HTB Blog > Blue Teaming All the latest news and insights about cybersecurity from Hack The Box. Hacking trends, insights, interviews, stories, and much more
- A 30-60-90 day onboarding plan for SOC analystson August 12, 2025 at 9:34 am
Your step-by-step guide to building defenders with confidence, clarity, and hands-on SOC Analyst training from day one.
- Cloud on fire: What the data from 4,549 players says about your weakest defenseson July 21, 2025 at 8:23 am
Cloud is the battleground attackers love most. New data from 796 teams shows most organizations aren’t quite ready. How do your defenses measure up?
- How Active Directory (AD) attacks have evolved—and what that means for blue teamerson July 12, 2025 at 2:45 am
Explore 25 years of Active Directory attacks—from PtH to ransomware—and learn how defenders can harden networks, stop lateral movement, and prepare with hands-on training.
- LLMNR poisoning attack detectionon June 13, 2025 at 10:31 am
Learn how to detect LLMNR poisoning attacks in part three of a special five-part series on critical Active Directory (AD) attack detections & misconfigurations
- Meet global cyber skills standards with the new HTB Defense Operations Analyst certificate programon June 12, 2025 at 2:59 pm
An ANAB‑accredited, threat‑informed coursework that prepares cyber defenders for DoD 8140 roles and competencies. Delivering verifiable skills in just 15 weeks.
- How to use SmartScreen logs to find evidence of execution and user activity analysison February 27, 2025 at 3:24 am
CyberJunkie walks us through a new detection technique he uncovered using Windows SmartScreen Debug Event Logs. Follow this step-by-step guide to see how it works.
- Memory dump analysis with Signal decryptionon December 20, 2024 at 11:07 am
A deep-dive into Signal’s move to safeStorage API and how an HTB forensic content engineer creates a CTF Challenge.
- 5 Active Directory misconfigurations (& how they’re exploited)on September 11, 2024 at 12:36 pm
Audit your AD environment for misconfigurations (and attacks) that can lead to severe consequences when exploited by malicious actors.
- NTDS dumping attack detectionon August 29, 2024 at 10:22 am
Learn how to detect NTDS dumping attacks in issue five of a special series on critical Active Directory (AD) attack detections & misconfigurations.
- Essential SOC analyst tools (+ insights from real blue teamers)on August 20, 2024 at 11:01 am
How to get good at these fundamental SOC tools and their related skills.
