David Kennedy: Developing Adversary Capabilities

BIO

David Kennedy is the Founder of TrustedSec and Co-Founder and Chief Hacking Officer of Binary Defense Systems (BDS). David started both these companies with the belief in the betterment of the security industry and promoting the advancement of the industry through quality services. TrustedSec and BDS (both sister companies) provide consulting and MSSP services and can handle every aspect of an organization. Prior to TrustedSec and BDS, David was a Chief Security Officer (CSO) for Diebold Incorporated, an international Fortune 1000 global company.

David has had guest appearances on FoxNews, CNN, and other high-profile media outlets. David is the founder of DerbyCon, a large-scale security conference in Louisville Kentucky. David also co-authored Metasploit: The Penetration Testers Guide book which was number one on Amazon.com in security for over 6 months.

David was also one of the founding members of the “Penetration Testing Execution Standard (PTES)“. PTES is the industry leading standard and guidelines around how penetration tests should be performed and methodologies.David is the creator of several widely popular open-source tools including The Social-Engineer Toolkit (SET) and many more. David has over 12 years of security experience, with over five years specifically for information security consulting. Lastly, David was a U.S. Marine working for the intelligence community and spent several years in the middle east including Iraq.

ABSTRACT

Red teaming is often confusing with a number of other terminologies and misunderstood. Understanding an organizations threat models and building capabilities to simulate adversaries’ capabilities is a critical step in maturity around an information security program. This talk will dive into building out a red team, how it can take your security program to new levels, but also show how tooling and capabilities are equally as important. We’ll go through some live demonstrations in taking adversary attack methods and tooling and modifying them to circumvent detection capabilities today. In the demonstrations, we’ll take some commodity attacks, rewrite them live to the audience and show how we can circumvent detection methods and gain access to systems. The intent isn’t to own everything, but to improve an organizations capability to respond to an attack.