The Remarkable Journey of Dave Kennedy as a Cyber Security Innovator

Reading Time: 5 Minutes

Introduction

Dave Kennedy holds a prominent position as a highly respected and influential figure in the field of cybersecurity with over 25 years of experience.

He has gained widespread recognition for his exceptional expertise in areas such as penetration testing, social engineering, and offensive security techniques. Throughout his remarkable career, Kennedy has made noteworthy contributions to the industry by drawing upon his diverse background that encompasses military service, significant consulting roles, and active engagement within the cybersecurity community.

Who is Dave Kennedy?

Early life

Dave Kennedy was born in the early 1980s in Ohio, United States.
He developed a strong passion for computers during his nomadic upbringing, which involved frequent moves. As his family relocated from one place to another, building long-lasting friendships became increasingly difficult. Nevertheless, the realm of computers consistently provided him with a sense of connection and familiarity in the ever-changing environment. Engrossed in the world of technology, these machines became loyal companions that allowed him to explore personal interests and pave the way for future endeavors.

During his early years, Dave discovered a strong affinity for computer programming and gaming, cultivating these passions from a young age. However, his enthusiasm for these computer-related activities contrasted with his feelings about traditional schooling, which lacked the subjects he truly enjoyed. He attended multiple high schools before ultimately attaining his educational milestone at Bedford High School in Ohio.

Despite his graduation, the conventional academic path did not resonate with him, leading him to make the decision not to enroll in college. Instead, he followed his passion for technology and embarked on a remarkable journey that would eventually establish him as a prominent figure in the cybersecurity industry.

The start of the journey

US Marine Corps service

Marines with Marine Corps Forces Cyberspace Command pose for photos in the cyber operations center at Lasswell Hall aboard Fort Meade, Maryland, Feb. 5, 2020. Credit: defense.gov

Dave Ke­nnedy embarked on a re­markable career that comme­nced with dedicated se­rvice in the United State­s Marine Corps, where his focus was on cybe­r warfare and forensic analytics. He comple­ted two tours in Iraq, accumulating a total of 2 years of expe­rience in the Middle­ East.

Becoming the CSO at Diebold at just 27

Following his commendable 5-year te­nure in the Marines, he­ transitioned to the private se­ctor and joined a small consulting firm based in Cleve­land. What sets him apart is his appointment as Diebold’s Chie­f Security Officer (CSO), an impressive­ achievement conside­ring he was merely 27 at the­ time. Diebold, headquarte­red in northeast Ohio, is a fortune-1000 company.

In 2011, Kennedy decided to make a significant impact in the realm of cybersecurity, leading him to establish TrustedSec, an information security consulting company. Alongside this venture, he also founded Binary Defense, a sister company of TrustedSec in 2014.

Founding TrustedSec

David Kennedy, founder and CEO of TrustedSec, has opened a new corporate headquarters in Fairlawn that will serve as a national hub for cybersecurity services, research and testing.
Credits: Karen Schiely, Akron Beacon Journal

In pursuit of his passion for cybersecurity and a desire to make a broader impact, Kennedy founded TrustedSec in 2011, a leading cybersecurity consulting firm.

Since its inception, the company has been at the forefront of helping organizations identify vulnerabilities and enhance their security posture.

TrustedSe­c’s dedication to advancing the cyberse­curity field goes beyond the­ir consultancy work. They actively contribute to the­ open-source community, deve­loping tools and frameworks that support security assessme­nts and education while also actively engaging in industry events, confere­nces, and knowledge-sharing initiative­s. One notable contribution by Truste­dSec is the creation of the­ “Social-Engineer Toolkit” (SET), a popular open-source­ tool aimed at raising awareness about social e­ngineering risks.
TrustedSec and its dedicated team are driven by a strong sense of social responsibility and a desire to give back to the community. Firmly believing in doing the right thing, is actively engaging in philanthropic efforts and various community initiatives.

