Product roadmap 2025: Enable and scale threat readiness with Hack The Box

At Hack The Box (HTB) we serve more than 800 IT and cyber teams globally. Their feedback and challenges directly shape our product roadmap, ensuring we deliver solutions that truly meet emerging industry needs. 

We take pride in our strong, open relationships with customers -  as reflected in our leading position as G2’s top Cybersecurity Professional Development platform and the growing adoption of the latest major product releases.

There’s nothing as exciting as seeing customers using major features we have released based on their feedback and needs – and then witnessing how those features improve the way the industry builds and scales threat-ready cyber teams.

Guided Mode has been an eagerly-anticipated feature from the entire HTB community: this simplified view of Machines helps our users follow the right attack path, providing more context, sense of progress, and ultimately accelerating the learning curve. 

This feature is now enabled as default view by a sizable chunk of teams, reaching its highest peak last summer with 44% of organizations.

Taking into consideration our training labs, Sherlocks have been an important milestone in expanding our offering to analysts and blue teamers. We are extremely excited to see more than 60% of our customers now actively practicing with our defensive labs and adding defensive knowledge domains as part of their workforce development plan.

Finally, following our mission statement to become a unified platform for all high-performing cyber teams, we have launched Spaces for organizations to better manage, streamline, and tailor skill progression. 

By segmenting training plans into smaller segments (by team or knowledge domain, as an example) we see our customers increasing team engagement up to 20% – that’s staggering!

But enough about the past (and the present). We‘ll now reveal  how HTB plans to capitalize on its current product and introduce industry-informed innovations that will continue to position us as the pioneering platform for cyber workforce development.

The 2025 product roadmap pillars

Our main goal is to create a long-term roadmap addressing strategic customer needs that we discover from feedback calls, our Customer Advisory Board, and in-depth market analysis.

We have translated this massive amount of information into 238 improvements, divided into four (4) core pillars driving the product direction: User Management, Analytics & Reporting, Learning Experience, and Curriculum Management.

User Management 👥

This roadmap pillar includes all aspects around invitations, roles, permissions assignment, teams and team management, and seat assignment.

We are planning a complete review and revamp of the user management system inside HTB Enterprise Platform to:

• Tailor user and license management to the needs of large enterprises.

• Seamlessly enable and scale teams with 500 or even 1,000+ members.

• Support effortless team management between cyber teams (offensive and defensive) or security-adjacent personnel such as developers, general IT staff, and more.

• Continue to expand the list of supported SSO providers.

• Source candidates and manage multiple open job positions on Talent Search.

The new user management interface will be a game-changer in terms of how companies access the platform – allowing even the largest teams around the world to practice together in a couple of clicks, without unnecessary admin work. 

Analytics & Reporting 📊

This second roadmap pillar includes all aspects of analytics and data-driven insights present on the platform within the reporting page, overview, leaderboard, and much more.

Our direction is to provide easy-to-consume data to managers and platform members that can be used not only to assess platform activity or skill development, but also provide a solid snapshot of team performance to executive management or senior stakeholders.

The reporting section will feature current, new, and refreshed metrics covering:

• Core metrics on team engagement with the platform and skill progression (at individual level, team, or organization – as granular as it gets).

• Impact on crucial business metrics to achieve cyber resilience based on tailored assessments and workforce development plans.

• Unified coverage of industry frameworks based on adversarial techniques and proficiency or crucial job roles or KSATs across the entire content catalog.

• Organization-level insights and sentiment on platform usage and team career development as cybersecurity professionals. 

As part of the same effort, we will focus on fully aligning HTB Enterprise Platform and HTB CTF reporting with common terminology and actionable insights. CTF data will provide even more visibility into gamified assessments and required next steps, confirming our platform as the ultimate tool for team benchmarking and skill gap analysis. 

Learning Experience 📚

The latest Forrester Wave™ report highlights the  outstanding learner experience HTB delivers within the platform. We are committed to keep improving this crucial aspect of our product, making sure that cyber teams acquire critical skills better and faster than ever. 

This part of the 2025 roadmap includes everything that makes consuming content easier. We’ll focus on the end-user experience, automating the way cyber professionals discover and request courses or labs that match their interests with:

• AI-powered recommendations based on user activity, suggesting related content mapped to the most relevant industry frameworks – MITRE tactics and techniques, NIST job roles or KSATs, and more. 

• Improved discoverability for all content types across the platform without limitations tied to user roles or permissions.

• Enhanced features for customizing skills development plans aligned with work roles, organizational needs, or relevant TTPs without relying on admins’ approval.

Curriculum Management 📝

The way teams manage training plans and assign tasks is going to be a major effort on our roadmap. Curriculum Management will be translated into short to medium-term improvements in parallel with a complete overhaul of our approach. 

The results from the Q4 2023 Forrester Wave™ report confirmed superior capabilities in content assignment and learning paths flexibility. Our customers can expect further enhancements that will allow them to:

• Easily navigate the entire Hack The Box content library without silos or limitations.

• Create more custom curricula mixing multiple content types (Modules, Machines, Challenges, Sherlocks) based on cybersecurity job roles or specific attacks and techniques.

• Quickly search, filter, and identify content of interest with a common (and automated) skill taxonomy across all content. 

Core knowledge domains

As a leader in cybersecurity professional development, we are committed to keeping pace with the evolving threat landscape – our R&D never sleeps. 

New courses and labs featuring the latest technologies and exploits will be released on a weekly basis, with regular business-exclusive releases that provide additional value to cyber teams.

The full list of content planned for the year is extensive, but it can be summarized in three (3) main knowledge domains.

AI pentesting and red reaming: A major partnership with Google got us to launch a never-seen-before AI Red Teamer job-role path now available on HTB Academy and HTB Enterprise Platform.This curriculum will be further expanded over the year with highly innovative and experimental courses. HTB Academy materials will be further supported by hands-on labs enriching the current Dedicated Labs offering, aiming to fully cover MITRE Atlas, OWASP LLM and Machine Learning frameworks.

Purple team exercises: Our goal is to foster collaborative security operations in multiple forms, with different content types. Purple Modules have been already enabled, with new releases coming within Q1 2025. Other content types currently in the pipeline will cover specifically critical vulnerabilities, processes, and tools from both adversarial and defensive perspectives.

Advanced defensive roles: The Hack The Box content library is designed to cover core, specialized, and advanced knowledge domains tied to real security job roles. Our team will gradually release courses and hands-on scenarios covering must-have skills to deliver these roles, starting from detection engineering. This will also be supported by new defensive labs, expanding on the already solid DFIR and SOC catalog. 

Time is a crucial factor for building and scaling readiness in the current threat landscape. For this reason, we want to provide content simulating new vulnerabilities within the least time possible from the disclosure – giving our customers the opportunity to learn and understand cyber threats before they become reality.

WATCH A FREE PLATFORM TOUR

Always stay up-to-date

The feature you love might be just right behind the corner. Make sure you follow our official roadmap tracker and changelog to stay in the loop with the latest changes. You can even subscribe to receive email notifications, filter release notes based on your preferences, and interact with our team to leave your feedback. 

Choose HTB to boost your cyber performance

Today’s cyber threats present a new challenge to organizations, and unskilled teams pose a real risk to the security of your business. This is why cybersecurity performance programs and continuous improvement are no longer a nice-to-have, but a necessity.

Your access to tailored cyber workforce development plans is just clicks away. In fact, some of the major improvements mentioned above are ready to be shipped in Q1 2025. Want to see them for yourself? 

Our team can show you HTB in action!

GET A DEMO