David Kennedy

Founder, Senior Principal Security Consultant

Experience

David is a cybersecurity authority whose mission is to drive the industry forward and make the world a more secure place. In addition to creating two large-scale cybersecurity firms, David has testified before Congress on issues of national security and has appeared as a subject matter expert on hundreds of national news and TV shows.

Education & Certifications

QSA, CISSP, OSCP, OSCE, GSEC, MCSE, ISO 27001

Professional Affiliations

Prior to creating TrustedSec, David was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company. As a forward thinker in the security field, David has had the privilege of speaking at some of the nation’s largest conferences, including Microsoft’s BlueHat, DEF CON, Black Hat, and DerbyCon, which he co-created in 2011 and expanded into DerbyCon Communities.

David is a regular contributor and subject matter expert on cybersecurity stories for Fox News, CNN, Bloomberg, BBC, and other high-profile media outlets. Further, his tools have been featured on a number of TV shows and movies, and he served as Technical Consultant for the critically acclaimed Mr. Robot TV show.

David served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. David also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.

Industry Contributions

In an effort to advance the industry, David co-authored ‘Metasploit: The Penetration Testers Guide’ and co-founded the ‘Penetration Testing Execution Standard’ (PTES), which is the industry standard for penetration tests and has been adopted by the Payment Card Industry (PCI). David is the creator of several popular open-source tools, including ‘The Social-Engineer Toolkit’ (SET), PenTesters Framework (PTF), Artillery, and Fast-Track. In addition to focusing on research, David has released a number of security advisories, including zero-days.

Passion for Security

David Kennedy’s passion for the information security industry is the reason TrustedSec was born. He wanted to build an organization that helps others in a profound way, serving as technical security experts and advisors to companies of all sizes and industries.

In addition to his formal achievements, David donates his time and wisdom by speaking with civic leaders and students about the importance of security. Bedford High School, David’s alma mater, named its Kennedy Center for Gaming and Leadership in his honor.

Recent Blog Posts

From the Desk of the CEO: TrustedSec Announces Professional Training Courses Online

By David Kennedy
In Online Training, Remediation Assistance & Training, Training
TrustedSec has offered customized, in-person training to our clients for several years. With the need to move toward an online platform, TrustedSec has expanded our cutting edge training to help further educate and develop the Information Security industry. These offerings are designed to be some of the most effective instructor-led and live courses available today....
Read

Securing a Remote Workforce: Top Five Things to Focus on For Everyone

By David Kennedy
In Business Risk Assessment, Managed Services, Operational Performance Maturity Assessment, Penetration Testing, Physical Security, Program Assessment & Compliance, Program Development, Program Maturity Assessment, Security Program Assessment, Security Program Management, Security Remediation, Security Testing & Analysis, Training, Vulnerability Assessment
Deploying a remote workforce is uncharted territory for some organizations, while others have been perfecting the model for years. Most security programs have different ways to handle their workforce. For on-premise users, which has traditionally used more of castle mentality where you attempt to prevent outsiders from penetrating the network perimeter (similar to a castle...
Read

From the Desk of the CEO: Remote Security Testing vs. On-Site Testing—Understanding the Difference

By David Kennedy
In Leadership
With the COVID-19 pandemic underway, we’ve all had to adjust in ways we would have never imagined. Talking with peers in the industry, having to stand up a complete remote workforce overnight has been both challenging and rewarding. While there are bound to be hiccups and lapses in security, the ability for organizations to be...
Read
View all posts from David

Recent Webinars

The Evolution of Red Teaming and Pen Testing: Integrating Adversary Simulation at Every Maturity Level

This webinar was recorded on May 6, 2020. Slides from the webinar can be found here. The security industry continues to evolve in a number of areas all designed to help companies strengthen their ability to respond to attacks. Most...
Watch

The Evolution of Pen Testing

Recorded June 20th, 2018 AT 1:00 PM EST Real-world attacks don’t always align with previous pen testing techniques – Tools have caught up! The most challenging aspect of security today is understanding the real-world effectiveness of your existing security controls.  With the latest...
Watch
View all webinars from David

Recent Podcasts

TrustedSec Security Podcasts

Merry Christmas

June 05, 2020

DerbyCon Victory Lap!

June 05, 2020

Intelligence and an End to USB Espionage?

June 05, 2020
Dave Kennedy

Want to work with David Kennedy or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us