Florian Lenz
Fractional Principal Architect · Microsoft Azure MVP · Building Azure platforms .NET teams actually love
Fractional Principal Architect · Microsoft Azure MVP · Building Azure platforms .NET teams actually love
Köln, Germany
Actions
Florian Lenz is a Microsoft Azure MVP and Cloud Architect with over 10 years of experience building secure, scalable cloud platforms on Microsoft Azure. He specializes in Azure Landing Zones, DevSecOps, Infrastructure as Code, and cloud-native architectures, and has worked across industries including energy, finance, retail, and software.
As a speaker, author, and content creator, Florian shares practical lessons from real-world projects through conference talks, articles, and his YouTube channel—helping engineers and teams design systems that are secure, maintainable, and built for long-term success.
Florian Lenz ist Microsoft Azure MVP und Cloud-Architekt mit über 10 Jahren Erfahrung in der Entwicklung sicherer, skalierbarer Cloud-Plattformen in Microsoft Azure. Er ist spezialisiert auf Azure Landing Zones, DevSecOps, Infrastructure as Code und Cloud-native Architekturen und hat in verschiedenen Branchen gearbeitet, darunter Energieversorgung, Finanzdienstleistung und Einzelhandel.
Als Redner, Autor und Content Creator teilt Florian praktische Erkenntnisse aus realen Projekten in Konferenzvorträgen, Artikeln und auf seinem YouTube-Kanal und hilft Softwareentwicklern und Teams dabei, sichere, wartungsfreundliche und auf langfristigen Erfolg ausgelegte Systeme zu entwickeln.
Badges
Area of Expertise
Topics
Platform Engineering for .NET Teams: Build the Azure Foundation Your Team Will Actually Use en
Most Azure environments didn't get designed; they accumulated. The result is slow deployments, unclear costs, and infrastructure that nobody dares to touch.
In this session, Microsoft Azure MVP Florian Lenz will share a battle-tested blueprint for building a production-ready internal developer platform on Azure that is specifically optimized for .NET teams. You will see real platform-as-a-product patterns, self-service infrastructure provisioning with subscription vending, and developer portals that reduce cognitive load.
Every pattern comes from real-world engagements with companies in the energy, finance, and SaaS industries. You will walk away with a concrete architecture that you can start implementing the week you return home without having to rebuild everything from scratch.
From Layers to Lambdas: The WebAssembly Reboot of Serverless on Azure en
We spent years rearranging the same architectural boxes. Three-Tier Architecture evolved into Clean Architecture, which then evolved into Vertical Slice Architecture. Each shift solved the problems created by the previous one, steadily moving us toward smaller, more focused deployment units.
WebAssembly may be the point where that journey converges into truly portable serverless applications.
For the first time, serverless workloads can be packaged as lightweight, portable artifacts while maintaining Kubernetes-native operations.
In this session, we will build and deploy a portable WebAssembly function that runs on Kubernetes with sub-millisecond startup times, event-driven scaling down to zero, distributed state, and full observability on the Azure Kubernetes Service. Unlike traditional cloud functions, these components are not tied to a vendor runtime, proprietary hosting model, or platform-specific API surface. They are portable application artifacts that can run on any Kubernetes cluster.
We will briefly discuss the evolution from layered architectures to vertical slice architecture, focusing on how application boundaries became smaller, more autonomous, and increasingly deployment-oriented. The rest of the session is hands-on.
By the end, you will have a working repository that you can immediately clone, as well as a practical understanding of where WebAssembly-based serverless fits in real systems and when managed platforms, such as Azure Functions, are the better engineering choice.
Ich habe STACKIT getestet, damit du es nicht musst de
STACKIT wächst schnell und positioniert sich als europäische Alternative zu den großen Hyperscalern. Mit Kubernetes, Managed Databases, AI Model Serving, Terraform-Support und einem eigenen Marketplace hat die Plattform in kurzer Zeit ein beachtliches Portfolio aufgebaut.
