STM Cyber is a Polish IT security company made up by a team of highly-qualified specialists with years of hands-on experience in analyzing, planning, implementation, administering, and providing technical support for IT security systems.

By adding passion, commitment and professionalism to knowledge combined with experience, we advise, design, introduce, optimize and assist in maintaining customized solutions protecting sensitive information within the customer’s organization.


The experience gained through years of practice in the IT security sector shows that effective data protection requires ceaseless supervision at each stage of its life, from downloading from the database, to transferring within the organization, to the moment the information leaves the company. Each stage carries the threat of deliberate or unintentional data leak, and either one may result in loss of business.

The question of data protection, combined with the need to define user roles and authorizations, as well as to put in place proper security policy rules demonstrate that the foundation of corporate IT security is the introduction of specialist concepts and projects. Those offered by STM Cyber not only protect a company assets, but also integrate with existing products to form a cohesive and complementary architecture.

We have cooperated with private and public organizations from the financial, fuel, energy and banking sectors , as well as business whose operation requires industrial automation systems. Projects we run have been implemented in companies around the globe.
Our team is divided into 4 departments, each of them pay close attention to detail in order to ensure the final result is of the highest quality.


  • Penetration, issue-based and profiled tests
  • Post-incident analyses – including manual and automatic malware analysis
  • Maintenance and management of anti-DDoS, Content Security Policy, DLP, Sandbox and other implementations
  • Automatic vulnerability scan with manual verification
  • Manual and automated application fuzzing


  • Comprehensive security audits
  • Personal data protection:
    • Implementation of personal data protection policy
    • Supervision over personal data processing, i.e. outsourcing the role of data security administrator
  • Implementation of information security management systems (ISMS) in compliance with the international ISO/IEC 27001 norm
  • Implementation of business continuity management systems (BCMS) in compliance with the international ISO 22301 norm
  • Security-related risk analyses, preparation of documentation related to the operation of data security supervision departments


  • Analysis of security incidents related to breach of integrity, confidentiality, or availability of data assets in IT environments and industrial automation environments
  • Design, implementation and optimization of the architecture of functional and operational Data Security Monitoring Centers


  • Planning, management and verification of IT design works
  • Coordination and supervision of work performed by all teams
  • Defining the project scope in cooperation with the client
  • Supervision over works schedule according to documentation