Dave Kennedy Headshot
Report a problem with this profile
[email protected]

Dave Kennedy  

Founder of Binary Defense & TrustedSec

David is a cybersecurity authority whose mission is to drive the industry forward and make the world a more secure place. In addition to creating two large-scale cybersecurity firms, David has testified before Congress on issues of national security and has appeared as a subject matter expert on hundreds of national news and TV shows.

TrustedSec and Binary Defense, the two firms that David founded and continues to own, both work on a global scale to protect companies, people, and the world from malicious hackers. TrustedSec provides Information Security consulting services for organizations of all sizes, while Binary Defense is a leading Managed Security Service Provider (MSSP) that offers Managed Detection and Response (MDR).

Prior to creating TrustedSec and Binary Defense, David was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company. As a forward thinker in the security field, David has had the privilege of speaking at some of the nation’s largest conferences, including Microsoft’s BlueHat, DEF CON, Black Hat, and DerbyCon, which he co-created in 2011 and expanded into DerbyCon Communities.

David is a regular contributor and subject matter expert on cybersecurity stories for Fox News, CNN, Bloomberg, BBC, and other high-profile media outlets. Further, his tools have been featured on a number of TV shows and movies, and he served as Technical Consultant for the critically acclaimed Mr. Robot TV show.

In an effort to advance the industry, David co-authored 'Metasploit: The Penetration Testers Guide' and co-founded the 'Penetration Testing Execution Standard' (PTES), which is the industry standard for penetration tests and has been adopted by the Payment Card Industry (PCI). David is the creator of several popular open-source tools, including 'The Social-Engineer Toolkit' (SET), PenTesters Framework (PTF), Artillery, and Fast-Track. In addition to focusing on research, David has released a number of security advisories, including zero-days.

Prior to his work in the private sector, David served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. David also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.

In addition to his formal achievements, David donates his time and wisdom by speaking with civic leaders and students about the importance of security. Bedford High School, David's alma mater, named its Kennedy Center for Gaming and Leadership in his honor.  

Speech Topics


Moving Ahead and Beyond Common Tool Detections

There’s no question that companies continue to try and get better when it comes to detecting attacks in multiple phases. Instead of just patching and hoping for the best, organizations are spending a substantial amount of investment in trying to detect the “well what if they get through” situation. As companies focus on enhanced detection capabilities, the focus is often hard to grasp in what to actually look for – there is so much. This talk will dive into where we see most companies fail at detection and how red teams are helping push the bar forward in not just leveraging a checklist, but focusing on the identification of attack patterns in varying levels of sophistication. The over reliance on technology as a method for trying to jump start these programs often causes more harm than good, and we’ll dive into how effective off the shelf endpoint detection tools do when confronted with even basic attackers. As an industry, we have everything we need to get better – it’s a matter of prioritization, focus, and time.

The Hacking Age

Attackers are continuously figuring out new methods to gain access to computer systems and enterprises. Everything from Ransomware to targeted and precise attacks aimed at intellectual property theft, monetary gain, or other motives. In today’s age of hacking, it’s never been more important to understand who the hackers are and the methods they use to attack organizations. In this talk, we go into the demographics of hackers, how they are hacking, and the best defenses both from a personal perspective as well as an enterprise. It’s possible to withstand the attacks we see today with proven practices, but it requires hard work, and an understanding of who your adversaries are.

Building Defense on Known Good

There's so much to do. There's not enough people. We can only do what we can based on risk, people, politics, and budget. All common things we share across each organization. This presentation dives into how to focus on building defenses against attacks, staying ahead of the methods, and focusing on known good vs. the rest. You'll leave this talk with a way to think about defense and a way to tackle the issues we face in security today.

Compromise Analysis – Why we’re seeing so many breaches.

After looking at a number of compromises dating the past several years, there are a number of commonalities between each of them and steps that could have been used to prevent. Information security isn't a practice that will always be successful in defending however, there are key indicators of compromise to look for when an attacker is attempting to compromise an organization. During this presentation, we’ll analyze a number of data breaches and look at how a number of the breaches have occurred and how an information security program can be structured in order to defend against a lot of the attacks. Most of the causes are directly related to the human element and directly phishing. This talk will dive into how phishing techniques work, and what you can do to prevent this from happening in the future.

Abnormal Behavior Detection in Large Environments

Attack patterns are something that when it occurs is extrinsic (not natural) behavior in a infrastructure. Understanding what attack patterns look like and building an understanding of how to detect them with what you already have is possible. Most preventative technology tries in some extent to detect extrinsic behavior in an environment but falls short because of the continual changes in attack patterns and commoditized detection (sigs, etc). This talk dives into looking at what you already have in your infrastructure that you can use for intrinsic (natural) detection capabilities that doesn't rely on a specific signature, but more so on how attackers go after an organization. As an industry, we need to be detecting the extrinsic occurrences in our networks which exhibit abnormal behavior. During this presentation, we'll be covering a large percentage of techniques used by attackers, and how to detect them with what you currently have in place at your organization today.

Related Speakers View all


More like Dave