Building an open source security project with 1M+ installations
Fletcher Heisler, Marcelo Elizeche Landó
BSidesSF 2026 · Day 2 · AMC Theatre 07
In this insightful BSides SF talk, Fletcher Heisler, CEO of Authentic Security, and Marcelo Elizeche Landó, Software Engineer, shared their journey and the "seven and a half-ish lessons" learned while scaling **Authentik**, an open-source identity provider (IDP), to over a million installations. The presentation offered a candid look into the challenges and triumphs of building, maintaining, and commercializing a critical security project in the open-source ecosystem. Their narrative provides invaluable guidance for anyone involved in open-source development, particularly those navigating the complexities of security-focused projects and the transition from a passion project to a full-fledged company.
AI review
Honest war story about scaling an open-source IDP from hobby project to venture-backed company with real lessons on licensing, community management, and tech stack evolution. Competent and candid, but firmly in the 'could have been a detailed blog post' category — no novel research, no technical depth that would move the needle for a security-focused audience.