Brandon Evans

"Brandon was superb. One of the best instructors I've ever had (in my 30 years). His intimate knowledge of the course material, complemented by his extensive experience is unmatched. His ability to integrate the course ware with specific real-world examples allows for an easy to understand course." - David Wayland

Brandon is an independent consultant conducting penetration tests, performing secure code reviews, and assessing the overall security posture of each environment across multiple clouds. Most importantly, he provides comprehensive, practical, actionable, and easy to understand solutions to address his findings.

He started his professional career as a software engineer with Smartvue Corporation, an Internet-of-Things video surveillance startup that has since been acquired by Johnson Controls. He then continued as a software engineer at Asurion. After creating many web applications over the years, he eventually wanted to try something new. He was offered a spot in the Security Mavens program at Asurion, and jumped at the chance. After taking three SANS courses, Brandon knew that security was where he belonged, so quickly transferred to the internal product security team performing secure code reviews, conducting penetration tests, developing secure coding patterns, and evangelizing the importance of creating secure products.

Brandon understands that one of the biggest barriers between development and security is the conflicting cultures. Developers want to develop. Security wants to have 100% security. These two goals are mutually exclusive! Given his experience in both areas, Brandon has been able to support both types of professionals reach across the aisle to improve DevSecOps at their organization. He believes that in order to prescribe solutions to development teams, one must walk a mile in their shoes. Brandon is happy to walk side-by-side with you as you face these challenges head on, constantly reminding you that you're not alone. Secure development is hard! Brandon is a cloud agnostic expert teaching multi cloud security to hundreds of students annually. He prides himself in making his classes fun, engaging, and memorable with the sharing of personal experience, war stories, polling the audience, and telling relevant jokes.

Throughout his security journey, Brandon has earned five GIAC certifications - GPCS (#1), GCSA, GPEN, GSTRT, GWAPT, GSEC, and GSSP-JAVA as well as the GIAC AWS Secure Builder Micro-Credential. Most recently he earned Microsoft Certified: Azure Security Engineer Associate, as well as the AWS Certified Security - Specialty certification and he holds a Bachelor's Degree in Computer Science from Binghamton University, where in his senior year, Brandon won the “Best Use of the SendGrid API” at the HackBU Hackathon. Additionally, he has won four Security Innovation Capture the Flag events, also placing second at their CTF at DEF CON 27, and in 2017 Brandon won the Asurion Hackathon for making an Alexa skill for cellphone support. Brandon taught the first ever cohort at the Vanderbilt University Web Development Coding Bootcamp in 2019, he’s a contributor to the OWASP Serverless Top 10 Project, and a co-leader for the Nashville OWASP chapter. He is also a faculty member of the SANS Technology Institute, an NSA Center of Academic Excellence in Cyber Defense and multiple winner of the National Cyber League competition.

In his spare time, Brandon enjoys playing the drums, chess, classic video games, and rock climbing.

ADDITIONAL CONTRIBUTIONS BY BRANDON EVANS

• Cloud Ace podcast, Season 1

SPEAKING ENGAGEMENTS

• Cloud Agnostic or Devout? How Cloud Native Security Differs Between EKS, AKS, and GKE, RSA Presentation, April 2023
• Multi-Cloud Anomaly Detection: Finding Threats Among Us in the Big 3 Clouds, May 2021

WEBCASTS / VIDEOS

• Prevent Real Cloud Attacks with Terraform
• The Cloud Won't Save You from Ransomware: Here's What Will
• Critical Vulnerability Spotted in Microsoft Defender: What You Need to Know
• Prevent Cloud Incidents from Becoming Cloud Breaches
• Secure Service Configuration Poster Resource Demo
• Multicloud Command Line Interface Cheat Sheet Walkthrough and Demo
• Securely Integrate Multicloud Environments with Workload Identity Federation, Sept 2023
• WORKSHOP: Multicloud Data Security, June 2023
• Myth of Cloud Agnostisism: Why Securing Multiple Clouds Using Terraform Is Harder Than You Think, May 2023
• SANS 2023 Multicloud Survey: Navigating the Complexities of Multiple Clouds, Dec 2023
• The Myth of Cloud Agnosticism: Why Securing Multiple Clouds Using Terraform is Harder Than You Think, May 2023
• SANS 2022 Multicloud Survey: Exploring the World of Multicloud, Dec 2022
• SANS 2022 Cloud Security Exchange, Aug 2022

LIVESTREAMS

• Multicloud Security Is Inevitable: Fact or Fiction, Sept 2022
• CloudWars Episode 1: The IAM Menace, March 2022
• CloudWars Episode 2: Attack of the Packets, April 2022
• CloudWars Episode 3: Revenge of the Hacks, May 2022

WHITEPAPERS

• Multicloud Survey: Exploring the World of Multicloud, Dec 2022

• Firebase: Google Cloud's Evil Twin, Oct 2020
• Top 5 Considerations for Multicloud Security, April 2020

TOOLS & MORE

• Nymeria, tool
• Secure Service Configuration in AWS, Azure, & GCP poster
• Multicloud Cheat Sheet
• Attack in Autumn 2020: Profile of a 0-Day, Sept 2020
• Serverless Prey Project, Serverless Prey is a collection of serverless functions (FaaS) for GCP Functions, Azure Functions, and AWS Lambda. Once launched to the environment and invoked, these functions establish a TCP reverse shell for the purposes of introspecting the container runtimes of the various function runtimes.

BLOGS

• Confused Deputy Vulnerability in Microsoft Defender for Cloud and What You Need to Know About It, July 2024
• Prevent Cloud Incidents from Becoming Cloud Breaches, March 2024
• Cloud Agnostic or Devout?, April 2023