How NTT Security built a proactive cyber defense with HTB

Their story

NTT Security Holdings (NTT) is a global leader in managed security services, helping more than 1,500 customers around the world defend against evolving cyber threats. With divisions in Japan and Sweden, their teams are structured differently but share a common goal: delivering top-tier cybersecurity expertise.

Leandro Ferreira, a security analyst at NTT, has seen firsthand how the company’s approach to cybersecurity training has evolved. He began his journey in the Security Operations Center before moving into the Incident Response team, all while advancing his own training. His experience underscores the importance of continuous learning in a field where staying ahead of emerging threats demands up-to-date skills and knowledge.

Their challenge

Reinforcing cutting-edge cyber skills in offensive security, incident response, and digital forensics

Maintaining a structured and effective training program across multiple global security  operations centers became increasingly challenging for the NTT team as they juggled multiple learning platforms with content that wasn’t always current or easy to navigate.

“When I started at NTT Security, we were using other platforms that didn’t keep their content up-to-date and lacked a lot of organization and usability for us. Because of this, we began the search for a new training provider," Leandro recalls.

Onboarding new SOC analysts was another challenge. The process involved Senior SOC analysts manually curating lists of training materials and spinning up custom labs, which was both time consuming and inefficient. Adding to this, team members were completing cybersecurity training independently on various platforms, making it difficult for managers to track progress and evaluate performance.

Their solution

Hands-on learning with industry-standard tools

After seeing the success of tenured SOC team members as individual HTB users, NTT leveraged the platform to streamline and modernize their cybersecurity training, ensuring team members had continuous access to high-quality, up-to-date content. 

By making HTB their centralized training hub, NTT has been able to more effectively support:

• Onboarding

• Professional development

• Mastering offensive skills for a proactive defense

• Teamwork and cross-region collaboration 

Integrating HTB into their existing cybersecurity training strategy has further enhanced NTT’s capabilities in incident response and threat intelligence. HTB’s Sherlocks content has also allowed the team to gain a powerful tool to build expertise in these critical areas.

“Sherlocks have been such a big part of our routine to help keep analysts sharp when we don't have to deal with the stress of a real incident, but still need to enjoy some challenges that mirror real-world scenarios,” Leandro explains. “Just having a place to practice theoretical concepts while also getting to work with the tools hands-on has been amazing for us. The Blue Team content mirrors real-world scenarios and Sherlocks are helpful because they utilize tactics and techniques commonly seen in threat actor behavior, further reflecting real-world situations.”

Their success

Immediate improvement in skills, confidence, and onboarding

Since integrating HTB into its cybersecurity training, NTT has transformed the way its teams learn and grow, achieving:

• Faster skill development: Structured learning paths accelerate expertise in critical security domains such as offensive security, incident response, and digital forensics

• Streamlined onboarding: New analysts ramp up quickly with a structured SOC training framework, reducing time to readiness

• Resource efficiency: Consolidated training eliminates redundant subscriptions while delivering comprehensive cybersecurity education

• Real-world readiness: Hands-on training directly translates into success in live incident response cases

• Hands-on, practical learning: Access to industry-standard tools ensures analysts gain experience with real-world attack scenarios

• Stronger team collaboration: Gamified Labs and Challenges drive engagement and knowledge sharing across teams

• Future-proofed security teams: Up-to-date training content empowers analysts to stay ahead of evolving threats

With HTB, NTT has built a dynamic, skills-driven training program that strengthens individual expertise and the company’s overall security posture. New analysts follow structured development paths, while experienced team members refine their expertise and adapt to emerging challenges.

“It’s a pretty stressful job working in security. And being able to have the confidence in our work because of a tool that’s gamified and allows us to practice things before we do it in the real world is a huge win for us.”

Training that directly impacts real-world security

One of the most compelling success stories came from an incident response case where HTB’s training directly influenced real-world success.

“We had an incident where one of our IR members had done a Sherlock challenge, and that challenge was the key to solving a case we were working on. The IR member actually said because he had completed a Sherlocks challenge with tactics and techniques similar to those used by threat actors, it made it easier for him to know where to look. Otherwise, it would have been time-consuming to respond to the ongoing incident."

Beyond technical training, HTB has fostered a culture of collaboration and engagement within NTT. The gamified elements, competitions, and interactive Labs keep training fun and motivating. Employees now rely on HTB as their go-to resource for continuous learning, eliminating the need for multiple training subscriptions, saving both time and money.

“Without Hack the Box, I don’t think it would be as easy for us to develop to the point where we can advance in our careers,” says Leandro. “Seeing training play out on the platform and then in real life has made it so much easier for us to go into new aspects of security faster and with more confidence.”

LET’S TALK

At Hack The Box, we love our global hacking community and we strive to support other communities all over the world as we continue working toward our mission to make cybersecurity training accessible to everyone - and we’d love to do the same for you. Get in touch today to see how we can help.

About Hack The Box

Hack The Box is the Cyber Performance Center with the mission to provide a human-first platform to create and maintain high-performing cybersecurity individuals and organizations. Hack The Box is the only platform that unites upskilling, workforce development, and the human focus in the cybersecurity industry, and it’s trusted by organizations worldwide for driving their teams to peak performance.

Offering an all-in-one environment for continuous growth, assessment, and recruitment, Hack The Box provides solutions for all cybersecurity domains. Launched in 2017, Hack The Box brings together the largest global cybersecurity community of more than 3 million platform members. Rapidly growing its international footprint and reach, Hack The Box is headquartered in the UK, with additional offices in the US, Australia, and Greece.

For more information, please visit hackthebox.com.