Today, in addition to being a prolific SANS instructor and course author, Adrien is an independent penetration tester in both the Government and private sectors around the world.
A sought-after instructor known for his engaging, straight-forward style, professionalism, and real-world experience and examples, Adrien has taught a plethora of SANS courses. Thus showing his depth and breadth of knowledge in penetration testing, vulnerability assessment, incident handling, and intrusion detection.
To Adrien, teaching at SANS is an opportunity to pay forward the investment his mentors and teachers made to him throughout his career. This is a chance to share his knowledge and experience while learning from the research he does to teach the material covered in a SANS course. “And, it’s rewarding to see a student who was struggling, finally understand what rooting a box feels like,” he says. “I love what I do, I am either hacking or teaching how to hack!”
Adrien has taught SANS SEC504 Hacker Tools, Techniques, and Incident Handling; SEC460 Enterprise Threat and Vulnerability Assessment; SEC560 Network Penetration Testing and Ethical Hacking; SEC542 Web App Penetration Testing and Ethical Hacking.
Adrien contributed to the OSSTMM3, Hacking Exposed Linux (3rd Edition), Security Incident Handling Step-by-Step Guide (SANS), the Security Incident Management Capability Maturity Model (Bell) and other vulnerability assessment and security management frameworks as well as methodologies such as SANS courseware.
A long-term volunteer member of the SANS Internet Storm Center, where he performs incident handling and threat analysis, Adrien also holds GSEC, GPEN, GWAPT, GCIA, GCIH, GXPN, OPSA, OPST, MCSE and CISSP certifications.
When he’s not teaching or consulting, you’ll find Adrien hacking in his personal time…both computers and through his practice of Karate.
WATCH ADRIEN PRESENT ON PEN TESTING JWT SECURITY ISSUES:
ADDITIONAL CONTRIBUTIONS BY ADRIEN de BEAUPRE:
No SQL Injection in MongoDB applications, July 2020
Introduction to enterprise vulnerability assessment; finding Struts, June 2018
Java on the Server? What Could Possibly Go wrong?, March 2018
Modern Web Application Penetration Testing Part 1, XSS and XSRF Together, October 2019
Modern Web Application Penetration Testing Part 2, Hash Length Extension Attacks, February 2020
Modern Web Application Penetration Testing Part 3, NoSQL injection with MongoDB, June 2020