Cary, NC, June 19, 2025 (GLOBE NEWSWIRE) — The cybersecurity playbook is being rewritten in real time. What used to be a manageable flow of vulnerabilities has become a relentless torrent, and attackers aren’t waiting around for defenders to catch up.
The numbers paint a stark picture: From January to April of 2025, over one in four vulnerabilities (28.3%) were exploited within just one day of being disclosed, according to VulnCheck. Meanwhile, the National Vulnerability Database recorded 40,003 CVEs in 2024, a staggering 39% jump from the previous year. For security teams already stretched thin, this isn’t just a challenge – it’s a crisis.
INE Security’s Skill Dive lab platform is addressing this issue head-on with its CVE lab collection, a safe way for security analysts and professionals to practice defending against real vulnerabilities before those same threats hit their networks.
The Old Playbook Is Broken
The days when security teams had weeks or months to understand a new vulnerability and roll out patches are long gone. According to Verizon’s latest Data Breach Investigations Report, vulnerability exploitation as an initial attack vector grew by 34% and now accounts for 20% of all breaches.
In 2024 alone, 768 CVEs were publicly reported as exploited in the wild for the first time – a 20% increase from 2023. Further troubling CISOs and keeping them up at night is that attackers are getting faster and more sophisticated in how they monitor and weaponize new disclosures.
“Security teams can get caught in an endless cycle: patch, react, patch, react,” said Tracy Wallace, INE Security’s Director of Content Development. “But the teams that break out of that cycle are the ones practicing with these vulnerabilities before they become emergencies. They’re not just responding faster; they’re anticipating what comes next.”
Beyond Reading Bulletins: Why Practice Matters
Most cybersecurity training stops at explaining what vulnerabilities are and how they work in theory. Traditional cybersecurity education focuses on concepts rather than application. Skill Dive’s CVE Lab Collection takes a different approach by letting security professionals actually exploit and defend against real vulnerabilities in safe, controlled environments.
The platform continuously updates its labs to focus on the vulnerabilities that matter most. Recent additions include the kinds of threats security teams are seeing in the wild: Calibre RCE (CVE-2024-6782), OpenMetadata Authentication Bypass (CVE-2024-28255), and persistent threats like Log4Shell (CVE-2021-44228) that continue to plague organizations years after disclosure. These labs are particularly valuable for penetration testing and security professionals preparing for advanced security certifications.
What Makes Skill Dive Different
Unlike traditional IT training that focuses on broad concepts, Skill Dive’s CVE labs zero in on the specific vulnerabilities actively being exploited in enterprise environments. The lab collection offers:
Labs built around actual CVEs that are causing real damage in the wild Monthly updates that keep pace with emerging threats Safe practice environments where teams can experiment without risk Coverage spanning everything from zero-days to common misconfigurations Both offensive and defensive techniques for comprehensive understanding
The approach recognizes a simple truth: security professionals learn best through a strategic combination of education, experience, and exposure. Whether someone is a seasoned pentester with years of experience or a professional building foundational skills through security certifications, hands-on practice with real vulnerabilities accelerates learning and retention.
Real Impact for Real Teams
Security teams using Skill Dive report faster incident response times when familiar vulnerabilities appear in their environments. It’s the difference between scrambling to understand a new threat and confidently implementing defenses based on prior hands-on experience.
“Security teams are tired of being surprised by the same types of attacks over and over,” adds Wallace. “We have built a safe environment for teams to train, fail, learn, and try again. By the time that CVE shows up in your environment, you’ve already dealt with it.”
INE Security’s Skill Dive platform currently houses over 2,400 labs across 25 specialized collections, with new labs added monthly to keep current with the evolving threat landscape. This isn’t just about staying current — it’s about staying ahead.
Availability
Enterprise packages for team training and Individual subscriptions to Skill Dive are available now. For more information, visit ine.com/cyber-ranges.
About INE Security:
INE Security is the premier provider of online networking and cybersecurity training and cybersecurity certifications. Harnessing a powerful hands-on lab platform, cutting-edge technology, a global video distribution network, and world-class instructors, INE Security is the top training choice for Fortune 500 companies worldwide for cybersecurity training in business and for IT professionals looking to advance their careers. INE Security’s suite of learning paths offers an incomparable depth of expertise across cybersecurity. The company is committed to delivering advanced technical training while also lowering the barriers worldwide for those looking to enter and excel in an IT career.
Kathryn Brown INE [email protected] Market News and Data brought to you by Benzinga APIs
