Advanced hands-on training dedicated for your IT Security Operations, Blue, Red and Purple Teams.

Get Access to PurpleLabs and Courses

Our approach

to Cybersecurity Education

At Defensive Security we have developed training programs with a focus on blue vs red team actions that give you the best opportunity to make stronger defensive layers inside your IT environment.

Conversely, it will help you to better understand the mind and approach of modern adversaries, their style of offensive thinking, techniques, and of course tools in current use.

All of our high-tech training programs have a unique “protection vs attack” formula. This means that during lab exercises most of the security issues, use-cases and attack examples we talk about will be detected and effectively protected by using suitable techniques, approaches, sophisticated open-source tools, and recommended security configurations. 

We focus on delivering defensive content, but on the other hand, we understand that for being good in a defensive scope you have to understand the other side too, the offensive side. In that way, we provide a kind of knowledge mix in these fields using Open Source software only.

As Sun Tzu said:

Know your enemy and know yourself (and your tools!) and you can fight a hundred battles without disaster.

All training programs are based on the PurpleLabs Cyber Range.

& Consulting Areas

We understand that the best training programs are based on a true experience from real production environments and use-cases. This is the main reason why we still actively participate in security projects. With over 20 years being inside the 'battle' in the cyber security world supporting the largest companies and institutions, it has given us a great opportunity to deliver the highest quality of IT security services.

  • Threat Hunting
  • Adversary Emulations
  • Penetration Testing
  • Linux/Cloud Hardening
  • Cyber Range
  • Incident Response
  • Digital Forensics
  • Log Analysis
  • Research and Development
  • Cyber Security Mentoring

Training Portfolio

Through our hands-on labs, these training programs deliver you a bigger picture of what you really need to care about when thinking initially or later improving your overall IT security environment, operations or Red and Blue team skills. All these training descriptions are based on pure hands-on experiences where students will run every single action or chained scenarios in a ‘attack vs detection’ formula in a dedicated PurpleLabs Cyber Range Environment.

Target Groups

  • IT Security Professionals, Experts & Consultants
  • Blue, Red & Purple Team members
  • DevOps and DevSecOps Team members
  • Penetration testers & Security Engineers
  • Linux Experts & Administrators
  • Incident Response & SOC Team members
  • System Engineers & Architects
  • Network & Web Application Firewall Administrators
  • Open Source Security Enthusiasts

True Values

  • Realistic 100% pure lab-oriented offensive and defensive security use cases
  • Minimum theory, maximum hands -on with high level of expertise
  • Effective and appropriate techniques and actions you can replay in your organization
  • A lot of accumulated knowledge in one place with a focus on high priority elements
  • Extending knowledge, skill sets and the mind suitable for your IT Security job positions
  • Created by enthusiasts and professionals for professionals with enthusiasm


Leszek Miś is the Founder of Defensive Security, Principal Trainer, and Security Researcher with almost 20 years of experience in Cyber Security and Open Source Security Solutions market. He went through the full path of the infosec carrier positions: from OSS researcher, Linux administrator, and system developer, Solution Engineer, and DevOps, through penetration tester and security consultant delivering hardening services and training for the biggest players in the European market, to become finally an IT Security Architect / DFIR / SOC Security Analyst with deep non-vendor focus on Network and Endpoint Security attack and detection. He's got deep knowledge about finding blind spots and security gaps in corporate environments. Perfectly understands technology and business values from delivering structured, automated adversary simulation solutions and training

Recognized speaker and trainer: BruCON, Black Hat USA, OWASP Appsec USA, FloCon USA, Hack In The Box Dubai / Amsterdam / Singapore / Abu Dhabi, 44CON UK, Confidence PL, PLNOG, Secure PL, Open Source Day PL, Red Hat Roadshow. Member of OWASP Poland Chapter.

Author of many IT Security training:

  • PurpleLabs: Linux Forensics Inspection and Incident Response at scale
  • PurpleLabs: Windows Forensics Inspection and Incident Response at scale
  • PurpleLabs: Post-Exploitation and Evasion Techniques
  • PurpleLabs: Adversary Emulation and Breach Attack Simulations
  • PurpleLabs: Network Advanced Detection & Threat Hunting
  • PurpleLabs: C2 Matrix Operator
  • PurpleLabs: C2 Infrastructure Deployment and Automation
  • PurpleLabs: Advanced Linux Security and Hardening
  • PurpleLabs: Advanced SELinux
  • PurpleLabs: Openshift / Kubernetes Security
  • PurpleLabs: Web Application Firewall
  • PurpleLabs: Linux Administration Essentials
  • PurpleLabs: Open Source Defensive Security Components for SOC
  • PurpleLabs: FreeIPA Administration

His areas of interest include network "features" extraction, OS internals and forensics. Constantly tries to figure out what the AI/ML Network Security vendors try to sell. In free time he likes to break into "IoT world" just for fun.

Still learning hard every single day.

The holder of many recognized certificates:

  • Offensive Security Certified Professional (OSCP)
  • Red Hat Certified Architect (RHCA)
  • Red Hat Certified Security Specialist (RHCSS)
  • CompTIA Security+
  • Splunk Certified Architect

Interested? Let's talk.

Our clients