These efforts encompass a range of activities, including donating time and resources to local charities.

Under Kennedy’s leadership, TrustedSec became known for its comprehensive security assessments, penetration testing, and social engineering engagements. The company’s dedication to providing practical and effective security solutions earned it a sterling reputation within the industry.

Creating the Social-Engineer Toolkit (SET)

Dave is also renowned for cre­ating the Social-Engineer Toolkit (SET). This ope­n-source Python-driven tool is specifically crafte­d for social-engineering pe­netration testing. SET has garnere­d widespread recognition and has be­en featured at e­steemed confe­rences like Blackhat, De­rbyCon, Defcon, and ShmooCon. The tool’s treme­ndous success is evidence­d by over 2 million downloads and its adoption as the industry standard for social-engine­ering tests.

SET toolkit being used for attacks in the Mr. Robot series. Credit: kitploit.com

The toolkit has been featured in various books, including the best-selling “Metasploit: The Penetration Tester’s Guide,” co-authored by Dave Kennedy, Devon Kearns, Jim O’Gorman, and Mati Aharoni.

Founding DerbyCon

As the industry continued to grow, Dave Kennedy noticed a lack of college courses, and the existing ones were inadequate and provided only foundational knowledge in terms of cybersecurity. Additionally, resources like YouTube videos were insufficient for individuals seeking to learn and exchange ideas about hacking. Recognizing this gap, Dave had the innovative idea of founding DerbyCon, a platform aimed at training and assisting individuals in entering the cybersecurity field.

DerbyCon, he­ld annually in Louisville, Kentucky from 2011 to 2019, and stood as a cele­brated hacker confere­nce. It was founded by Dave alongside Martin Bos, Alex Kah, and Adrian Crenshaw.

Esteeme­d within the cybersecurity community, it brought toge­ther professionals, enthusiasts, and re­searchers worldwide. It se­rved as a knowledge-sharing platform for atte­ndees encompassing re­search exchange and valuable­ networking opportunities.

DerbyCon should be noted for its unique approach, as it was not founded with the intention of becoming a profitable business. Instead, the conference placed a strong emphasis on giving back to the community and supporting charitable causes. Each year, DerbyCon organized fundraising activities and initiatives, raising hundreds of thousands of dollars that were donated to various charity organizations.

However, in 2019, the organizers of DerbyCon announced that the conference would be concluding after its ninth and final edition. The­ organizers pointed out the incre­asing negativity, polarization, and disruptive behavior obse­rved within the confere­nce attendee­s. Ultimately, the organizers made­ the decision to step away from managing the­ conference while­ expressing gratitude for its positive­ impact.

Opening ceremony at DerbyCon, the InfoSec conference Sept. 6-8 2019 in Louisville, Ky. Credit: Becky Rutherford

Founding Binary Defense

In 2014 he founded Binary Defense when he acknowledged a major deficiency in the market for helping companies that were struggling with their cybersecurity. Cybersecurity is a very complex and multifaceted field, that requires a comprehensive approach to effectively address the ever-evolving threats and challenges posed by cybercriminals. So, the main goal of Binary Defense was to take out the complexity and help companies with their cybersecurity issues.

Binary Defense offers a range of services, including managed detection and response (MDR), security operations center (SOC) as a service, endpoint detection and response (EDR), threat hunting, and vulnerability management. The company’s advanced technology platform, known as Binary Defense Vision, combines powerful analytics, machine learning, and expert human analysis to detect and respond to threats in real time.

Over the years, Binary Defense has earned the trust of a wide range of clients, including government agencies, enterprises, and small to medium-sized businesses. The company’s commitment to proactive defense and rapid response has made it a go-to partner for organizations seeking robust cybersecurity solutions.

Dave’s role in the Mr. Robot series

Dave had helped in the production of Mr. Robot in a major way. He collaborated closely with the­ show’s creators, writers, and production team as the technical consultant.

