This review will be an ongoing, living review. As I write this review, the platform has jumped to a new interface. Two labs are still “coming soon,” and the estimated date for the exam to be available is at the end of March. I’m doing a “living” review because Blue Team Level 2 has been a live project that is still not complete after five months of offering the course. Waiting for all the coursework, labs, and actual exams, I feel like it might still be a couple of months off. I know people are looking at Blue Team Level 2 now to see if it’s worth buying, and I want to assess the platform as it stands at this very moment. Some might feel that this review is unfair due to the platform not being completed, and they’re working hard to wrap it up, but I’ve also paid for this, so I should be able to document my experience to this point.
I purchased the course in September 2021. I understood it would not be a complete product when I bought it, and it would be in development. As it stands, 5+ months later, two labs still need to be developed, and the exam is not available. One of the biggest frustrations I had when I first started was that the material was spotty, meaning some sections were completely done, and others were coming soon. It was hard to get into any kind of flow—for example, the malware analysis section. You would read a section only to realize the lab wasn’t available to practice, or there was no material to learn. I did not do anything for the first couple of months and thought by January 1, I would hit the ground running and start making it a daily practice to get in there and learn. I was wrong, and I faced many of the same issues I experienced months prior.
This next issue is my fault; I should have done my research by looking at Blue Team Level 1, but I was excited about the platform and purchased it right away to help support it. The material presented in all text, screenshots, and maybe the occasional gif. I mentioned this about eLearnSecurity courses eCPPT Review as well: it’s death by slides. I’m a visual/audio learner, so just reading text isn’t conducive to learning for me. For example, comparing the malware section in Blue Team Level 2 vs. Practical Malware Analysis & Triage by Matt Kiely (HuskyHacks), the HuskyHacks course destroys the Blue Team Level 2 malware section. I’ve already reviewed the HuskyHacks course Practical Malware Analysis & Triage – Review, but the material was well-thought-out, and because the material mainly was video, I got to experience how he did his investigations. There’s a vast difference between an instructor talking through the material and a gif demonstrating some text. Did I mention that the HuskyHacks course is only $30? Even if they were the same price, HuskyHacks just did it better, and that’s a disappointing feeling to have when you paid so much for a Blue Team Level 2 course.
Another problem I have is with the labs. Not so much the labs themselves, but the question and answer sections. Now, I have to say this did come up in their forums, and they appear to be open to changing this; I hope they do it soon. The problem is that there’s a series of questions you have to complete for each lab. That’s fine, but it feels more like their Blue Team Labs Online platform where it’s a capture the flag event. There are no hints, no walkthroughs, or just straight answers. There are two labs that I haven’t completed simply because I can’t get one answer, nor do I know what I’m doing wrong. What’s the point of a learning platform if not to teach you techniques? Comparing to eLearnSecurity again, the eLearnSecurity courses had walkthroughs and answers for all their labs. You didn’t have to look at them, but they were there if you got stuck. We’re five months into the Blue Team Level 2 platform and still have none of the above suggestions; it’s very frustrating. They did ask the forum if they should add walkthroughs, and it appeared users wanted some kind of assistance, but still, nothing has been done at this time.
The last thing I’ll mention is just the delay of all the material. I know they were making a new platform, looking to expand to red teaming labs, creating a blog, and producing a free course about mental health. I think this is all great, but BTL2 feels like this never-ending project due to these other endeavors, from my perspective. They have given me an extension on the material by 30 days, reset my lab time, and given me six months of BTLO free, which I genuinely appreciate. All I want is a complete course, though.
I just can’t recommend purchasing until it becomes more of a complete product. Perhaps the issues will be addressed moving forward. Time will only tell, and I’ll continue to update this living review when significant developments occur.
Today I no longer have access to BTL2. So some updates about the platform and me. The exam was deployed in early April 2022, and I noticed that several people had already completed it by the time of this post. I went through all the content, and I have to say it wasn’t completely polished, but it’s in a better place than months ago. You could pick up the course today and successfully work through all the material from start to finish. They added answers and even some walkthroughs for the labs, which were great! But once again, not all of them were completely polished. Also, I was happy to see that they created a list of BTLO labs and tools to focus on that would help with the exam.
So, what now? I’ll be busy with work and presenting at a conference soon, so even if I was given extra time, I probably would have to purchase an extension anyway. That is my game plan. In a couple of months (probably July), get a 2-month extension (roughly cost $200) and hit it hard. This will give them more time to iron out the platform and exam. In the meantime, I’ll be using tryhackme, BTLO, and a cyber range provided by work to hone my skills a little more.
My thoughts on the platform and experience up to this point are that the whole experience feels like eLearnSecurity, aka INE, to me, which isn’t great, and BTL2 is more costly. Once I get into the exam and work through that, I’ll be excited about the challenge and experience. Still, losing access to material and completing all the content, I feel meh about the experience.
Editor: Emily Domedion