August 10, 2022

What did we learn from presenting in the BlackHat open source Arsenal?

FireTail was selected to present our open source inline API security. We had a great turnout, strong audience engagement and some good learnings from our session. Here are our thoughts.

What did we learn from presenting in the BlackHat open source Arsenal?

Open source at BlackHat

Open source is a foundation of modern technology - whether in the cloud, building APIs, or really in any piece of the modern stack. And open source is equally important.

Researchers and the community will showcase their latest open-source tools and products!

It's one of the things that I have personally loved from the 4 times that I have attended BlackHat. There are great teams, solving real problems. Some of the tools that have debuted here are now standard tools for InfoSec and SOC teams around the world.

The Arsenal is pretty grassroots, but the community digs that vibe

Setting up our presentation and demo environment

There's good A/V support on-site - but you're on your own for setup, and there's not a lot of buffer time. Conference staff was told to only let booth staff into the expo area. Luckily, one of the conference organizers spotted us and got us in at 9:58am, for a 10am start. That left us those 2 minutes to:

  • Walk the length of the expo floor (I'll guess 600m)
  • Find our station, out of the 5-6 tables
  • Connect to wifi (really weak connectivity/signal)
  • Get A/V connected

Thankfully, the audience had to make that walk to, so the 2 minute head start was indeed helpful. We kicked off our first run-through at about 10:03am.

Be ready to run your Arsenal session multiple times

Each team gets 90 minutes to present, but realistically, you're not going to get anyone's attention for that period of time. So what do you do instead? Run your session multiple times. Our presentation was about 15 minutes of explaining what we do, why we do what we do, and why we do what we do in the way that we do it; followed by 10 minutes of live demo and 5 minutes of audience Q&A. Each time, the pattern was the same - it starts with just a few people, but as you start presenting, more of an audience builds up.

Jeremy covering the "why we do what we do" piece during cycle 3
Riley taking questions during the first round

We ran our demo of the FireTail code library 3 times!

And if we hadn't run out of time, there was definitely interest enough to run it 2-3 more times.

You'll get great questions in the Arsenal

As Steve Blank has often said, you need to get out of the building. We had questions that we expected to get, but an equal number that we hadn't thought about. This is one of the best things about being part of an open source community. The use cases, applications and user types are so different, that you can't possibly anticipate every situation, but you'll benefit from hearing the feedback and contemplating how/why it should work.

Here is the FireTail demo for the BlackHat 2022 open source Arsenal

PS:  Yes, you can definitely sign up for early access even if you weren't at BlackHat in person. Here's the link.