FireTail present at the BlackHat Europe open source Arsenal 2022
FireTail presented at the BlackHat Europe open source Arsenal in December 2022, showcasing our open source code library for real-time, inline API security checking.
FireTail was selected again to present at the world's top cybersecurity conference - this time at BlackHat Europe 2022.
Specifically, we showcased our API security library as open source for the first time at a European event.
What does FireTail inspect?
FireTail sits on top of popular open source frameworks for building web services and APIs, like OpenAPI/Swagger, Express and Rails, and then provides in-line security processing of the API calls. FireTail checks for (in sequential order):
1. API call is hitting a valid route using a valid method. This allows for a zero-trust, declarative API structure, with proper error handling at the HTTP layer.
2. Inspection of authentication token. Does the API expect a JWT, application-issued API key or other? FireTail will check whether a valid token of the correct type is present.
3. Payload inspection. FireTail will look for and fail invalid API queries.
New code language coverage
Standardized logging format
One consistent challenge that security teams have expressed is the lack of standardization or centralization of API logs. FireTail has now created a standardized log format, common to all 3 currently available code languages. FireTail also offers the ability to send these logs to a central location, either locally, on a private network, or to a cloud service.
The BlackHat Arsenal
Past companies and tools exhibited at the BlackHat Arsenal include open source tools that have become part of the everyday conversation for security practitioners.