OffSec News

May 6, 2024

Continuing to support cybersecurity teams with Award winning & innovative training in April

Announcing new award willing continuous learning opportunities for cybersecurity professionals from OffSec.

5 min read

In the nearly 20 years that OffSec has been in existence, we’ve watched the importance of cybersecurity grow across organizations. It’s no surprise as to why, between the value of successful attacks, the shortage of skilled talent and the sheer pace of innovation of the places and people and processes that need to be secured, the job of creating a resilient cyber workforce is a challenge. Read our press release on our awards announcement.

Industry awards

But, OffSec is on a mission to empower individuals and organizations to fight cyber threats with indispensable cybersecurity skills and resources. And, April was no exception. We’ve launched three new cyber ranges, training for four new job roles, two of which aren’t even for traditional security teams, and we’re excited to share that we have received 10 awards this week for the work we continue to do to fight cyber threats with indispensable skills & resources.

These awards further our commitment to our mission and if April was any indication, we are not slowing down. We introduced four new learning paths and three new cyber ranges all in support of the cybersecurity professionals that rely on us to keep them prepared for anything that comes their way.

Training on recent threats

The XZ backdoor threat was revealed on March 29, 2024. And, over the next 30 days we released a new learning module, wrote a blog post and hosted a XZ Utils Rundown webinar discussing the intricacies of this threat to help our learners develop skills to sniff out these types of vulnerabilities in their own networks. We understand that the changing threat landscape isn’t something that can wait, the minute a threat is understood it’s our job to train folks about it. We know that each new threat is unique and understanding how this plays out in the real world is critical for all of the professionals we train. 

Cyber ranges that mimic real-world environments

There is only so far knowledge sharing can go to develop true understanding. At some point, you have to put your hands to keyboard and do the work. This is what we are providing with our three new cyber ranges. Each of these simulations provide teams the opportunity to put their learning into practice.

Enterprise Cyber Range including tournaments with OffSec Versus (ECR)

It’s imperative that cybersecurity professionals and their managers develop the skills necessary to combat cyber threats. And, certifications attained 10 years ago are not sufficient evaluation criteria for managers to ensure their teams are prepared for what’s happening in 2024 and what will happen in the next 5 years. We need to train people how to react, what to look for, and how to seek out danger so they can protect their organization. With the Enterprise Cyber Range, we give teams the ability to pit red and blue teams against each other to train for real-world scenarios. 

Offensive Cyber range (OCR)

With over 500 machines and 100 attack vectors, we’re giving offensive teams the practice they need to handle any new challenge. OCR mirrors the complex networks attackers thrive in. Learners master the latest exploits, map an organization’s vulnerabilities, and develop skills that will transform teams into a proactive offensive force.

Defensive Cyber Range (DCR)

The Defensive Cyber Range from OffSec prepares blue teams with live-fire simulations of actual attacks. 20+ attack vectors, and a live-fire environment, develop defensive skills and test new team members to respond and protect your most important assets.

New training content

Cybersecurity is no longer the responsibility of just the offensive and defensive teams. Today, if you build applications or systems, or maintain those business-critical systems, you care about security. It is with that knowledge, that we developed more learning paths for defensive teams, development and engineering teams, and IT and system admin teams in April.

DevSecOps Training

The reach of cybersecurity extends well beyond security teams. With this new learning path, we’ve supported the DevSecOps teams that support building new tools and processes in an organization. This learning path focuses on automating infrastructure with security in mind, optimizing workflows, and accelerating software delivery. Training includes topics like provisioning and managing infrastructure with Terraform; controlling access and permissions effectively by designing robust IAM systems; and building secure and efficient deployment workflows by automating CI/CD pipelines.

Threat Hunter Training

Use an attacker mindset to sniff out threats in your environment. With Threat Hunting Essentials, learners can proactively hunt down and neutralize adversaries. This learning path provides a deep dive into the tactics, techniques, and procedures (TTPs) of ransomware groups, APTs, and other threat actors. Teaches how to conduct meticulous network and endpoint forensic analysis to uncover hidden threats, and develop custom hunting strategies that go beyond relying on traditional Indicators of Compromise (IoCs).

Git Ops Training

Git is at the heart of today’s development practices. This Git Ops Learning Path prepares you to use Git effectively, build security perspectives on Git, and practice Git hands-on. In this path built for developers, DevOps, or an engineer, you’ll learn how to perform Git command line tasks, including branching, merging, pushing, and configuring; practice Git commands inside multiple labs with Git-related challenges and understand Git’s history and its role in CI/CD challenges


Cybersecurity training is important to keep an organization safe, but in some organizations, it’s a requirement. With insurance or government regulations, being able to provide training that aligns with well-known industry standards is critical to proving compliance. The three MITRE D3FEND learning paths deliver training for three MITRE D3FEND techniques including Model, Harden and Detect. 

We know that our mission is far from complete, but we’re so grateful to be able to continue to support the work of cybersecurity professionals across the globe. Stay tuned about our latest updates by signing up for