7 min read

Teaching security teams to “think outside the box”

We dive into the depths of what it means to “think outside the box” and how to encourage a way of thinking that supports security.

g0blin avatar

Dec 20

Six years ago, my journey at HTB began with the dream to help the community develop the right skills and mindset for security through the power of a gamified, practical upskilling platform. 

No one can deny that the game in cybersecurity has changed since then with defensive, reactive, and recovery postures no longer being fit for purpose in the face of an ever-evolving threat landscape. 

Today, both defensive and offensive security teams need to take a more proactive approach to cybersecurity upskilling. 

From individual security professionals to corporate teams, this means adopting a “hacker mindset” and learning to think outside the box.

What is the hacker mindset?

Hackers are driven by curiosity and love to discover how things work. They’re relentless and won’t give up until a solution is found, eventually finding ways to bypass any intended way or mechanism each service or network implements. 

This mindset is critical for security teams and businesses as a whole. While no system or team is impenetrable, security leaders who encourage and reward this mindset promote a proactive security posture—one that develops your team’s ability to identify, detect, and protect against threats. 

But how is such a mindset adopted? This is where upskilling and support from leadership is key. By encouraging creative thinking regarding cybersecurity, teams are empowered to do their jobs better and to think “like hackers.” 

Why HTB urges all employees to think outside the box

Thinking outside the box should be celebrated in any organization. It’s one of our core team values at Hack The Box, showing how we embrace the hacker mindset on each and every team. The outcome? 

Teams that go above and beyond not just to get the job done but to be the best at what they do.

From HR to security and IT, any team can adopt the hacker’s approach to solving problems! The thing they’ll have in common is: they don’t take “no” for an answer and keep trying even when told something’s impossible. 

Encouraging creative thinking within security teams

teaching security teams to think outside the box infographic

At Hack The Box, we proudly encourage out-of-the-box thinking by providing real-world environments that teach users to solve problems and go beyond a scripted approach of following a checklist of attacks. 

“Thinking outside the box is looking at a piece of software and thinking about how it was intended to be used, and what assumptions might have made about how users would interact with it. If the software author didn't consider that someone might interact with it in a given way, that's where vulnerabilities come in.”


David Forsythe (0xdf), Training Lab Architect, Hack The Box 

Building that muscle memory allows your business to respond to real-life threats quickly and efficiently, boosting your overall preparedness level, and this isn’t optional either. A business's reputation, financial security, and survival rest on its security posture. 

Customers need to be able to trust you with their data. Once this trust is compromised, it can be game over.  

It’s valuable for businesses to encourage hacking champions who aren’t a part of the infosec teams. For example, why not upskill developers in the basics of cybersecurity so that they can consider potential vulnerabilities when creating new features? 

This proactive mindset should be rolled out across the organization so everyone is vigilant about cybersecurity threats and best practices. The HTB Academy, for example, gives offensive and defensive security professionals the foundational knowledge to adopt the right mindset. 

By breaking down a hacker’s way of thinking, we can consistently encourage the attitude of curiosity, perseverance, and resilience. This is why our Fundamental Academy modules focus on critical thinking and ways of thinking outside the box before encouraging beginners to learn technical knowledge.

“I would say don't stop at getting the flags, go and explore the technology and learn what happened. Try to exploit things in a different way, if your privesc involves being able to write files as root and you normally just drop an ssh key, try changing it up and finding another way to escalate like creating a cron.”


Ippsec, Training Lab Architect, Hack The Box


Businesses as a whole need to move away from traditional practices, especially in the field of cybersecurity. We’re no longer bound by traditional hiring and value practical skills and experience over degrees and qualifications. 

This creative hiring is precisely how you find hackers with the best mindset, as they take the time to practice their knowledge and upskill in their own time. 

The talent shortage has forced us to think outside the box and focus more on a candidate's practical knowledge. But where do you find these unicorns? HTB’s talent search is a great place to start.


Practice over theory

As a business, focusing on “ticking boxes” with upskilling programs every six months can be easy. Especially as budgets tighten, upskilling may be pushed aside. However, for a company to truly defend itself against cybercriminals, a culture of always learning must be embraced. 

Having the opportunity to exploit the latest CVEs and threats in real-life environments is invaluable. This enables your cybersecurity team to stay ahead of cybercriminals and challenge themselves with new, landscape-connected threats.

As an example, on October 3rd 2023, Qualys announced their discovery of CVE-2023-4911, otherwise known as Looney Tunables. The local privilege escalation vulnerability impacts the default installations of most major Linux distributions. 

Within a few days, the Hack The Box team released a Machine around this to help organizations remain threat-ready. and Managers could assign this lab to team members with just a few clicks!

Recommended read: Carpediem (CVE-2022-0492) explained

Embrace 360 upskilling

A key element of a proactive security mindset is teamwork. Your cybersecurity team won’t be successful if everyone isn’t working together as one cohesive unit. 

This collaboration is much-needed between offensive and defensive teams. At HTB, we enable offensive teams to develop practical skills in defensive security, while allowing blue teams to think like attackers.

Our Sherlocks defensive labs enhance digital forensics and incident response (DFIR) capabilities by offering blue alternatives to red Machines. 

This enables a purple team approach to security. One that’s perfect for businesses looking to protect themselves from vulnerabilities while testing their defenses—and encouraging a proactive approach to security in feature development.  

We worked with Easi, a European IT services partner, to facilitate purple team training that catered to their wide range of services across general, defensive, and offensive. With HTB Professional Labs, they’ve been able to double the content shared in red and blue team meetings whilst training on 55 different MITRE ATT&CK skills.

You can find out more by reading Easi’s customer story.

Hackers are persistent—they dig deep until they find a way in. Businesses must be proactive about cybersecurity by adopting the hacker mindset with regular upskilling and challenging the status quo. Being complacent simply isn’t an option with threats on the rise.

Author bio: James Hooker (g0blin), Chief Technology Officer and co-founder, Hack The Box

James Hooker is Chief Technology Officer and co-founder at Hack The Box. Starting as a single platform member in its early stages, James now has been playing a pivotal role in the continuous growth and success of Hack The Box.

He provides direction, insight, and assistance for new and ongoing projects and oversees and maintains the company's technical assets, ensuring optimal functioning.

In addition to his role at Hack The Box, James has over 15 years of experience in roles spanning Engineering, Systems Administration, and Security.

Hack The Blog

The latest news and updates, direct from Hack The Box