News

6 min read

The complete list of Q4 2023 releases and updates on HTB Enterprise Platform

Harnessing all feedback from our 2.5 million community of cybersecurity professionals, we are excited to share with you the new Hack The Box updates released over the past 3 months.

HTB-Bot avatar

HTB-Bot,
Jan 26
2024

In the last few months, we have been tirelessly working to improve our user and admin experience, and we believe that the new releases will help you enjoy your experience with our all-in-one business solution even more.

In this post, we will share updates about the HTB Enterprise Platform over the last three months (October 2023 up to December 2023); our all-in-one cloud-based platform that allows businesses to develop and measure all aspects of their team's cyber performance.

You’ll learn what’s new in our product offerings—Academy for Business, Dedicated Labs, Professional Labs, and Capture the Flag events—to make the most out of our single, intuitive Enterprise Platform. These powerful updates will streamline cybersecurity upskilling, helping you measure and report your team’s results. 

Watch our latest video for a full walkthrough of new product highlights!

General improvements across the platform

Admins can now quickly offer real-time guidance into a shared hub and foster a collaborative security practice by using sshx within a Pwnbox instance. Mentors or team members can use remote cursors and chat to provide assistance on exercises to their team members with a single command. 

We have also partnered with Syslifters to assist admins in creating official HTB certification reports. This makes constructing and formatting reports a quick and easy process—you just access and render in-browser, tailored reporting templates through SysReptor. In this way, stylized reports for all HTB CTPS, HTB CDSA, and HTB CBBH exams can be composed more efficiently. 

Administrator capabilities are also enhanced with the brand new User and Content progress tabs for a deeper understanding of their team’s progress. Admins can now monitor their team’s engagement on a weekly and monthly basis, as well as have a clear breakdown of their team’s or individual members’ progress, with the most engaged users displayed on top.

Academy for Business

What’s new with Academy for Business? Let’s start with the new additions to an ever-expanding library of theoretical cybersecurity courses tailored to specific job roles. 

We are excited to announce the release of the new Senior Web Penetration Tester job role path, including four (4) new Modules focusing on hard-to-find vulnerabilities and providing solid experience in whitebox and blackbox techniques.

Senior Web Penetration Tester

With an extended library of Modules within Hack The Box Academy for Business, we took into consideration the need for administrators to assign content relevant to their team's (red or blue) objectives. That’s why we have mapped all Modules to the MITRE ATT&CK framework

Since the MITRE ATT&CK framework is the most universal, applicable knowledge base for adversary tactics and techniques and the easiest way to identify coverage regarding detection capabilities, we have tagged both offensive and defensive modules to their corresponding MITRE techniques.

Dedicated Labs

Last quarter, we released up to 28 new offensive and defensive scenarios within Dedicated Labs, a combination of Machines, Challenges, and Sherlocks, allowing teams to practice with the latest industry vulnerabilities and mechanisms. 

dedicated labs

We have created tailored content collections based on the latest industry trends so that organizations can better prepare for emerging threats, mitigate potential risks, and enhance their overall cybersecurity resilience:  

  • A Threat Intelligence path, which includes real-world simulated APT attacks to get hands-on experience and enhance practical knowledge and understanding of popular industry CVEs, Remediation, Defensive techniques, Advanced Persistence Threats, and Security Awareness.

  • ICS & SCADA security scenarios, breaking the barrier between digital and physical realms of security operations. Through a series of Machines and Challenges, team members will gain experience in engaging with Modbus server systems, evaluating the security of Human-Machine Interfaces (HMIs), assessing potential vulnerabilities in firmware update processes, and examining Programmable Logic Controller control logic.

  • A Purple Team Security learning path, a mix and match of offensive and defensive Machines and Challenges to enable collaboration and communication between security teams.

  • The Artificial Intelligence and Machine Learning path on how to identify and exploit insecure implementation models and practice with common exploitation of vulnerabilities through AI systems. Generative AI is one of the most prominent cybersecurity trends for 2024, and while many organizations may struggle with the integration and optimal utilization of advanced technologies for threat detection and response, our goal is to provide them with a set of theoretical and hands-on materials to address these emerging threats effectively.

  • The official Operation Tinsel Trace path consists of a festive-themed set of 5 Sherlocks. These defensive labs will undertake teams on an adventure to gain hands-on practice within defensive security domains such as Digital Forensics, Incident Response, Threat Hunting, SOC, and Malware Analysis.

  • We also introduced new write-ups for Crypto and Forensics Challenges, which are integral to learning or receiving guidance for tackling different scenarios. 

Professional Labs

Team upskilling with Professional Labs, offering simulated attack scenarios on realistic corporate environments, is significantly enhanced since we released another useful feature called “Restore Point”. Users can now save their progress when completing Machines within a Professional Lab scenario, instantly helping them to get back on speed faster after a reset (or replacement of it with another scenario). 

Capture The Flag

For the admins who are looking to benchmark their team’s skills in relevant cyber fields or for the users who are looking for an adventure to put their cybersecurity skills into practice, Capture The Flag is the ideal opportunity. During the last quarter, we released: 

  • A specialized Cyber Industrial Quest CTF event pack focusing on various domains around complex SCADA/ICS systems and hardware interfaces.

  • A functionality for the creation of a Player Profile within our CTF platform for an even more gamified experience.

  • A functionality for exporting participation certificates for every CTF conquered as proof of skill development. 

  • A tailored CTF solution that goes beyond our pre-built CTF Marketplace bundles.  You can now easily get custom CTF assessments based on your unique business goals and upskilling needs that’ll be crafted by the HTB team. 

Is your team ready to deal with the latest vulnerabilities?  

Hack The Box provides a wide range of scenarios to keep your team’s skills sharp and up-to-date. Organizations like Toyota, NVISO, and RS2 are already using the platform to stay ahead of threats with hands-on skills and a platform for acquiring, retaining, and developing top cyber talent. 

CONTACT US

Author bio: Kate Moustou (katemous), B2B Product Marketing Specialist, Hack The Box

Kate Moustou has experience with digital marketing and user experience, focusing on online products/services. She is responsible for HTB Enterprise platform engagement and adoption by B2B customers. She has a Bachelor's and Master’s degree in Marketing.

Feel free to connect with her on LinkedIn

 

Hack The Blog

The latest news and updates, direct from Hack The Box