Embark on your tech journey — instant labs, zero setup.
Context
WHO — Crew
WHEN — June
WHY — The need
WHY — Learning Plateforms
WHERE — ISEN
Open-Source, Freemium model Technical transparency & AI for creators Gamification
Altaïr’s positioning
Choose your character
Access the lab from a browser (webshell) Track progress and complete objectives Review labs, StarPaths Earn cosmetics, certifications
Configure labs & objectives Design learning paths (Starpaths) Publish and iterate content, earn cosmetics Earn recognition through reviews
Manage roles and permissions (RBAC) Monitor platform health & moderate usage Enforce limits (rate limiting / quotas)
Use this side of the card to provide more information about a topic. Focus on one concept. Make learning and communication more efficient.
Use this side of the card to provide more information about a topic. Focus on one concept. Make learning and communication more efficient.
Use this side of the card to provide more information about a topic. Focus on one concept. Make learning and communication more efficient.
Title
Title
Title
Write a brief description here
Write a brief description here
Write a brief description here
Learner
Administrator
Creator
with their AI assistant
Static Architecture
Microservices
users ms
starpath ms
labs ms
groups ms
sessions ms
API Gateway
JWT Validation • RBAC
Routing to Microservices
Rate Limiting • Input Validation
Frontend
learner
creator
admin
Start
Keycloak
Lab RUNTIME
lab API
kubernetes cluster
Grafana
Technical Challenges
Keycloak
Runtime
Gateway boundary
Lab content model
Cleanup
Starpath
Observability
Reality Gap
Demonstration
OPEN LIVE PLATFORM
To-do
Rate limiting
Gamification
Social feedback
Progression
Maintenance
AI assistant
Business Model
Thank you for your attention
WHY — The need
Traditional training was not enough.
~40% of the security budget is spent on training, but skills remain behind in the face of emerging threats.
Skills gap
www.hackthebox.com/business
WHO — the Crew
FOUR STUDENTS. ONE SHIP.
Cyndelle NAPOLETANO Project manager
Laura MUSSO Developer
Mark PONSODA Lead developer
Nikita DOVHAN developer (Big data)
CLOUD LAUNCH
PROBLEM: real labs • spawn latency • scale
CHOICE: Sessions → Lab API → K8s pods
VALIDATION: spawn test • readiness • webshell
API Gateway
Frontend
Sessions
Lab-API
K8s
CLEANUP & TTL
PROBLEM: orphan pods • failure modes
CHOICE: TTL • deadlineSeconds • stop path
VALIDATION: kill scenarios • leak checks
Session TTL
Stop
Cleanup (pods/services)
Lab content model
PROBLEM: steps • hints • validation • versioning
CHOICE: Lab catalog + structured steps, validation types (safe & cheap)
Steps
Session(live lab)
Lab (template)
Hints
Validation
A hands-on cybersecurity learning platform accessible from a browser.
WHY - Platforms
TryHackMe, Root‑Me, Hack The Box, hands-on practice is essential to learn cybersecurity effectively.
Inspired by existing platforms
Predefined content Customization behind a paywall Platform-controlled infrastructure
Current market limitations
Pros
Beginner-friendly Huge CTF challenge library Skill-focused practice Community-driven High realism & difficulty Strong “Academy + Certifications”
millions of users !
FRONTEND ↔ API CONTRACT
PROBLEM: UI vs API mismatch • RBAC UI
CHOICE: Gateway resolves /me • inject headers
VALIDATION: smoke tests • demo script
STARPATH PROGRESS
PROBLEM: progress correctness • ownership
CHOICE: Starpaths MS • integrate Sessions
VALIDATION: state sync • abuse cases
Starpath step
Launch lab
Progress update
Session done
OBSERVABILITY & CI
PROBLEM: unknown bottlenecks • build blockers
CHOICE: metrics • dashboards • lint/test gates
VALIDATION: load probe • alert signals
Metrics
Services
Grafana (health/latency/errors)
Gateway Trust Boundary
PROBLEM: single entrypoint • service isolation
CHOICE: JWT verify • RBAC • routing
VALIDATION: role matrix checks • deny-by-default
API Gateway
TRUSTED (INTERNAL)
UNTRUSTED
ENFORCE
WHEN — June
By this date, the system must be:
Demoable
Scalable
Stable
Documented
WHERE — ISEN
Built at ISEN, under real-world constraints.
- Fixed milestones and reviews
- Limited technical resources
Identity Bridge (Keycloak → Altaïr)
PROBLEM: external sub • internal UUID • trust
CHOICE: Gateway resolves /me • inject headers
VALIDATION: e2e call • header check • consistency across services
API Gateway
Keycloak
Users MS (/me)
X-User-Id
Altaïr
Cyndelle Napoletano
Created on February 6, 2026
Start designing with a free template
Discover more than 1500 professional designs like these:
View
Explainer Video: Keys to Effective Communication
View
Explainer Video: AI for Companies
View
Corporate CV
View
Flow Presentation
View
Discover Your AI Assistant
View
Urban Illustrated Presentation
View
Geographical Challenge: Drag to the map
Explore all templates
Transcript
Embark on your tech journey — instant labs, zero setup.
