The most advanced IT Security hands-on workshops dedicated to your IT Security Operations, Blue, Red and Purple Teams.

Our approach Portfolio

Our approach

to Cybersecurity Education

At Defensive Security we have developed training programs with a focus on blue vs red team actions that gives you the best opportunity to make stronger defensive layers inside your IT environment.

Conversely, it will help you to better understand the mind and approach of modern adversaries, their style of offensive thinking, techniques and of course tools in current use.

All of our high-tech training programs have a unique “protection vs attack” formula. This means that during lab exercises most of the security issues, use-cases and attack examples we talk about will be detected and effectively protected by using suitable techniques, approaches, sophisticated open source tools and recommended secure configurations. 

We focus on delivering a defensive content, but on the other hand, we understand that for being good in a defensive scope you have to understand the other side too, the offensive side. In that way, we provide a kind of knowledge-mix in these fields using Open Source software only.

As Sun Tzu said:

Know your enemy and know yourself (and your tools!) and you can fight a hundred battles without disaster.

& Consulting Areas

We understand that the best training programs are based on a true experience from real production environments and use-cases. This is the main reason why we still actively participate in security projects. With over 13 years being inside the 'battle' in the IT security world supporting the largest companies and institutions, it has given us a great opportunity to deliver to you the highest quality of IT security services.

  • Threat Hunting & OSINT activities
  • Automated Network Data Exfiltration Simulations
  • Penetration testing, security audits & forensics
  • Hardening of Linux/Cloud Environments
  • Evaluation of AI/ML/NG Security products

Training Portfolio

Through our hands-on labs, these training programs deliver you a bigger picture of what you really need to care about when thinking initially or later improving your overall IT security environment, operations or Red and Blue team skills. All these training descriptions are based on pure hands-on experiences where students will run every single action or chained scenarios in a ‘protection vs attack’ formula on his own in a dedicated virtual-lab network.

Target Groups

  • IT Security Professionals, Experts & Consultants
  • Blue, Red & Purple Team members
  • DevOps and DevSecOps Team members
  • Penetration testers & Security Engineers
  • Linux Experts & Administrators
  • Incident Response & SOC Team members
  • System Engineers & Architects
  • Network & Web Application Firewall Administrators
  • Open Source Security Enthusiasts

True Values

  • Realistic 100% pure lab-oriented offensive and defensive security use cases
  • Minimum theory, maximum hands -on with high level of expertise
  • Effective and appropriate techniques and actions you can replay in your organization
  • A lot of accumulated knowledge in one place with a focus on high priority elements
  • Extending knowledge, skill sets and the mind suitable for your IT Security job positions
  • Created by enthusiasts and professionals for professionals with enthusiasm


Leszek Miś is the Founder of Defensive Security, Principal Trainer and Security Researcher with over 15 years of experience in Cyber Security and Open Source Security Solutions market. He went through the full path of the infosec carrier positions: from OSS researcher, Linux administrator, and DevOps through penetration tester and security consultant delivering hardening services and training for the biggest players in the European market, to become finally an IT Security Architect / SOC Security Analyst with deep non-vendor focus on Network Security attack and detection. He's got deep knowledge about finding blind spots and security gaps in corporate environments. Perfectly understands technology and business values from delivering structured, automated adversary simulation solutions.

Recognized speaker and trainer: BruCON, Black Hat USA, OWASP Appsec USA, FloCon USA, Hack In The Box Dubai / Amsterdam / Singapore / Abu Dhabi, 44CON UK, Confidence PL, PLNOG, Secure PL, Open Source Day PL, Red Hat Roadshow. Member of OWASP Poland Chapter.

Author of many IT Security training:

  • In & Out → Network Exfiltration and Post-Exploitation Techniques [RED EDITION]
  • In & Out → Detection of Network Exfiltration and Post-Exploitation Techniques [BLUE EDITION]
  • Open Source Defensive Security → The Trinity of Tactics for Defenders
  • SELinux → Development & Administration of Mandatory Access Control Policy.
  • Advanced RHEL/CentOS Defensive Security & Hardening.
  • ModSecurity → Development and Management of Web Application Firewall rules.
  • FreeIPA → Identity Management for Linux Domain Environments & Trusts.

His areas of interest include network "features" extraction, OS internals and forensics. Constantly tries to figure out what the AI/ML Network Security vendors try to sell. In free time he likes to break into "IoT world" just for fun.

Still learning hard every single day.

The holder of many recognized certificates:

  • Offensive Security Certified Professional (OSCP)
  • Red Hat Certified Architect (RHCA)
  • Red Hat Certified Security Specialist (RHCSS)
  • CompTIA Security+
  • Splunk Certified Architect

Interested? Let's talk.

Our clients