Finding your niche/selling point

Part 4, what is the unique selling point your course brings or niche it fills.

Article Series: So you want to train at Black Hat (or other conferences)?

This is a series of articles about our experiences submitting, preparing and delivering training at Black Hat (and other conferences as well).

It has been quite the journey and it feels like we learnt a lot of things which were not obvious to us at the beginning or were just not documented.

In this series, we will try to set this information out in an organized way to hopefully help people in the future who are interested in going through a similar journey.

This series is ongoing with new posts released every few weeks. If you want to keep up with new posts, follow us on Twitter or LinkedIn.

Posts in this series:

Finding your niche/selling point

Published on 20 April 2025 by  Josh Grossman

Introduction

If you’re thinking about creating a training course, one of the biggest questions you’ll face early on is: Will anyone actually want this? In this post, we’ll explore how you can evaluate whether your course idea stands a chance in an already packed marketplace for professional training.

alt text

Market Research

In a previous post, I mentioned that I already had a good grasp of the application security training landscape, which gave me an edge in knowing which topics were oversaturated. If you’re not yet as familiar with your own niche, I would suggest you do some market research. Here are some areas you might want to consider.

History of training courses at your target conferences

Conferences will often maintain historical websites where you can see the courses they have previously offered.

Black Hat maintains an archive of past training courses with predictable URL patterns, making it easy to explore previous years’ offerings. Keep in mind that not all Black Hat events are created equal, Black Hat USA is significantly larger than its counterparts in Asia and Europe.

As for satellite events like Black Hat Spring Trainings, I have never seen a formal Call for Training. It’s possible these are invite-only affairs, favoring trainers with a strong sales history, but that’s just a theory.

alt text

If you’re targeting an OWASP event, they also have a historical record of courses available though it might require a bit of sleuthing. (Hint: all recent OWASP websites have been based in GitHub).

For smaller or more specialized conferences, you’ll need to do your own detective work to uncover historical data.

Check out Offensive Security

Offensive Security offers a well-known set of training programs. You can probably guess where their focus lies. If your topic overlaps with theirs, take a hard look at how your course differentiates itself. Their content is well-established and widely respected so if you’re in their arena, you need a unique angle.

Review the SANS catalogue

SANS offers a massive range of courses often at premium prices but keep in mind that many of them run for six full days. That means a shorter, more affordable course on a similar subject might still appeal to time and budget conscious learners.

alt text

Explore other sources

Don’t stop there. Depending on your topic, there may be other educational offerings in your space: self-paced labs, YouTube tutorials, Massive Open Online Courses (MOOCs), and more.

Ask yourself: What will learners gain from your course that they can’t easily get from free or low-cost resources? Your value proposition needs to go beyond content, it should include engagement, interaction, depth, or application.

Finding the niche

The sweet spot for your course lies at the intersection of three things:

  1. A subject you’re passionate and knowledgeable about
  2. A real gap in the current training market
  3. A compelling reason for someone to pay for it

If you’re struggling to identify that gap, don’t be discouraged. It is a tricky balancing act. The ideal topic needs to be fresh and interesting to the conference review board and relevant enough that your potential attendees can justify the time and money it takes to attend.

alt text

On the other hand, the cybersecurity field in particular is constantly evolving. New technologies and threats emerge regularly each one a chance for you to carve out your own area of expertise. There are plenty of unsolved problems and overlooked areas that need attention.

Remember, your audience will often have to convince their manager that your course is worth the investment. Help them make the case by choosing a topic that solves real problems, enhances valuable skills, or supports strategic goals.

Next Post: Practical Exercises

In the next post, we’ll focus on the major differentiator that can elevate your course above the rest: hands-on activities. Because let’s face it no one wants to sit through two days of lectures. What participants get to do during your course is just as important as what they learn.

This post is part of a series: So you want to train at Black Hat (or other conferences)?

Other posts in this series: