HTB Threat Range: AI-Powered Team Simulations Built for Security Operations
Hack The Box has launched Threat Range, a team-based cyber incident simulation platform built with AI at its core. It gives SOC, IR, forensics and threat hunting teams a live-fire environment to practice, measure and improve. For operations leaders, it turns readiness into metrics the business can trust.
Unlike individual, guided labs, Threat Range is built for real team workflows. It maps exercises to the attack kill chain, captures alerts and telemetry, and produces executive-ready reporting that shows progress where it matters: risk reduction, resilience and continuity.
Why operations leaders should care
- Proves readiness with measurable outcomes like lower MTTD and MTTR, not vague "coverage" claims.
- Supports SOC-to-DFIR collaboration with role-specific drills and live-fire simulations at enterprise scale.
- Delivers audit-ready reporting and board-level insights that translate technical performance into business impact.
- Provides instant access to always up-to-date scenarios aligned to current attacker behaviors.
What Threat Range delivers
- End-to-end incident simulations that mirror real breach paths and stress-test cross-functional processes.
- AI-driven scenarios that accelerate attacker pace to match the speed seen in modern campaigns.
- Captured alerts and telemetry so analysts can detect, investigate and respond under realistic pressure.
- A broad catalog spanning security operations, incident response, forensics and threat hunting.
- Dashboards mapped to MITRE ATT&CK, plus outcome-focused analytics and audit-ready reports.
Built for how attackers operate
Adversaries are using AI to move faster-often 10x faster-while reinforcing ransomware and social engineering playbooks. Recent campaigns like Scattered Spider show how multi-pronged attacks pressure every function of a security program at once.
Threat Range meets that reality. Teams practice the investigation, collaboration and reporting required to stop complex activity before it becomes a business incident.
Outcomes you can prove
- Faster detection and response measured in MTTD/MTTR improvements across scenarios.
- Clear evidence of reduced breach risk and increased operational resilience.
- Repeatable, role-based advancement paths that level up the entire SOC and IR function.
- Reporting that supports budget planning, tabletop follow-ups and executive communication.
Why HTB
HTB is trusted by 1,500+ enterprises and a practitioner community of 4M+. That scale fuels continuous intelligence sharing, weekly simulation updates and a gamified growth path that keeps teams engaged. With the acquisition of LetsDefend-an SOC simulator with a 320K-strong community-HTB extends hands-on team training with AI in highly realistic environments.
How to put Threat Range to work
- Baseline your current MTTD/MTTR, then schedule monthly team-based simulations mapped to priority threats.
- Align scenarios to your top MITRE techniques and your incident runbooks to find gaps in tooling and process.
- Use telemetry and post-exercise reports to drive tuning (SIEM detections, EDR policies, playbooks) and training plans.
- Roll up outcomes to executives: risk reduction, continuity impacts and investment effectiveness.
Learn more at hackthebox.com. If you're building AI fluency across your SOC and IR teams, explore job-focused learning paths at Complete AI Training.
Your membership also unlocks:
