Full Report
After hearing our talk was accepted at BlackHat, we’re happy to announce that our training will be back for it’s 9th straight run. Speaking of a run, we’re going to be hosting the usual marathon of courses: cadet, bootcamp, combat, web 2.0. But, while the names remain, we’ve spent some time updating the material. In particular, bootcamp, combat & web 2.0 have been through the ringer. We’re hoping to get some detailed info on the updates out in the coming weeks.
Analysis Summary
# Industry News: SensePost Announces 9th Annual Black Hat Training with Significant Course Updates
## Summary
SensePost announced the return of its popular technical security training courses for their ninth consecutive run at Black Hat USA (Vegas 2010). The most notable business development is the significant material refresh for several key courses, including Bootcamp, Combat, and Web 2.0, suggesting a continuous investment in keeping their core training offerings relevant to the evolving threat landscape.
## Key Details
- Date: Announced June 7, 2010
- Companies Involved: SensePost
- Category: Product Updates / Training Services Announcement
## The Story
SensePost confirmed their participation and subsequent training schedule at the upcoming Black Hat USA conference in Las Vegas. This marks the ninth year they have offered their suite of advanced training courses, which typically include Cadet, Bootcamp, Combat, and Web 2.0. The provider highlighted that while course names persist, the underlying content for Bootcamp, Combat, and Web 2.0 has recently undergone substantial updates to reflect current industry needs. They also promoted attendance through a low-cost social media contest for a free course slot.
## Business Impact
### For the Companies Involved
- **Reinforced Market Presence:** Securing a ninth run at a premier event like Black Hat solidifies SensePost's brand authority and long-term commitment to high-level technical education.
- **Driving Revenue:** Training programs at major conferences represent a significant, high-margin revenue stream for specialized security firms.
- **Content Refresh as a Marketing Tool:** Announcing updates generates pre-event buzz, encouraging early enrollment and framing the training as cutting-edge.
### For Competitors
- **Setting a Benchmark:** SensePost’s continued presence and commitment to updating course material raise the bar for other independent training providers competing for Black Hat real estate and attendee budgets.
- **Information Gap:** Competitors will be watching closely to see the nature of the updates before the detailed information is released, potentially scrambling to integrate similar subject matter into their own offerings.
### For Customers
- **Increased Value Proposition:** Attendees enrolling in the updated courses (Bootcamp, Combat, Web 2.0) receive training reflective of the latest attack methodologies and defensive strategies.
- **High-Cost, High-Value Training:** The courses are expensive (implied value of a free slot is $2,700), suggesting the target audience is enterprise security teams or individuals seeking specialized, intensive skills not available elsewhere.
### For the Market
- **Indicator of Training Demand:** The sustained demand (ninth run) for deep-dive offensive/defensive courses confirms a strong, continuous market need for practical, hands-on skills beyond standard certification tracks.
- **Evolution of Focus Areas:** Updates to "Web 2.0" training signal that client-side vulnerabilities, complex application logic bypasses, and modern web platform weaknesses remain critical areas for professional development.
## Technical Implications
The emphasis on updating Bootcamp, Combat, and Web 2.0 suggests significant technical shifts in the focus areas. This likely means the curriculum is moving beyond older exploits to tackle more advanced topics such as:
1. **Web Application Security:** Deeper dives into API exploitation, modern authentication flaws (OAuth/SAML), and complex front-end execution vectors.
2. **Tactical Security:** Incorporation of newer persistence techniques, C2 frameworks, or advanced evasion methods relevant to current red teaming/penetration testing operations.
## Strategic Analysis
- **Market Positioning:** SensePost positions itself as a vanguard in technical security training, leveraging its established reputation (9 years) and its acceptance to present at Black Hat to maintain premier status.
- **Competitive Advantage:** The key advantage lies in the timely, high-quality content refresh. In security training, outdated material leads to rapid loss of credibility; consistent updating combats this decay.
- **Challenges:** The primary challenge is delivering on the promise of significant updates without extensive time delays, as promised details are forthcoming. Failing to meet high expectations set by the announcement could dampen future enrollment.
## Industry Reactions
(Limited information provided, but inferred reactions):
- **Analyst Opinions:** Analysts likely view this as a positive signal regarding the health of the advanced training segment of the cybersecurity ecosystem.
- **Expert Commentary:** Peers in the training sector will be assessing the scope of the announced updates to gauge shifts in community focus.
- **Market Response:** Positive reception, driving immediate inquiries and tentative sign-ups ahead of the detailed course descriptions.
## Future Outlook
- **What to watch for:** The critical next step is the release of detailed syllabi for the updated courses. This will confirm the specific technical domains SensePost believes are most critical for security professionals heading into the next year.
- **Predictions:** Expect competitive training providers to quickly follow suit by announcing their own content refreshes to capture market attention.
## For Security Professionals
This is a critical heads-up for practitioners whose organizations budget for high-end training. The announced updates suggest that skills gained from older versions of these courses may be insufficient. Professionals should prepare to evaluate the new curricula closely to justify the high cost based on the inclusion of contemporary, advanced techniques.