Adrien de Beaupre

Adrien de Beaupré realized from an early age that he was better at breaking things than fixing them. When he read The Cuckoo's Egg by Clifford Stoll about the hunt for a computer hacker who broke into a computer at the Lawrence Berkeley National Laboratory, Adrien realized that he could put his special talents to work in an information security career.

Adrien spent the better part of three decades in the I.T. industry, over 20 of those specializing in information security, making him an experienced penetration tester, team lead, and senior information security professional. During that time, Adrien had the opportunity to be on the team of Vancouver 2010 Winter Olympic Games security assessment.

More About Adrien


Adrien was a prolific SANS instructor and course author, as well as an independent penetration tester in both the Government and private sectors around the world.

To Adrien, teaching at SANS was an opportunity to pay forward the investment his mentors and teachers made to him throughout his career. “It’s rewarding to see a student who was struggling, finally understand what rooting a box feels like,” he said. “I love what I do, I am either hacking or teaching how to hack!”

Adrien contributed to the OSSTMM3, Hacking Exposed Linux (3rd Edition), Security Incident Handling Step-by-Step Guide (SANS), the Security Incident Management Capability Maturity Model (Bell) and other vulnerability assessment and security management frameworks as well as methodologies such as SANS courseware.

Furthermore he was a long-term volunteer member of the SANS Internet Storm Center, performing incident handling and threat analysis

Adrien sadly passed away in late 2023. He is fondly thought about and missed by his SANS friends and counterparts.




No SQL Injection in MongoDB applications, July 2020

Introduction to enterprise vulnerability assessment; finding Struts, June 2018

Java on the Server? What Could Possibly Go wrong?, March 2018

Modern Web Application Penetration Testing Part 1, XSS and XSRF Together, October 2019

Modern Web Application Penetration Testing Part 2, Hash Length Extension Attacks, February 2020

Modern Web Application Penetration Testing Part 3, NoSQL injection with MongoDB, June 2020