David Kennedy

Founder, Senior Principal Security Consultant

Experience

David is a cybersecurity authority whose mission is to drive the industry forward and make the world a more secure place. In addition to creating two large-scale cybersecurity firms, David has testified before Congress on issues of national security and has appeared as a subject matter expert on hundreds of national news and TV shows.

Education & Certifications

QSA, CISSP, OSCP, OSCE, GSEC, MCSE, ISO 27001

Professional Affiliations

Prior to creating TrustedSec, David was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company. As a forward thinker in the security field, David has had the privilege of speaking at some of the nation’s largest conferences, including Microsoft’s BlueHat, DEF CON, Black Hat, and DerbyCon, which he co-created in 2011 and expanded into DerbyCon Communities.

David is a regular contributor and subject matter expert on cybersecurity stories for Fox News, CNN, Bloomberg, BBC, and other high-profile media outlets. Further, his tools have been featured on a number of TV shows and movies, and he served as Technical Consultant for the critically acclaimed Mr. Robot TV show.

David served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. David also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.

Industry Contributions

In an effort to advance the industry, David co-authored ‘Metasploit: The Penetration Testers Guide’ and co-founded the ‘Penetration Testing Execution Standard’ (PTES), which is the industry standard for penetration tests and has been adopted by the Payment Card Industry (PCI). David is the creator of several popular open-source tools, including ‘The Social-Engineer Toolkit’ (SET), PenTesters Framework (PTF), Artillery, and Fast-Track. In addition to focusing on research, David has released a number of security advisories, including zero-days.

Passion for Security

David Kennedy’s passion for the information security industry is the reason TrustedSec was born. He wanted to build an organization that helps others in a profound way, serving as technical security experts and advisors to companies of all sizes and industries.

In addition to his formal achievements, David donates his time and wisdom by speaking with civic leaders and students about the importance of security. Bedford High School, David’s alma mater, named its Kennedy Center for Gaming and Leadership in his honor.

Recent Blog Posts

From the Desk of the CEO: Securing the Future – Junior and Internship Programs

By David Kennedy
In Uncategorized
When TrustedSec first started, the vision was to build a team of amazing individuals that were passionate, dedicated, and focused on helping organizations fix the issues they face in cybersecurity. While we may have accomplished this, there’s always more to do. At TrustedSec, our mission to contribute to the industry and community has always remained...
Read

Critical Exposure in Citrix ADC (NetScaler) – Unauthenticated Remote Code Execution

By David Kennedy
In Application Security Assessment, Penetration Testing, Security Testing & Analysis
On December 17, 2019, Citrix released a critical advisory that allows for remote code execution. Advisories like these come out often for organizations, and critical exposures are nothing new for any company. However, when digging into the remediation step details, this advisory gave a substantial amount of information on the exploit itself. What makes this...
Read

A Message of Support: Coalfire Consultants Charged

By David Kennedy
In Physical Security
If you haven’t been following recent news, two Coalfire employees, Gary DeMercurio and Justin Wynn, were performing a Physical Penetration Test against a Judicial Branch Building, the Dallas County Courthouse in the state of Iowa. The two employees were engaged by the Iowa State Judicial Branch to conduct the Physical Penetration Test, which is an...
Read
View all posts from David

Recent Webinars

The Evolution of Pen Testing

Recorded June 20th, 2018 AT 1:00 PM EST Real-world attacks don’t always align with previous pen testing techniques – Tools have caught up! The most challenging aspect of security today is understanding the real-world effectiveness of your existing security controls.  With the latest...
Watch
View all webinars from David

Recent Podcasts

TrustedSec Security Podcasts

Merry Christmas

January 20, 2020

DerbyCon Victory Lap!

January 20, 2020

Intelligence and an End to USB Espionage?

January 20, 2020
Dave Kennedy

Want to work with David Kennedy or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us