Full Report
July is our favourite time of year, when thousands descend into Las Vegas for Blackhat/Defcon, or more commonly referred to as ‘Hacker Summer Camp’. This year, our camp councillors have been working hard to bring you all our latest creations. BlackHat Training We’re running our usual training at BlackHat, and as usual have been working hard to build new courses and update others. Here’s a list: BLACK OPS HACKING FOR PENTESTERS – MASTER LEVEL PENTESTING ENTERPRISE INFRASTRUCTURE – JOURNEYMAN LEVEL SECDEVOPS: INJECTING SECURITY INTO DEVOPS (NEW) TACTICS, TECHNIQUES AND PROCEDURES FOR HACKERS We’re pretty excited about the new SecDevOps course, which reflects what we’ve learned about transitioning old-style project pentesting into an agile world.
Analysis Summary
# Industry News: SensePost Showcases Training Evolution and Tool Updates at Hacker Summer Camp 2017
## Summary
Security consultancy SensePost announced its broad participation across BlackHat and Defcon events in 2017, highlighting significant updates to its penetration testing training portfolio, including a new focus on SecDevOps. Additionally, the company is launching updated open-source hacking tools at BlackHat Arsenal and presenting advanced vulnerability research, specifically memory corruption exploits, at Defcon.
## Key Details
- **Date:** Announced around June 26, 2017 (Context is 2017 events).
- **Companies Involved:** SensePost (Primary), BlackHat, Defcon.
- **Category:** Product launch (training course) | Tool updates | Research presentation.
## The Story
SensePost is leveraging the annual "Hacker Summer Camp" (BlackHat/Defcon) to deliver several key industry contributions. Their primary business development focus appears to be in training, where they are updating established courses like "Black Ops Hacking for Pentesters" while launching a significant new offering: "SECDEVOPS: Injecting Security into DevOps." This course reflects the adaptation of traditional penetration testing methodologies to agile environments. On the tooling side, SensePost will demo updated open-source hacking tools, KWETZA and RATTLER, at BlackHat Arsenal. Furthermore, company researchers are presenting cutting-edge exploit development work at Defcon concerning memory corruption vulnerabilities in Windows GDI objects, including an exploit for MS16-098.
## Business Impact
### For the Companies Involved
- **SensePost:** The announcements serve as a major marketing push, positioning SensePost as a thought leader transitioning its expertise from advanced offensive security into modern development practices (SecDevOps). Training sales related to the new course present a clear revenue stream tied to shifting industry demands. Tool updates maintain developer mindshare and credibility in the security community.
### For Competitors
- **Training Competitors:** The launch of a dedicated SecDevOps course puts pressure on other training providers to integrate modern CI/CD and agile security content into their curricula, potentially forcing them to update or risk appearing dated.
- **Tooling/Research Community:** Releasing updated open-source tools and presenting novel exploit techniques raises the bar for community contributions and challenges other researchers.
### For Customers
- **Enterprises Adopting Agile/DevOps:** Customers struggling to integrate security into fast-paced development cycles gain access to specialized training designed to bridge this gap.
- **Security Teams:** Access to advanced training on complex exploitation techniques enhances the skill sets of penetration testers and red teams.
### For the Market
- **Shift to Integrated Security:** The focus on SecDevOps training validates the market trend that security must be embedded early in the SDLC, moving away from end-of-cycle project pentesting models.
- **Demand for Specialized Skills:** The presence of advanced, master-level courses signals a high-end market demand for top-tier offensive security expertise, which commands premium pricing.
## Technical Implications
The announcement highlights advancements in three key technical areas:
1. **SecDevOps Integration:** Applying offensive security knowledge directly within agile development workflows.
2. **Tool Maturity:** Updates to tools like KWETZA and RATTLER suggest improvements in functionality, stealth, or compatibility addressing recent security controls.
3. **Vulnerability Research:** Specific demonstration of novel memory corruption exploitation paths using GDI objects underscores a deep technical focus area in Windows kernel/system-level security.
## Strategic Analysis
- **Market Positioning:** SensePost is strategically positioning itself at the intersection of deep technical offensive capability (research/tooling) and modern enterprise necessity (SecDevOps training). This dual focus allows them to appeal to both highly technical practitioners and security leadership driving modernization initiatives.
- **Competitive Advantage:** The new SecDevOps course offers a specific, timely differentiator against competitors who may only offer standard infrastructure pentesting. Their continued investment in public exploit research (Defcon presentation) reinforces their credibility, which trickles down to higher perceived value in their commercial training offerings.
- **Challenges:** Aligning complex offensive techniques with high-level process change (DevOps) requires instructors to effectively translate technical findings into operational security maturity—a persistent challenge in transitional security training.
## Industry Reactions
- **Analyst Opinions:** Analysts likely view this announcement as evidence of established specialized firms successfully pivoting to address the hottest enterprise security challenge: securing the software supply chain and development pipeline.
- **Expert Commentary:** Expect positive reaction from industry veterans regarding the continued relevance of advanced vulnerability research presented at Defcon, offsetting the industry narrative that exploit development is becoming too difficult or niche.
- **Market Response:** Strong initial enrollment for the new SecDevOps training would immediately validate the market need identified by SensePost.
## Future Outlook
- **Predictions and Expectations:** SensePost’s successful launch of the SecDevOps course will likely spur other established training vendors to rapidly develop similar offerings or acquire smaller firms specializing in DevSecOps integration. We can expect more consulting firms to package their internal agile security assessments as formal training modules.
- **What to watch for:** The specific disclosures made during the memory corruption talks at Defcon will influence vulnerability research trends for the following year.
## For Security Professionals
These updates signal mandatory skill diversification. Security practitioners must evolve beyond perimeter or pure application testing to master security integration within CI/CD pipelines (SecDevOps). Furthermore, the technical deep dives at Defcon offer unparalleled learning opportunities for those involved in advanced penetration testing and exploit mitigation.