Cybersecurity
Recent posts
-
Building a Security Culture: How Training Platforms Close the Human Risk Gap
There is a version of cybersecurity training that organisations buy out of obligation. It checks a compliance box, gets assigned to the whole company at the start of the year, and is quietly resented by everyone who has to sit through it. Security teams know this content is not changing behaviour. HR knows it. The employees certainly know it. And yet the cycle continues. Then there is the other ve…
-
The 3 CTF Formats That Still Work in an AI-Dominated World
The jeopardy-style CTF had a good run. For nearly three decades, it was the default format for cybersecurity competitions. Participants solve isolated challenges across categories like web, crypto, forensics, and binary exploitation, submit flags, and climb a leaderboard. It was clean, scalable, and effective. Then AI agents showed up and solved everything. At BSidesSF 2026, autonomous systems cle…
-
AI Is Solving CTF Challenges in Minutes — What This Means for Cybersecurity Training
-
From CTF Hobbyist to Cybersecurity Professional: Career Paths That Start with Hacking Challenges
It usually starts the same way. Someone stumbles into their first Capture the Flag competition — maybe through a university club, maybe through a Discord server, maybe just because they were bored one weekend and found one online. They get introduced to picoCTF or CTFD or Simulations Labs or CyberTalents. They have no idea what they're doing. They spend four hours on a challenge that most people s…
-
The Cybersecurity Skills Gap in 2026: What the Data Actually Shows
If you've spent any time in the security industry lately, you've probably heard some version of the same statistic: there are millions of unfilled cybersecurity jobs, and the number keeps growing. It's become a kind of background noise — repeated at conferences, cited in vendor whitepapers, used to justify everything from hiring freezes to six-figure training budgets. But what does the data actual…
-
Red Team vs Blue Team: What's the Difference and How Do You Train Both?
If you've spent any time in cybersecurity circles, you've probably heard the terms 'red team' and 'blue team' thrown around. They sound like something out of a military war game — and honestly, that's not far off. The concepts are borrowed directly from military training exercises, where opposing forces would simulate attack and defense scenarios to sharpen real-world skills. In cybersecurity, it …
-
Ultimate CTF Event Hosting Platform Comparison: CTFd vs Hack The Box vs TryHackMe vs Simulations Labs
A no-fluff breakdown of the four most-used platforms — what they actually do well, where they fall short, and which one fits your event. If you've been tasked with organizing a CTF event — whether it's an internal red team exercise, a university competition, or a company-wide security awareness challenge — you've probably run into the same problem: there are several platforms out there, they all c…
-
Why Most Cybersecurity Interview Processes Are Broken (And What to Do Instead)
Here's a scene that plays out constantly across the industry: a candidate with five years of hands-on experience — CTF wins, real incident response work, self-built home labs — walks into a security interview. They're asked to define the CIA triad, explain the difference between IDS and IPS, and describe what happens during a TCP handshake. They get the job. Or they don't. Either way, neither the …
-
Why Hands-On Learning Beats Theory in Cybersecurity Education
Introduction Cybersecurity is a fast-moving field. While theoretical knowledge provides an essential foundation, real-world skills are built through practice, such as Hands-on learning, Capture the Flag (CTF) competitions, labs, and simulations, which accelerate skill development, improve retention, and prepare learners to face real threats. In this article, we explain why hands-on learning beats …
-
How to Measure Students’ Cybersecurity Skills
A Grading Framework for Professors Cybersecurity programs at universities are under growing pressure to prove their graduates are job-ready. Industry reports consistently highlight that a significant percentage of cybersecurity roles remain unfilled, not because there are no candidates, but because many graduates lack the practical, demonstrable skills employers need. The gap is not in knowledge. …
-
How the Simulations AI Copilot Actually Works
A Different Kind of AI Claim Most products that describe themselves as 'AI-powered' are hoping you won't ask too many follow-up questions. The phrase has become a kind of ambient marketing, applied broadly to anything that involves a model or an algorithm, regardless of whether the AI is doing anything that actually makes the product better. This article is going to do the opposite of that. We're …
-
The Library: Ten Years of Building What Cybersecurity Training Actually Needs
The Work Behind Good Cybersecurity Training This is the first article in a three-part series about how Simulations Labs helps cybersecurity program leaders, instructors, and team leads build better training — faster. In this article, we’ll introduce the challenge library: what it is, how it was built, and why it matters. In the second article, we’ll explore the gap that even a large, well-organize…
