Open source is a foundation of modern technology - whether in the cloud, building APIs, or really in any piece of the modern stack. And open source is equally important.
Researchers and the community will showcase their latest open-source tools and products!
It's one of the things that I have personally loved from the 4 times that I have attended BlackHat. There are great teams, solving real problems. Some of the tools that have debuted here are now standard tools for InfoSec and SOC teams around the world.
The Arsenal is pretty grassroots, but the community digs that vibe
There's good A/V support on-site - but you're on your own for setup, and there's not a lot of buffer time. Conference staff was told to only let booth staff into the expo area. Luckily, one of the conference organizers spotted us and got us in at 9:58am, for a 10am start. That left us those 2 minutes to:
Walk the length of the expo floor (I'll guess 600m)
Find our station, out of the 5-6 tables
Connect to wifi (really weak connectivity/signal)
Get A/V connected
Thankfully, the audience had to make that walk to, so the 2 minute head start was indeed helpful. We kicked off our first run-through at about 10:03am.
Be ready to run your Arsenal session multiple times
Each team gets 90 minutes to present, but realistically, you're not going to get anyone's attention for that period of time. So what do you do instead? Run your session multiple times. Our presentation was about 15 minutes of explaining what we do, why we do what we do, and why we do what we do in the way that we do it; followed by 10 minutes of live demo and 5 minutes of audience Q&A. Each time, the pattern was the same - it starts with just a few people, but as you start presenting, more of an audience builds up.
We ran our demo of the FireTail code library 3 times!
And if we hadn't run out of time, there was definitely interest enough to run it 2-3 more times.
You'll get great questions in the Arsenal
As Steve Blank has often said, you need to get out of the building. We had questions that we expected to get, but an equal number that we hadn't thought about. This is one of the best things about being part of an open source community. The use cases, applications and user types are so different, that you can't possibly anticipate every situation, but you'll benefit from hearing the feedback and contemplating how/why it should work.
Here is the FireTail demo for the BlackHat 2022 open source Arsenal