Leszek Miś is the Founder of Defensive Security and VP, Head of Cyber Security in Collective Sense where he is responsible for strategy, business analysis, and technical product security research & feature recommendations. He has over 13 years of experience in IT security market supporting the world’s largest customers in terms of exfiltration simulations and penetration tests, infrastructure hardening and general IT Security consultancy services. Next, to that, he has 10 years of experience in teaching and transferring a deep technical knowledge and his experience. He has trained 500+ students with the average evaluation on a 1-5 scale: 4.9. He is an IT Security Architect with offensive love and recognized expert in enterprise Open Source Security solutions market. Leszek provides network data exfiltration simulation services, web application & infrastructure penetration tests and OSINT. He specializes in low-level Linux/OS hardening and defensive security of web application platforms (ex. think about integration of WAF+BeeF!). He is also known and respected trainer/examiner of Red Hat solutions and author of many IT Security workshops:
- Open Source Defensive Security (OSDS)
- ModSecurity → Web Application Firewall rules vs attacks
- FreeIPA → Centralised identity management system
- SELinux – Creating and managing of SELinux policies
- Advanced RHEL/Centos Defensive Security & Hardening
- Post Exploitation Adversary Simulations – Network Data Exfiltration Techniques
As a speaker, trainer or just a participant, he has attended many conferences like Brucon 2017/2018, OWASP Appsec USA, FloCon 2018(“May the data stay with U!”), SuriCon 2017, HITBSecConf, AlligatorCon, WarCon, Semafor, Exatel Security Days, Confidence 2016(“Honey(pot) flavored hunt for cyber enemy), PLNOG 2016 (“Yoyo! It’s us, packets! Catch us if you can”), NGSEC 2016 (“Many security layers for many defensive opportunities”), Open Source Day 2010/2011/2012/2013/2014, SysDay 2008 (“SELinux vs exploits”), Confitura 2014 (“Detection and elimination of threats in real time – OWASP Appsensor in action.”), Red Hat Roadshow 2014, OWASP Chapter Poland 2015 (“Does your WAF can handle it?), ISSA, InfoTrams 2015, BIN Gigacon 2015 (“Mapping pen testers knowledge for the need to protect a critical IT infrastructure”).