David Schwartz
Software Architect at Next Insurance
Bet Shemesh, Israel
Actions
I am a hands-on Architect, with a proven record of delivering scalable, secure, and flexible enterprise systems. I am passionate about clean, readable, tested code and delivering excellent value to clients.
I currently serve as a Software Architect at Next Insurance. Our company provides small businesses with tailored, no hassle insurance at a significant discount by using AI and automation.
At my previous company (NI), I also served as the Lead of the Product Security Chapter, which focused on advancing NI's security posture using their SDL, Threat Modeling, Certifications, and lots of training.
Area of Expertise
Topics
Threat Modelling - The Ultimate Push Left for Security
We all want to release secure software without slowing down our releases. While tools can help, the ultimate technique for delivering secure and on time is to get your developers to think security from the start.
This is where Threat Modeling really shines. For the cost of a 30 minute meeting, you can find and resolve security issues before the first line of code is written. More importantly, you can help developers to change their mindset to be more security focused, and give them the tools to build safer, better software from the start. The result is fewer last minute security surprises, and more secure solutions.
In this session, we will explore:
1) What is Threat Modeling?
2) How can Threat Modeling save your company money while advancing security?
3) How can Threat Modeling resolve the tension between your Development, Security, and Operations Teams?
4) A quick guide to starting threat modeling today for almost no cost.
Monitoring Business Metrics to Reliably Catch Downtime
There’s nothing worse than discovering an outage hours after it starts—especially when your customers notice first. Every minute of downtime can mean lost sales, frustrated users, and damage to your brand. But how do you detect problems that traditional monitoring tools miss?
Most tools focus on technical metrics like CPU, memory, or error rates. But what about outages that don’t cause 500s? From expected failure flows that become problematic at scale to missing instrumentation on key business logic, many real-world issues slip through the cracks.
After one such issue went undetected for four hours—directly impacting revenue—we knew we had to do better. In this talk, you'll learn how we built a real-time monitoring system using business metrics reported via Prometheus to detect what technical metrics couldn't.
Whether you're building a monitoring setup from scratch or leveling up your existing one, you'll leave with ideas to better protect uptime, revenue, and customer trust.
Key Takeaways:
How to instrument key business flows for visibility
Set up a useful dashboard for diagnosing and detecting outages
Alerting strategies that catch real problems (without alert fatigue)
Lessons learned, trade-offs made, and practical tips
First Presented at Software Architecture Global Summit 2025
https://geekle.us/schedule/wsas25
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top