At present, LionSec cooperates with Securitum in the delivery of cybersecurity projects. As a result, certain services presented in the offering may be delivered in cooperation with the Securitum team or directly within the scope of this collaboration.
The scope and delivery model of individual services depend on the nature of the project, its scale, and the client’s organizational requirements. Detailed information regarding the availability and execution of specific services is provided individually during the initial contact stage.
To discuss available cooperation options, please contact us at contact@lionsec.pl or via the contact form.
Penetration testing involves a practical assessment of the security of information systems by simulating real-world attacker activities. The scope may include web applications, desktop applications (thick client, kiosk, terminal), IT infrastructure, Active Directory, Windows environments, and cloud platforms. The goal is to identify vulnerabilities that can be realistically exploited and to assess their impact on the organization. The results are delivered in clear reports with actionable remediation recommendations.
Red Teaming is an advanced security assessment that simulates realistic attack scenarios conducted by an external adversary. The activities span multiple attack vectors and focus on achieving clearly defined business objectives, such as gaining access to critical systems or sensitive data. Engagements are performed in a controlled and agreed manner, with minimal impact on production environments. Red Teaming helps evaluate not only technical controls but also organizational procedures and response capabilities.
APT simulations are long-term, multi-stage engagements designed to replicate the tactics, techniques, and procedures of real-world APT groups. Such engagements may last from several weeks to several months and involve gradual escalation, persistence, and evasion of defensive mechanisms. The objective is to realistically assess an organization’s resilience against advanced, targeted threats. This approach often reveals weaknesses that remain undetected during short-term security tests.
Black Teaming focuses on testing an organization’s physical security and related access control mechanisms and procedures. The scope may include facilities, restricted areas, access control systems, and staff response to security incidents. Activities are conducted in close coordination with the client and based on predefined scenarios. The objective is to identify weaknesses that could be exploited to gain unauthorized physical access to infrastructure or systems.
Post-breach analysis involves identifying the root cause of a security incident, the attack vector, and the scope of system compromise. The work focuses on analyzing logs, system artifacts, and traces left by the attacker. The objective is to fully reconstruct the incident timeline and assess its impact. The findings serve as a foundation for remediation actions and for preventing similar incidents in the future.
Malware analysis involves the technical examination of malicious software to determine its functionality, behavior, and potential impact. The work includes both static and dynamic analysis, with observation of the sample in a controlled environment. The objective is to understand infection mechanisms, communication patterns, and persistence techniques. The results can be used to improve detection, response, and mitigation capabilities.
Ransomware incident response support covers activities performed immediately after detection of an attack as well as during the incident lifecycle. The scope may include analysis of the initial attack vector, assessment of the extent of encryption, identification of persistence mechanisms, and support during recovery efforts. The goal is to limit the impact of the attack and prevent recurrence. The service emphasizes rapid, responsible, and well-coordinated actions.
LionSec delivers cybersecurity training tailored to the technical level and roles of participants. The offering includes technical training for IT and security teams, as well as awareness training for non-technical staff. Training programs are based on real-world attack scenarios and practical examples. The objective is to measurably improve organizational security through knowledge, awareness, and understanding of modern threats.
