logo
First Annual User Conference    Invite Only    ArmorText Customers & Invited Guests

Field Notes

By: armortext-logo-lite

Ground truth from teams who stayed operational.

Stories, patterns, and playbooks from the teams who built them.
May 27, 2026
New York City · Classic Car Club Manhattan (66 E 55th St, New York, NY)
1:00 PM – 7:00 PM
Why it's worth showing up
Come for the sessions. Stay for the operator-to-operator conversation.
01

See how peers actually did it

OT cyber alerts, CTI workflows, and identity verification delivered directly into responder threads. Securely, in context. Not slides about the product. Implementations from the field.

02

Leave with patterns you can use

Field-tested approaches for routing, governance, escalation, and secure ingestion. Confirmed attendees get access to the Secure Gateway Integrations Library (working name): a customer-contributed reference set of real patterns and configurations you can actually use.

03

Meet the builders behind real deployments

Compare decisions, tradeoffs, and rollout approaches with peers who've done it. Bring back ideas your team can apply immediately, even if you already run Secure Gateway today.

Reserve Our Seats
About the Conference

A user conference built around what customers actually built

Field Notes is where practitioners share the patterns they discovered in the field: secure alert delivery, context-rich telemetry, verified coordination. All of it routed directly into ArmorText conversations so teams can act fast without exposing the playbook.

This year's sessions feature Secure Gateway customers who've built integrations that bring high-fidelity data into the moments that matter, while keeping the channel end-to-end encrypted. Real work. Shared with peers. No vendor pitches.

The afternoon closes with the ArmorText Off-the-Record Happy Hour. The discussion continues off the record, with no attribution.

How the room works
  • Invite-only, in person, and off the record.
  • ArmorText customers and invited ecosystem guests only. No vendor pitches from the stage.
  • No press. No quotes attributed to individuals or organizations.
  • Recording policy (if any) will be shared with confirmed attendees.
  • Field-tested patterns, shared with peers.

Bring the builders and operators. Not just the approvers.

Featured Field Notes (Confirmed)

What you'll hear

6 sessions confirmed · Additional sessions being selected now

Opening Keynote
Why This Community Exists (and What We're Building Together)

From a Navy cryptologist to the C-suite, Jon Schlegel — CISO, and now CSO of CLEAR — has seen what happens when comms fail under pressure. He opens Field Notes with the most overlooked threat arc: compromised comms channels, and why—with AI-accelerated attacks—out-of-band operational resilience isn’t a future problem. It’s today’s.

Jon Schlegel, CSO CLEAR

#01 1:45 PM
SIEM Alerts IT Security
Starting Simple: A First Integration That Delivers Real Value

Not every Secure Gateway deployment starts with a complex architecture. Pilot Flying J began with a straightforward SIEM alert integration — routing high-priority notifications to the right people with more context than their previous channel allowed. A practical on-ramp that shows how low the barrier to entry really is.

Zach Randall, IT Security Engineer, Pilot Flying J

#02 2:15 PM
OT Cyber Alerts OT Cyber
Better Alerts, Lower Cost, Higher Reliability — SolarWinds & ArmorText

LS Power's previous alerting solution was expensive, delivered less context, and — they later discovered — was dropping messages. After routing OT alerts from SolarWinds through ArmorText Secure Gateway, on-call responders started receiving more alerts, with richer detail, at a fraction of the cost. The kind of outcome that's hard to argue with.

LS Power

#03 2:50 PM
Native Integration Splunk
From Stuck to Shipped: A Native Splunk Integration, Built in Days

Hoosier Electric wanted a native Splunk add-on to push alerts, search results, and rendered PDFs directly into ArmorText conversations. Building it by hand stalled. With the right reference material and an AI assist, they shipped a full-featured integration in days.

Dan LaCour, IT Security Analyst, Hoosier Electric

#04 3:20 PM
AI & Threat Intelligence Academic / Research
CTI Triage → TTP Extraction → Actionable Playbooks

AI-assisted prioritization workflows that extract TTPs and run CISA's Playbook-NG to generate vetted eviction strategies. Delivered directly into ArmorText conversations with CTI analysts for fine-tuned prioritization.

Project Grimace

#05 3:55 PM
Identity Verification Customer Implementation
Out-of-Band Identity Verification

Verified identity checks to reduce impersonation risk and ensure the right people are on the right channel during high-pressure moments. This is a customer-led implementation built on CLEAR identity infrastructure. It runs on ArmorText Secure Gateway.

Mark Clancy, CSO, T-Mobile

#06 4:25 PM
OT Security Honeypot Detection
The Watcher Problem: Securing OT Honeypot Telemetry

OT honeypots only work if adversaries don't know they've been seen. T-Mobile built a Secure Gateway integration that delivers honeypot event notifications directly into ArmorText conversations — keeping detection telemetry off channels that could themselves be observed or compromised.

Dan Urson Principal Security Engineer, T-Mobile

Closing
Closing Remarks

Connecting the dots from the day's sessions. The roadmap ahead. And our gift to the community!

Navroop Mitter, CEO ArmorText

Schedule

May 27. A focused afternoon. No filler.

1:00 PM

Registration
Registration & Welcome

1:30 PM

Opening
Keynote - Jon Schlegel, CSO CLEAR

1:45 PM – 5:00 PM

Customer Presentations
6 confirmed sessions with peer Q&A and short breaks throughout

5:00 PM

Closing
Closing Remarks - Navroop Mitter, CEO ArmorText

5:30 PM

Reception
ArmorText Off-the-Record Happy Hour

7:00 PM

Close
End of Event
Who Should Attend

Built for the people who own continuity

Field Notes is invite-only. We're reaching out personally to ArmorText customers and the teams who've built integrations on the Secure Gateway, and to the security leaders who understand why E2EE integration pathways matter when primary channels can't be trusted.

If you've received an invitation, you belong here. Bring your team.

Bring the builders and operators. Not just the approvers.

  • SOC & SecOps leaders and analysts
  • Incident response leads and responders
  • Threat intel & CTI teams
  • Detection engineering & platform teams building telemetry pipelines
  • CSOs & security leaders responsible for OOB readiness
  • Identity verification stakeholders in high-trust coordination workflows
Speakers

Confirmed Speakers

clear_bg Jon Schlegel
Jon Schlegel
CSO

CLEAR

tmob Mark Clancy
Mark Clancy
CSO

T-Mobile

tmob Dan Urson
Dan Urson
Principal Security Engineer

T-Mobile

pilot Zach Randall
Zach Randall
IT Security Engineer

Pilot Flying J

hoosier Dan LaCour
Dan LaCour
IT Security Analyst

Hoosier Electric

gonzaga aaron crews
Aaron Crews
Partner

Holland & Knight

gonzaga matthew b welling
Matthew B. Welling
Partner

Holland & Knight

hoosier Project Grimace
Project Grimace
Closed-door Armortext

Project to be Announced

ArmorText Navroop Mitter
Navroop Mitter
CEO

ArmorText

ArmorText Matt Calligan
Matt Calligan
Director of Growth Markets

ArmorText

Secure Gateway Integrations Library
Reusable building blocks, not one-off demos.

Many customer teams will contribute their Secure Gateway integrations and reference patterns to a shared library, so new and existing Gateway customers can adopt proven approaches faster. Details shared with confirmed attendees.

Register

Reserve seats for your team

Field Notes is invite-only for ArmorText customers and invited ecosystem guests. Tell us how many seats you need and we'll confirm availability and share logistics. We'll follow up within two business days.

Schedule a Demo
Search