Profile
Brandon is a Senior Application Security Engineer at Asurion. In this role, Brandon provides security services for thousands of his coworkers in product development across several global sites responsible for hundreds of web applications. This includes performing secure code reviews, conducting penetration tests, developing secure coding patterns, and evangelizing the importance of creating secure products.
Previously serving as a software engineer at Asurion, he worked on their Tech Expert service, which offers personalized help, guidance and tips across all of the customer's connected devices. Additionally, he has served as a Security Maven for Asurion since early 2018, where he has acquired his GSEC, GSSP-JAVA, GWAPT, GPEN, and GCSA certifications, attended the 2019 AppSec California Conference, and won five Security Innovation Capture the Flag events, also placing second at their CTF at DEF CON 27. Prior to Asurion, Brandon was a developer for Smartvue Corporation, an Internet-of-Things video surveillance startup that has since been acquired by Johnson Controls.
In his spare time, he is also an Instructor at the Vanderbilt University Web Development Coding Bootcamp and a contributor to the OWASP Serverless Top 10 Project. Brandon has a Bachelor's Degree in Computer Science from Binghamton University, where he was also a competitive member of their debate team.
Hear Brandon talk about attacking serverless servers in this SANS webcast from March 2020:
Additional Contributions By Brandon Evans
WHITEPAPERS:
Top 5 Considerations for Multi-cloud Security
WEBCASTS:
SEC510: Multicloud Security Assessment and Defense
Attacking Serverless Servers: Reverse Engineering the AWS, Azure, and GCP Function Runtimes