The complete list of Q1 2024 releases and updates on HTB Enterprise Platform

In this post, we’ll share updates about the HTB Enterprise Platform, our all-in-one cloud-based platform that allows businesses to develop and measure all aspects of their team's cyber performance.

You’ll learn what’s new in our product offerings—Academy for Business, Dedicated Labs, Professional Labs, and Capture the Flag events—to make the most out of our single, intuitive Enterprise Platform. These powerful updates will streamline cybersecurity upskilling, helping you measure and report your team’s results. 

Watch our latest video for a full walkthrough of new product highlights!

General improvements across the platform

Enhanced content categorization for reporting and skills progression

Enhanced content categorization empowers managers to align relevant skills with their cybersecurity development plan to meet security and business objectives. 

By utilizing skill tags, managers can seamlessly assign tailored content and assess team upskilling progress, resulting in more streamlined content management and improved reporting for measuring cybersecurity performance. 

Skill tags focus on specific areas of interest, technologies, vulnerabilities, and operating systems. This helps manage content and candidates more efficiently, ensuring that skills align with organizational goals. 

User activity monitoring for Module sections 

Managers can now provide assistance or access specific information within their team’s assigned Modules. By simply clicking on the team's activity updates in the “Activity” tab of the Academy for Business lab, managers can swiftly navigate to specific sections, ensuring efficient guidance and oversight.

In the example below, as a technical manager, you are monitoring how new team members are onboarding. Thanks to the activity monitoring feature, you can now see whether a member has completed The Triaging Process Module.

The same "Activity" tab on the "My Profile" page is also available for team members, who can now monitor their daily activity on the HTB Academy for Business and keep track of their cybersecurity learning journey.

Customized dashboard page for smooth navigation 

We introduced a new level of convenience with the redesigned dashboard on the HTB Enterprise Platform for our users. They can navigate the platform effortlessly, accessing labs and features with just a few clicks.

Watch the video to explore our enhanced Dashboard features.

Academy for Business 

Certification in Web Exploitation for experienced penetration testers

Following the release of last December’s Web Penetration Tester Job Role path on Academy for Business, we introduced our first certification covering specialized security job roles.

The HTB Certified Web Exploitation Expert (HTB CWEE) focuses on building a mindset around risk mitigation and vulnerability identification, using various advanced and modern vulnerabilities as demos. 

Tailored for seasoned penetration testers, the HTB CWEE is a hands-on journey that meticulously evaluates candidates' proficiency in uncovering elusive web vulnerabilities using both black-box and white-box techniques. 

The HTB CWEE course material is beneficial for security and IT teams of all sizes and industries. It also allows security-aware developers to identify vulnerabilities in existing code, scan for errors, and avoid them by applying secure coding practices.

Certification holders will be able to: 

• Conduct web penetration tests using white and black box techniques.

• Develop custom exploits.

• Review large code bases.

• Compose a commercial-grade and actionable web penetration testing report.

Academy Module on Supply Chain Attacks

Our brand-new Module on Supply Chain Attacks provides the essential knowledge and skills needed for navigating the complexities of supply chain vulnerabilities.

This new Module covers:

• Intricacies and impact of supply chains in both hardware and software.

• The lifecycle of attacks, from Target Identification to Evasion and Persistence.

• Specific real-world vulnerabilities and notable incidents.

• Mitigation strategies.

• Whether you're a seasoned cybersecurity professional or a budding enthusiast, this is your chance to learn how to safeguard against supply chain threats effectively.

Dedicated Labs

29 offensive and defensive scenarios added on Dedicated Labs

We’re thrilled to introduce 29 new offensive and defensive scenarios in Dedicated Labs, designed to empower our members with practical, hands-on experience.

These new Machines and Sherlocks allow members to dive deep into the latest industry vulnerabilities and mechanisms, a unique opportunity to expand their skill set and sharpen their cybersecurity prowess.

Exclusive scenarios, that can only be accessed through Dedicated Labs, have been released to boost an effective purple-minded approach to recent vulnerabilities: 

• Seven (7) exclusive Machines for offensive skills development on CVE Exploitation, EDR Bypass, Web Application Exploitation, Enumeration, Unix Command and Windows technology. 

• Six (6) exclusive Sherlocks to enhance defensive skills on DFIR and HARDEN, while exploring different technologies such as Windows, Microsoft Outlook, Linux, Webutler, Confluence, Notepad ++, and Splunk. 

• Interconnected scenarios on the CVE-2024-21413 vulnerability to gain practical experience in exploiting the MonikerLink vulnerability and applying defensive techniques to safeguard against attacks directed to valuable NTLM hashes.

Guidance for completing Challenges

The addition of new write-ups for Pwn, Mobile, and Reversing Challenges will guide members to master the intricacies of each Challenge. 

These write-ups go beyond offering only the solution to each challenge; each one provides step-by-step guidance and real-world technical context. This gives team members the confidence to navigate even the most challenging technical environments when they’re in the field.