4 min read

Welcome to BlackSky - Cloud Hacking Labs for Business

BlackSky is our new set of pentesting labs for business which is built on AWS, Google Cloud Platform, and Microsoft Azure for cloud hacking. Train your employees in cloud security!

KimCrawley egre55, Sep 28,

We are very excited to announce a new and innovative cybersecurity training environment exclusively designed for our business customers. Let us introduce you to BlackSky!

BlackSky is a breakthrough cybersecurity training product when it comes to cloud technologies. Your employees can already hone their pentesting skills on our Dedicated Labs machines, and in our Professional Labs that simulate realistic enterprise networks. Using BlackSky Cloud Labs, they can also level up their Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure pentesting and hardening skills to the max!

Businesses around the world are increasingly adopting cloud services, and it is critical that system administrators, penetration testers and security engineers are given the knowledge to build, assess and defend these new environments, in a safe way, away from production workloads.

BlackSky provides your enterprise teams with the environment to do just this.

Key features

  • BlackSky uses real AWS, GCP, and Azure technologies. Your company will have a secure, dedicated space in the cloud for training up your staff.

  • Your enterprise can conveniently and securely access BlackSky through your own VPN, either using pwnbox or your own attack platform.

  • Companies may want to build out capabilities or spread the risk across multiple platforms. So if your company needs BlackSky lab scenarios on more than one cloud platform, that can be done!

  • By using BlackSky labs your employees will learn how to perform reconnaissance, infiltration, situational awareness, privilege escalation, lateral movement and exfiltration in multiple cloud platforms.

  • BlackSky is not only for the red team! The remedial advice included in each scenario includes mitigations and best practices that make these labs valuable for the blue team.

  • BlackSky can be bought separately or as a paid upgrade to our Professional Labs.

  • We offer BlackSky as an annual subscription, starting at ten user seats. Whether large or small, we have room for your team.

    Cloud certified

BlackSky benefits

  • BlackSky isn't just a collection of individual challenges. The scenarios feature realistic cloud environments that allow users to gain situational awareness and pivot between services.

  • Reduce the time it takes for your employees to become billable for offensive cloud engagements. BlackSky is the most effective and efficient way to prepare your employees for cloud engagements, in a safe environment that uses actual cloud technologies.

  • Reduce the cost of running your cloud networks and training and keep your red team training away from your production cloud network.

  • Each BlackSky lab is compliant with the penetration testing rules of engagement for each cloud platform.

  • Just click and play - stand up a cloud instance without any administrative overhead. We take care of the infrastructure maintenance for you. 

  • Each lab instance is completely isolated.

  • Get a Cloud Security Specialist (Offensive) certificate for each platform after completing the lab!

    BlackSky labs

Meet the labs

The scenario:

“Mega Multinational” is a global leader in the Freight Logistics industry. They are not cloud native, but are looking to transition more infrastructure to the cloud, in order to mitigate the perceived risks of hosting their own infrastructure. They have enlisted your services to perform an assessment of their cloud infrastructure, using the external IP address and/or credentials provided.

Attack and remediate Mega Multinational's infrastructure in any or all of three major cloud providers. 

  • Cyclone is our Microsoft Azure scenario

  • Hailstorm is our AWS (Amazon Web Services) scenario

  • Blizzard is our GCP (Google Cloud Platform) scenario

We recommend that BlackSky users have basic knowledge of cloud infrastructure, scripting, and Windows/Linux from an administrative perspective.

The learning outcomes:

  • AWS/Azure/GCP enumeration

  • Exploitation of serverless applications

  • Exploiting misconfigurations

  • Lateral movement

  • Local privilege escalation

  • Mitigations and best practices

  • Situational awareness

  • Web application and API exploitation

  • Phishing

Learn more about what BlackSky can do for your business

As with all of our business cybersecurity training, BlackSky is available through our new Enterprise Platform. Learn more about it here.

Learn more about BlackSky on our site!

Feel free to contact us to discuss pricing, and find out how BlackSky can help your business to get cloud ready and defend against cyber threats. And if you’re curious to learn more about cloud hacking in general, we’re running a webinar on November 22nd! Spaces are limited, you can save your space here.

Hack The Blog

The latest news and updates, direct from Hack The Box