Since 2018, 8bit has provided custom cybersecurity consulting services to government teams and industry partners around the world, including several Fortune 500 companies.
8bit was founded by developers who previously worked in the government sector for more than 20 years and had a dream of improving the quality of service for customers along with the quality of work / life balance for employees.
As a minority woman-owned small business (WOSB) with a WOSB certification, their team has repeatedly been recognized for their ability to support full-lifecycle software development and many other end-to-end cybersecurity services.
These services include CNO software development, vulnerability research, malware analysis, reverse engineering, test engineering, systems engineering, and CMMC Services performed by CMMC Provisional Assessors (PAs) and CMMC Certified Professionals (CCPs).
Because of their commitment to quality and superior services, 8bit has been awarded the 2020 Raytheon Suppliers Excellence award as well as the 2020 ManTech Subcontractor Excellence award.
Ryan Whicher, Vice President and Senior Penetration Tester at 8bit, was struggling to find a training solution with the features required to meet the needs of his team as well as their government clientele.
“Previously, learning and training was on an ‘as needed’ basis,” he said. “It is incredibly hard to stay current on so many different technologies and techniques. It was a constant scramble of Googling, watching Youtube videos, and reading blogs.”
Because of 8bit’s close work with the public sector, they were looking for a training platform that would allow them to stay up-to-date on the latest cybersecurity trends and tactics while also giving them a place to securely practice their skills in a hands-on environment.
This need was only further emphasized when a CloudSEK XVigil report noted the number of cyberattacks targeting government agencies increased by 95% in 2022 compared to the same period the previous year.
Aside from lacking the resources that would allow them to quickly evolve with the threat landscape, Ryan was also searching for a solution that could measure individual and team performance while also showing activity progress in labs or modules.
“In the last 10 years, there have just been one or two cybersecurity training providers and it hasn’t been hands-on training,” said Whicher. “Their solutions weren’t measurable. You either passed or you didn’t.”
This is when Ryan found Hack The Box (HTB).
What drew Ryan to the HTB platform was not only the ability to measure results and track progress, but also the diverse nature of the content and real-world applications made available to him and his team.
“Being able to track progress with more than just a final test is a huge deal. You have to actually figure things out and it’s so much more of a real-world example than most of what these other places give you,” Ryan said.
The 8bit team immediately dove into the platform, exploring the variety of material available through HTB Academy, HTB Professional Labs, and HTB Dedicated Labs. Ryan said these products were specifically chosen because they aligned with the development goals he had set for his team.
HTB Academy and Professional Labs are used primarily by more junior staff who are still learning and working to build experience navigating real-world scenarios. For more tenured team members looking to upskill in specific areas, Dedicated Labs provides an environment for them to focus on perfecting one skill or technique at a pace suitable for their schedule.
“Between Academy and Dedicated Labs, our senior folks can turn their weaknesses into strengths,” Ryan commented. “As for Professional Labs, they feature real-world scenarios which are difficult to find with other outside training. Pivoting, tunneling, and enumeration within a network are so important in real-world scenarios and Pro Labs force the users to think like they would in a real engagement.”
In addition to ad-hoc education, Ryan has also created a more structured training plan—a project made possible by the real-time feedback capabilities within the HTB platform.
Now, with HTB, all new hires are required to participate in a training process that involves completing a specific amount of modules and boxes, personalized to each student based on background and experience level, across all three products on a schedule. In doing so, Ryan and his team can determine if a trainee is progressing their skills and understanding new concepts.
Integrating HTB into the 8bit onboarding process and continuing education has transformed how Ryan and his team learn, work, and collaborate.
“The results have been amazing so far. The most valuable aspect is the amount of time saved on our senior people training less experienced people,” Ryan noted. “Instead of a senior pentester spending a long time training someone on a specific problem, they can point that person to a module or box for the initial learning, and can then supplement the HTB training after.”
Ryan also says the use of the HTB platform has slashed the amount of time spent trying to find information and translate it into a form that’s digestible and relevant to his team. But above all else, the most notable achievement for his team is the ability to quickly see performance data and results.
“Measurable metrics are number one. This training allows you to track what modules you’re doing, what you’re good at, what you’re not good at,” he said. “You know right away whether or not you understand this stuff versus being given 50 boxes and not knowing which one you’ll be tested on and hoping at the end you know enough to pass the test.”
Since incorporating HTB into their training strategy, five junior members of the 8bit team have accomplished the below in just 10 weeks:
Completed more than 500 modules
Compromised more than 300 targets
Eliminated cost and time associated with searching for training resources online
Improved the onboarding process for new employees, making them “project ready” in weeks rather than months
Gained access to the largest CyberSec community in the world with more than 1.7 million members
Private lab environment and VPN server
Team and user administration & reporting
24/7 access to self-paced learning
Fully gamified and hands-on environment
Multi-machine labs and corporate-level network scenarios
Advanced user administration tools
Academy for Business
Interactive, guided training paths
Certificates of completion
Unlimited access to content
Loved by an infosec community of more than 1.7 million members, Hack The Box is helping security leaders across the globe equip their teams with the skills and expertise needed to proactively secure and protect their organizations.
Whether you’re sharpening specific techniques, training up junior staff, or looking to recruit skilled cybersecurity talent, HTB has a solution to fit your needs. Measure, assess, and proactively close your organization’s cybersecurity skills gap with a single platform focused on improving cyber workforce learning and development.
ltnbob, Nov 28, 2023