Full Report
Until recently, there was a distinct lack of decent, high-quality technical security conferences held in the United Kingdom. Home to the Global Financial Centre, London, there isn’t a shortage of industries who require secure applications and rely on secure infrastructure and applications to operate. With this in mind, 44Con is the first combined information security conference and training event held in Central London. The con will provide business and technical tracks, aimed at government, public sector, financial, security professionals and Chief Security Officers.
Analysis Summary
# Industry News: Launch of 44Con Highlights UK Security Event Gap and SensePost Engagement
## Summary
The launch of 44Con, the first combined high-quality information security conference and training event in Central London, addresses a perceived gap in technical security events in the UK, catering to key sectors like finance and government. SensePost is using the event to present novel research on SAP GUI protocol interception and launch a highly interactive application security training course targeting developers.
## Key Details
- Date: Announced presentation/training around August 19, 2011, with the event running from August 30th to September 2nd, 2011.
- Companies Involved: 44Con (Event Organizer), SensePost (Speaker/Trainer), Ian de Villiers, Daniel Cuthbert.
- Category: Industry Event Launch / Technical Presentation & Training Announcement.
## The Story
The context surrounding the launch of 44Con points to a market necessity—a lack of high-caliber security conferences in the UK, despite London’s status as a global financial hub requiring extensive security expertise. 44Con aims to fill this niche by offering both business and technical tracks for government, public sector, financial professionals, and CISOs. Security firm SensePost is heavily involved, featuring a presentation by Ian de Villiers on intercepting and modifying the SAP GUI protocol (which includes the release of an associated tool) and a hands-on training course focused on secure application development, where participants will actively engage in offensive security against peer-developed applications.
## Business Impact
### For the Companies Involved
- **44Con:** Successfully launches as the premier regional security knowledge-sharing platform, potentially attracting significant attendance and sponsorship revenue given the target audience.
- **SensePost:** Leverages the high-profile event to demonstrate technical thought leadership, particularly in niche or complex areas like SAP protocol security, boosting their consulting and training sales pipeline.
### For Competitors
- Existing, smaller, or non-London-based security conferences in the UK may face increased competitive pressure to elevate their content quality or technical depth to compete for the same audience.
### For Customers
- Customers in the UK financial and government sectors gain access to high-quality, locally accessible training and cutting-edge research, reducing the need for expensive international travel for top-tier adversarial perspectives.
### For the Market
- The establishment of 44Con signals market validation for advanced, practical security education in the UK, potentially stimulating the local ecosystem for security vendors and service providers.
## Technical Implications
The announcement highlights significant technical activity:
1. **SAP Protocol Hacking:** Research into modifying the SAP GUI protocol suggests new attack vectors or assessment capabilities targeting foundational enterprise infrastructure used heavily by financial and large corporate clients.
2. **Interactive Application Security Training:** The methodology emphasizes "breaking into" fellow students' applications, indicating a shift toward highly practical, scenario-based secure coding and testing education rather than purely theoretical instruction.
## Strategic Analysis
- **Market Positioning:** 44Con positions itself as the essential, high-quality security event bridging business strategy (CSOs/Government tracks) and deep technical execution (Developer training/research talks) within the vital UK economic zone.
- **Competitive Advantage:** SensePost gains a significant advantage by presenting novel, practically demonstrated offensive research (SAP tool release), solidifying their reputation as an authority in application security and complex enterprise systems.
- **Challenges:** The long-term success of 44Con will depend on maintaining the high bar of content quality year-over-year and ensuring sustained backing from the usually conservative government and financial sectors.
## Industry Reactions
- **Analyst Opinions:** Analysts likely view this as a necessary correction to the UK security event landscape, recognizing the concentration of required expertise in London.
- **Expert Commentary:** Experts focused on application security will likely view the SensePost training as highly valuable due to its hands-on, adversarial nature.
- **Market Response:** High initial registration for 44Con and associated SensePost training would indicate strong pent-up demand for this level of content locally.
## Future Outlook
- The success of 44Con is expected to create immediate pressure for subsequent, similar events in the UK calendar.
- SensePost's SAP research will likely lead to increased inquiries regarding SAP/ERP security audits across their target customer base.
- **What to watch for:** Sponsorship levels and the diversity of high-profile speakers at the event as signals of its market acceptance.
## For Security Professionals
This event is directly relevant, offering CISOs strategic content and offering technical practitioners (developers, testers, pentesters) advanced, unique training experiences (SAP protocol) and interaction with leading researchers from SensePost.