FireTail was selected to present our open source inline API security. We had a great turnout, strong audience engagement and some good learnings from our session. Here are our thoughts.
Open source is a foundation of modern technology - whether in the cloud, building APIs, or really in any piece of the modern stack. And open source is equally important.
Researchers and the community will showcase their latest open-source tools and products!
It's one of the things that I have personally loved from the 4 times that I have attended BlackHat. There are great teams, solving real problems. Some of the tools that have debuted here are now standard tools for InfoSec and SOC teams around the world.
There's good A/V support on-site - but you're on your own for setup, and there's not a lot of buffer time. Conference staff was told to only let booth staff into the expo area. Luckily, one of the conference organizers spotted us and got us in at 9:58am, for a 10am start. That left us those 2 minutes to:
Thankfully, the audience had to make that walk to, so the 2 minute head start was indeed helpful. We kicked off our first run-through at about 10:03am.
Each team gets 90 minutes to present, but realistically, you're not going to get anyone's attention for that period of time. So what do you do instead? Run your session multiple times. Our presentation was about 15 minutes of explaining what we do, why we do what we do, and why we do what we do in the way that we do it; followed by 10 minutes of live demo and 5 minutes of audience Q&A. Each time, the pattern was the same - it starts with just a few people, but as you start presenting, more of an audience builds up.
And if we hadn't run out of time, there was definitely interest enough to run it 2-3 more times.
As Steve Blank has often said, you need to get out of the building. We had questions that we expected to get, but an equal number that we hadn't thought about. This is one of the best things about being part of an open source community. The use cases, applications and user types are so different, that you can't possibly anticipate every situation, but you'll benefit from hearing the feedback and contemplating how/why it should work.
PS: Yes, you can definitely sign up for early access even if you weren't at BlackHat in person. Here's the link.
RSA is all about building bridges and connections.
Join FireTail virtually at API Secure 2023! Jeremy Snyder will share learnings from a decade of API data breaches, and discuss why FireTail takes a unique approach to API security