PRO+ Premium Content/Information Security

Dave Kennedy is renowned in the security industry as a co-author of Metasploit: The Penetration Tester's Guide (No Starch Press, July 2011). The bestselling book offers guidance on using the Ruby-based open source "framework" to exploit vulnerabilities in computer systems. The framework is widely used by security testers -- and hackers. A former CSO, Kennedy led the global security program at Diebold Inc. prior to starting TrustedSec, an information security assessment and consulting firm based in Strongsville, Ohio. He is also the co-founder and chief hacking officer at Binary Defense, a managed endpoint detection and response provider, located in nearby Hudson; the company's technology incorporates the Penetration Testing Execution Standard that he co-founded. In addition to his work as a white hat hacker, Kennedy is a frequent speaker at industry events and one of the founders of DerbyCon, a security conference in Louisville, Kentucky. Here, he chats with Marcus Ranum -- once a skeptic of penetration testing -- about purple ...