at all aspects of being a corporate software architect. Whither you are a developer looking to move into the role of architect, needing to have an understanding of what is expected or already in the role of software architect looking for new and interesting ideas, this session is for you.
Enter The Gradle
This presentation introduces the audience to the power of Gradle through many real-world examples that are demonstrated live. By the end of the presentation, you'll understand how Gradle helps to elegantly solve the challenges that we face in our daily enterprise builds.
Enterprise Security API library from OWASP
When it comes to cross cutting software concerns, we expect to have or build a common framework or utility to solve this problem. This concept is represented well in the Java world with the loj4j framework, which abstracts the concern of logging, where it logs and the management of logging. The one cross cutting software concern which seems for most applications to be piecemeal is that of security. Security concerns include certification generation, SSL, protection from SQL Injection, protection from XSS, user authorization and authentication. Each of these separate concerns tend to have there own standards and libraries and leaves it as an exercise for the development team to cobble together a solution which includes multiple needs…. until now… Enterprise Security API library from OWASP.
XSS-Proof
Companies have focused for years to solidify the back-end infrastructure in defense against hacking attempts. Most companies however are forced to open up many ports including port 80 (http) for users to access web applications among other resources. This has lead to web attacks growing to be the #1 classification of hacker attacks today. In this space Cross Site Scripting (XSS) is the #1 ranked vulnerability affecting a large number of sites. This evolution requires that the understanding of securing an application move beyond sys admins and incorporate all aspects of system delivery for the protection of a system and system resources.