Cyber Teams
t3rraarc,
Nov 21
2023
With more than 1,500 security leaders training with HTB, the Enterprise platform is a powerful professional development center for cybersecurity teams. Year over year, there’s been a tenfold increase in the completion of Machines on the HTB Enterprise platform (evidenced by our ranking as the number one Cybersecurity Professional Development Loading Preview...
Striving to continue delivering more value to cybersecurity teams, we’ve doubled down on exclusive, threat-landscape-connected content available with HTB business plans whilst enhancing critical reporting, team management, and customization features.
In this post, we’ll share data about the exclusive Machines on the HTB Enterprise Platform over the last year from (July 2022 up to July 2023). You’ll learn about:
Vulnerabilities and CVEs security teams focused on following last year’s analysis Loading Preview...
The top MITRE tactics and techniques teams trained on.
New additions to the Enterprise Platform for a more efficient upskilling process.
Loading Preview...
by G2.The amount of exclusive content available for teams has now increased to three Machines per month—with a new bonus Machine added to the monthly release cycle of two CVE boxes. This empowers teams to train on a variety of different exploits, trending logic bugs, or scenarios specific to certain technologies or business environments (e.g., exploiting flaws/misconfigurations in payment gateways for e-commerce platforms).
To recap, content on the Enterprise Platform includes:
CVE-based Machines: All exclusive Machines are designed around emerging high-risk vulnerabilities and active threats in the current threat landscape.
Bonus content: Machines, Challenges, or Sherlocks dedicated to business-specific capabilities, scenarios, and technologies that need specialized attention from a cybersecurity perspective. Depending on the current threat landscape, bonus content can have a flexible style, focus, or subject matter that adapts to emerging threats.
Bonus content—Business logic Machines: Business Logic Machines focus mostly on business logic vulnerabilities. That is, vulnerabilities in form input logic that allow business exploits to happen (e.g. misconfiguration in Payment Gateways). The Discounted business logic Machine, for example, focuses on an e-shop exploitation that allows a purchase without money.
Bonus content—AI Challenges: Challenges that focus mostly on AI vulnerabilities. AI Challenges are the new direction for Bonus content on the platform for business users.
Exclusive Professional Labs: Premium training labs designed to provide an accurate adversary simulation against challenging, and sometimes fully patched, enterprise technologies.
Guided mode: A mode Loading Preview... Loading Preview...
In general, the interest that cybersecurity teams have in CVEs breaks the perception that the most recent vulnerability will interest the experts. What we notice is a steady interest in specific vulnerabilities regardless of their disclosure time. The interest in popular CVEs is consistent; we’ve identified some exceptional cases, as you will read below.
Analytical (CVE-2022-24637 and CVE-2022-2588). An Easy Linux Machine that features two CVEs.
CVE-2022-24637: an unauthenticated remote code execution vulnerability (RCE), making use of information leakage in order to gain credentials.
CVE-2022-2588: a Linux kernel vulnerability that allows a user to gain root privileges.
NineTail (CVE-2021-1675), is the second most popular CVE machine on PrintNightmare vulnerability Loading Preview...
These two exclusive Μachines account for 1 out of every 6 completions of exclusive Machine content on the Enterprise Platform.
The next three most popular exclusive Machines are:
ApacheCGI (CVE-2021-41773): a Very Easy difficulty Linux Machine that showcases a path traversal vulnerability in Apache HTTP Server 2.4.49 and 2.4.50, which allows unauthenticated attackers to read files outside of the virtual directory path bounds.
ADSelfService (CVE-2021-40539): a very easy Windows Machine that showcases an authentication bypass vulnerability in Zoho ManageEngine ADSelfService Plus (version 6113 and prior) affecting the REST API URLs that results in a remote code execution.
DirtyPipe Loading Preview... Loading Preview...
It’s interesting to note that both NineTail and ApacheCGI appeared in this exact position (3rd and 4th) in last year’s report Loading Preview... Loading Preview...
Some additional exclusive Machines worth mentioning are:
Eris (CVE-2019-0708) and Log4Shell (CVE-2021-44228) Loading Preview...
Enlightenment (CVE-2022-37706), a 0-day privilege escalation vulnerability through Enlightenment window manager published on September 19, 2022. The exclusive Machine showcasing the vulnerability was quickly made available in October 2022 on the Enterprise Platform and reached position 15 in terms of popularity.
A further analysis of MITRE ATT&CK tactics for the exclusive Machines on the Enterprise Platforms displays the following characteristics:
The most common MITRE tactic is on Discovery(TA0007) Loading Preview... Loading Preview...
The next most common tactics are Privilege Escalation(TA0004) Loading Preview... Loading Preview...
The final two MITRE tactics that have a significant impact on top CVE Machines are Credential Access(TA0006) Loading Preview... Loading Preview...
Hack The Box provides a wide range of scenarios to keep your team’s skills sharp and up-to-date.
Organizations like Toyota, NVISO, and RS2 are already using the platform to stay ahead of threats with hands-on skills and a platform for acquiring, retaining, and developing top cyber talent.
Talk to our team to learn more.
Author bio: Mike Giannakopoulos (t3rraarc), Staff Product Manager, Hack The Box Mike Giannakopoulos has 13 years of experience around software development and user experience focusing on B2B Saas online services. He is responsible for HTB Enterprise platform roadmap creation, execution, and adoption by B2B customers and players. He has a Bachelor's and Master’s degree from the Department of Computer Engineering and Informatics at the University of Patras. Feel free to connect with him on LinkedIn Loading Preview... |
Community
Blog Upcoming Events Meetups Affiliate Program SME Program Ambassador Program Parrot OSGet Help
Help Center Contact SupportCommunity
Blog Upcoming Events Meetups Affiliate Program SME Program Ambassador Program Parrot OSGet Help
Help Center Contact Support