Context
WHO — Crew
WHEN — June
WHY — The need
WHY — Learning Plateforms
WHERE — ISEN
Open-Source, Freemium model Technical transparency & AI for creators Gamification
Altaïr’s positioning
Choose your character
Access the lab from a browser (webshell) Track progress and complete objectives Review labs, StarPaths Earn cosmetics, certifications
Configure labs & objectives Design learning paths (Starpaths) Publish and iterate content, earn cosmetics Earn recognition through reviews
Manage roles and permissions (RBAC) Monitor platform health & moderate usage Enforce limits (rate limiting / quotas)
Use this side of the card to provide more information about a topic. Focus on one concept. Make learning and communication more efficient.
Use this side of the card to provide more information about a topic. Focus on one concept. Make learning and communication more efficient.
Use this side of the card to provide more information about a topic. Focus on one concept. Make learning and communication more efficient.
Title
Title
Title
Write a brief description here
Write a brief description here
Write a brief description here
Learner
Administrator
Creator
with their AI assistant
Static Architecture
Microservices
users ms
starpath ms
labs ms
groups ms
sessions ms
API Gateway
JWT Validation • RBAC Routing to Microservices Rate Limiting • Input Validation
Frontend
learner
creator
admin
Start
Keycloak
Lab RUNTIME
lab API
kubernetes cluster
Grafana
Technical Challenges
Keycloak
Runtime
Gateway boundary
Lab content model
Cleanup
Starpath
Observability
Reality Gap
Demonstration
OPEN LIVE PLATFORM
To-do
Rate limiting
Gamification
Social feedback
Progression
Maintenance
AI assistant
Business Model
Thank you for your attention
WHY — The need
Traditional training was not enough.
~40% of the security budget is spent on training, but skills remain behind in the face of emerging threats.
Skills gap
www.hackthebox.com/business
WHO — the Crew
FOUR STUDENTS. ONE SHIP.
Cyndelle NAPOLETANO Project manager
Laura MUSSO Developer
Mark PONSODA Lead developer
Nikita DOVHAN developer (Big data)
CLOUD LAUNCH
PROBLEM: real labs • spawn latency • scale
CHOICE: Sessions → Lab API → K8s pods
VALIDATION: spawn test • readiness • webshell
API Gateway
Frontend
Sessions
Lab-API
K8s
CLEANUP & TTL
PROBLEM: orphan pods • failure modes
CHOICE: TTL • deadlineSeconds • stop path
VALIDATION: kill scenarios • leak checks
Session TTL
Stop
Cleanup (pods/services)
Lab content model
PROBLEM: steps • hints • validation • versioning
CHOICE: Lab catalog + structured steps, validation types (safe & cheap)
Steps
Session(live lab)
Lab (template)
Hints
Validation
A hands-on cybersecurity learning platform accessible from a browser.
WHY - Platforms
TryHackMe, Root‑Me, Hack The Box, hands-on practice is essential to learn cybersecurity effectively.
Inspired by existing platforms
Predefined content Customization behind a paywall Platform-controlled infrastructure
Current market limitations
Pros
Beginner-friendly Huge CTF challenge library Skill-focused practice Community-driven High realism & difficulty Strong “Academy + Certifications”
millions of users !
FRONTEND ↔ API CONTRACT
PROBLEM: UI vs API mismatch • RBAC UI
CHOICE: Gateway resolves /me • inject headers
VALIDATION: smoke tests • demo script
STARPATH PROGRESS
PROBLEM: progress correctness • ownership
CHOICE: Starpaths MS • integrate Sessions
VALIDATION: state sync • abuse cases
Starpath step
Launch lab
Progress update
Session done
OBSERVABILITY & CI
PROBLEM: unknown bottlenecks • build blockers
CHOICE: metrics • dashboards • lint/test gates
VALIDATION: load probe • alert signals
Metrics
Services
Grafana (health/latency/errors)
Gateway Trust Boundary
PROBLEM: single entrypoint • service isolation
CHOICE: JWT verify • RBAC • routing
VALIDATION: role matrix checks • deny-by-default
API Gateway
TRUSTED (INTERNAL)
UNTRUSTED
ENFORCE
WHEN — June
By this date, the system must be:
Demoable
Scalable
Stable
Documented
WHERE — ISEN
Built at ISEN, under real-world constraints.
Identity Bridge (Keycloak → Altaïr)
PROBLEM: external sub • internal UUID • trust
CHOICE: Gateway resolves /me • inject headers
VALIDATION: e2e call • header check • consistency across services
API Gateway
Keycloak
Users MS (/me)
X-User-Id