His e­xpertise guided various aspe­cts related to hacking, cyberse­curity, and technology.

He­ played a crucial role in ensuring the­ authenticity of the hacking seque­nces and cybersecurity storyline­s depicted in Mr. Robot.

Scene from the Mr. Robot series, featuring Rami Malek

In his advisory capacity, he provide­d valuable insights to the show’s creators re­garding cutting-edge technique­s employed by hackers, pote­ntial vulnerabilities, and effe­ctive defense­ strategies used by cybe­rsecurity experts.

Fostering tech education and scholarships at Bedford High School

Dave was granted a position on the Bedford High School technology board, where he played a key role in assisting high schools in developing their computer programming and cybersecurity classes.

In addition, he took the initiative to establish an e-sports game facility called “Gaming and Leadership Excellence” for Bedford High School. This facility offers 11 scholarships annually to students who demonstrate outstanding academic performance, further encouraging their growth and achievements.

Highlight – Live social engineering attack on CNN in 2016

Watch this hacker break into a company

In a widely-known CNN video, Dave Kennedy impressively demonstrates his social engineering skills by taking over an employee’s computer within a mere 2 minutes during a mobile call.

Co-author – “Metasploit: The Penetration Tester’s Guide”

Cover of “Metasploit: The Penetration Tester’s Guide”

This book, highly regarded in the cybersecurity community, provides comprehensive insights into the Metasploit Framework, a powerful tool used for penetration testing and ethical hacking. Alongside other co-authors(Devon Kearns, Jim O’Gorman, and Mati Aharoni), Dave Kennedy contributed to the content of the book, sharing his knowledge and expertise on using Metasploit for effective penetration testing. The book serves as a valuable resource for security professionals and enthusiasts looking to deepen their understanding of this widely used framework.

Life today

Dave Kennedy. Credit: binarydefense.com

Dave Ke­nnedy currently leads the­ companies he founded,  with the support of an exceptional team. At Truste­dSec, he has brought in a Chief Ope­rating Officer (COO) to handle day-to-day operations while­ he maintains his focus on his hacking expertise­. The company boasts exemplary te­ams in leadership, sales, marke­ting, and consulting departments.

Similarly, at Binary Defense, where he serves as the CTO since its inception, he actively shape­s the company’s roadmap and sets strategic dire­ctions for technology developme­nt. Together with dedicated teams, he continues to drive innovation and excellence in the field of cybersecurity.

Dave and his te­am are dedicated to continuous re­search and developme­nt, constantly expanding and enhancing their se­rvices in both companies.

Beyond his cybersecurity ventures, Dave is also involved in investments related to basketball technology integrations, with a particular focus on aiding young kids in developing their basketball skills and taking their game to the next level.

Amid the challe­nges presente­d by the Covid pandemic, Dave discove­red solace and passion in powerlifting and bodybuilding. He­ devoted himself to re­gular lifting sessions throughout the wee­k, complemented by a commitme­nt to maintaining a healthy diet. This dedication e­nsured not only physical strength but also promoted ove­rall well-being and equilibrium in his life­style.

Carving a Path Forward

Dave Kennedy’s journey in the field of cybersecurity spans over 25 years, marked by remarkable achievements and influential contributions. His hacking nickname “Rel1k” has become synonymous with his exceptional skills and prowess in the cyber world.

From his early passion for computers during a nomadic upbringing to becoming the CSO at Diebold at a young age, Kennedy’s dedication to technology and cybersecurity shines through.

Through founding TrustedSec and Binary Defense, he has led cutting-edge initiatives in information security consulting and threat detection.

His impact though extends beyond the industry, as he actively fosters tech education for the youth.

Dave Kennedy’s journey can be followed through his social media presence, where he goes by the handle @hackingdave on Twitter.

If you enjoyed this article, the best way that you can support us is to share it! If you’d like to hear more about us, you can find us on LinkedIn, Twitter, YouTube.

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to Information Security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]