Doch wie gut funktioniert das Ganze im Alltag wirklich?
In diesem Vortrag deploye ich live eine reale Anwendung in STACKIT und zeige, wie sich die Plattform aus Sicht von Entwicklern und Cloud-Teams tatsächlich anfühlt, ohne Marketingfolien und Hochglanzdemos.
Dabei geht es um Fragen wie:
- Wie gut funktioniert die Developer Experience?
- Welche Services sind bereits produktionsreif?
- Wo gibt es noch Einschränkungen?
- Für welche Workloads ist STACKIT heute schon eine realistische Option?
Zusätzlich ordne ich STACKIT im Vergleich zu etablierten Plattformen wie Azure ein.
Der Vortrag richtet sich an Cloud-Architekten, Cloud-Entwickler und technische Entscheider, die bewerten müssen, welche Cloud-Plattformen sich für die Workloads ihres Unternehmens eignen.
Nach dem Vortrag können Sie realistisch einschätzen, ob STACKIT für Ihre Anforderungen bereits heute relevant ist.
Securing Your Supply Chain Without Slowing Down Your Dev Team en de
This session is not just a theoretical warning.
Over the past year, npm has evolved from a place where supply chain attacks occur to a place where they occur on a schedule. S1ngularity in August: Then, in September, there was Chalk and Debug, which affected 18 packages and involved billions of weekly downloads. Then came Shai-Hulud, a self-replicating worm that scans machines for secrets and publishes them to a public repository.
Security researchers no longer call this a spike. They call it the new baseline.
In nearly every one of these attacks, nothing appeared to be wrong. The pipeline stayed green. The tests passed. Developers had no idea that their CI secrets, cloud credentials, and deployment tokens had already been exfiltrated. Many still don't know if a compromised version is sitting in their lockfile right now.
Every day, millions of developers run npm install without a second thought. It's muscle memory. That's how modern software is built. It's also how attackers get in.
This talk will show you exactly how, with a live demo of a single malicious package silently draining secrets while everything appears normal. Then, we break down the attack vectors.
Finally, Florian present the part that most security talks skip: a practical, actionable playbook for securing an Azure DevOps pipeline using existing tools, with no additional budget and no measurable impact on your team's velocity.
Securing Your Supply Chain Without Slowing Down Your Team en de
Jeden Tag führen Millionen von Entwicklern „npm install“ aus, ohne darüber nachzudenken. Es ist reine Routine. Es geht schnell. So wird moderne Software entwickelt. Und genau so verschaffen sich Angreifer zunehmend Zugang.
Angriffe auf die Software-Lieferkette sind zu einem der effektivsten und am wenigsten beachteten Angriffsvektoren in der Branche geworden. Nicht weil sie besonders ausgeklügelt sind, sondern weil wir unseren gesamten Entwicklungs-Workflow darauf aufgebaut haben, Code zu vertrauen, den wir nicht geschrieben haben, der von Leuten stammt, die wir nie getroffen haben, und der automatisch von Tools installiert wird, die wir kaum konfigurieren.
Diese Session ist keine theoretische Warnung. Es ist eine Live-Demonstration, wie ein einziges bösartiges npm-Paket still und leise Ihre CI-Geheimnisse, Ihre Cloud-Anmeldedaten und Ihre Deployment-Token abzieht, während Ihre Pipeline grün bleibt und niemand etwas bemerkt.
Und dann ist es ein praktischer, sofort umsetzbarer Leitfaden, um das Problem zu beheben.
DWX 26 Sessionize Event Upcoming
CodeBuzz 2026 Sessionize Event
Techorama 2025 Netherlands Sessionize Event
DWX - Developer Week '25 Sessionize Event
Experts Live Germany 2025 Sessionize Event
Tech passion day 2025 Sessionize Event
WeAreDevelopers World Congress 2024 Sessionize Event
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top