Hack The Box unveils Threat Range to boost SOC team resilience

Hack The Box has launched Threat Range, a new cyber incident simulation environment aimed at improving how security operations teams train, collaborate, and demonstrate resilience in the face of increasingly complex threats, including those powered by artificial intelligence.

Threat Range has been developed to address several growing challenges within the cybersecurity landscape, most notably the prevalence of AI-driven attacks and recent high-profile campaigns such as Scattered Spider, which have highlighted critical gaps in team preparedness. The platform is designed to focus on team-based training through live-fire simulations, with the goal of equipping security professionals to respond collectively to real-world incidents rather than practising as individuals.

The platform integrates tools for delivering audit-ready reports, MITRE ATT&CK-mapped dashboards, and performance metrics such as mean time to detect (MTTD) and mean time to respond (MTTR). This level of insight is expected to provide Chief Information Security Officers (CISOs) and senior executives with tangible evidence of the resilience of their organisations and the effectiveness of investments in cyber readiness.

AI-driven threats

According to Hack The Box, Threat Range has been developed with AI at its core, expanding upon the provider's previous cyber training ranges. The new offering is designed to help enterprises, government bodies, and managed security service providers (MSSPs) develop the operational skills required to withstand the increasing speed and sophistication of AI-powered cyber attacks.

The catalogue of simulations offered by Threat Range covers areas such as security operations, incident response, forensics, and threat hunting. The environment is intended to set a new standard for advancing operational resilience by requiring team-based investigation, collaboration, and reporting on simulated threats at an enterprise scale.

Speaking about the changes in the cyber threat landscape, Gerasimos Marketos, Chief Product Officer at Hack The Box, said:

"Defenders can no longer take the risk of preparing for tomorrow's threats in yesterday's simulated battlefield. Threat Range enables teams to counter modern cyber incidents faster and more efficiently. We have already seen adversaries using AI to perform attacks at 10 times the speed, reinforcing existing ransomware and social engineering tactics and their impact. Threat Range delivers measurable outcomes in resilience and risk reduction, giving CISOs and boards greater confidence in their security investments."

Threat Range has been designed to capture alerts and telemetry from cyber attacks and offers a platform where security operations centre analysts and incident response specialists can work together, detect threats, conduct investigations, and coordinate responses. This approach is intended to mirror the complexity and scalability of actual cyber incidents, enabling higher-fidelity training experiences.

Recent campaign lessons

Haris Pylarinos, Founder & CEO of Hack The Box, pointed to the organisational demands posed by recent campaigns involving multi-pronged, AI-enabled attacks.

"Today's threats are rapid, AI-enabled and launch multi-pronged attacks that pressure every part of an organization, demanding coordinated, high-stakes performance from cross-functional security teams. Scattered Spider's recent hacking campaign required this level of preemptive preparation to catch it in the act. With Threat Range and our recent acquisition of LetsDefend, a hands-on SOC simulator and growing community base of 320K, we're enabling SOC teams to train together with AI in the most realistic environments."

Unlike traditional offerings focused on individual skillsets, Threat Range builds its training around teams and specific roles, integrating experience from capture the flag (CTF) events and other live scenarios. This approach is intended to support collaboration between security operations and digital forensics/incident response (DFIR) teams, providing enterprise-level simulations that can be instantly deployed and updated.

Organisations using Threat Range have access to analytics mapped to the MITRE ATT&CK framework, with reporting tools to demonstrate measurable improvements to detection and response times. This data can be used to quantify risk reduction and evidence improvements to business continuity plans and cybersecurity resilience strategies.

Industry perspective

Chris Dimitriadis, Chief Global Strategy Officer at ISACA, commented on findings from the new State of Cyber 2025 Report, which reinforce the need for more comprehensive, ongoing workforce training:

"The reality is that cybercriminals are moving faster than most organizations can respond. Now is the time to invest in investing in a more holistically trained cybersecurity workforce... not just a reactive move following an incident."

Hack The Box reports that its global platform is now trusted by over 1,500 enterprises and supported by a practitioner community exceeding 4 million members. The introduction of Threat Range is aimed at ensuring security teams can keep pace with evolving threats through regular, realistic simulation exercises, continuous intelligence sharing, and a structured, gamified learning path.