About
I help organizations secure their applications and other workloads in cloud environments,…
Articles by Brandon
Contributions
-
What do you do if your public speaking skills are holding you back from advancing as a trainer or coach?
Practice, practice, practice. People strangely assume that public speakers are just "born with it". They don't think this way about any other skill. Pilots aren't born: they practice flying in a controlled environment. Similarly, you must practice public speaking. You can start with a group of friends, move up to a local meetup, and before you know it, you'll be speaking at large conferences. Just do it!
-
What do you do if you're a software developer facing industry challenges without mentorship?
Your organization has a responsibility to foster mentorship between senior and junior developers. Unfortunately, this is happening less and less due to layoffs and developers having to take on additional responsibilities. It's a tough economy. Still, if you've been with a company for a while and aren't learning, there are still good companies out there who will help you grow. Getting help outside of your full-time job is great, but it'll be difficult to learn how to solve real-world problems when your mentors are not working in the same domain.
-
What are some of the best practices or tips for using network security tools in a cloud environment?
Understand that identity is the new perimeter, but it isn't the *only* perimeter. Cloud experts might view network controls as an excuse for not maintaining software security or implementing other, arguably more important controls. If you are doing cloud networking right, these are not mutually exclusive. They can even complement each other. One great example is private endpoints: you can require that your data in cloud PaaS platforms is only accessible from the private network using IAM conditions (ex. aws:SourceVpce). Don't give up security fundamentals just because there are more advanced controls out there.
Activity
-
🌞 Join Us at SANS New York City Summer 2024! 🌞 Attention Cybersecurity professionals! This summer, elevate your cybersecurity skills with SANS…
🌞 Join Us at SANS New York City Summer 2024! 🌞 Attention Cybersecurity professionals! This summer, elevate your cybersecurity skills with SANS…
Liked by Brandon Evans
-
Exploring the intricate world of cyber security... just like peeling layers of an onion! Remember, it's not just about the surface level.
Exploring the intricate world of cyber security... just like peeling layers of an onion! Remember, it's not just about the surface level.
Liked by Brandon Evans
-
Don't worry if you couldn't make it to Brandon Evans latest workshop. It's available to view AND complete at https://lnkd.in/gcnH79Pz
Don't worry if you couldn't make it to Brandon Evans latest workshop. It's available to view AND complete at https://lnkd.in/gcnH79Pz
Liked by Brandon Evans
Experience
-
SANS Institute
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Education
Volunteer Experience
-
Lead Developer - Hack for the Community 2018
Lead Developer - Hack for the Community 2018
McNeilly Center for Children
-
Volunteer Coach
Vanderbilt University Debate Team
Licenses & Certifications
-
SANS Certified Instructor
SANS Institute
Publications
-
2024 Cloud Security Trends and Predictions - Wait Just an Infosec
SANS Institute
Is Your Cloud a Fort or a Target? ☁️
In this 2nd of a 4 part series in January on 2024 Trends and Predictions, SANS Certified Instructor and cloud security champion, Shaun McCullough, joins us as guest host to discuss his 2024 cloud security trends and predictions.
Shaun is joined by guests Brandon Evans and Eric Johnson to talk cloud security trends and predictions through the lens of their vast experience with and knowledge of cloud attack techniques, monitoring, and threat…Is Your Cloud a Fort or a Target? ☁️
In this 2nd of a 4 part series in January on 2024 Trends and Predictions, SANS Certified Instructor and cloud security champion, Shaun McCullough, joins us as guest host to discuss his 2024 cloud security trends and predictions.
Shaun is joined by guests Brandon Evans and Eric Johnson to talk cloud security trends and predictions through the lens of their vast experience with and knowledge of cloud attack techniques, monitoring, and threat detection.
Leave a comment below: What's your biggest cloud security concern for 2024?Other authorsSee publication -
Configuring the Future: Addressing Network and Configuration Risks in Modern Cloud Security
SANS Institute
The evolution of cloud technologies has ushered in a new era of opportunities, but with it comes a unique set of challenges, particularly in the realms of configuration and network security. This talk will shed light on the modern practices and strategies essential for safeguarding cloud environments against configuration missteps and network vulnerabilities. We'll dissect real-world scenarios where configuration errors led to breaches and delve into network risks that are often overlooked. By…
The evolution of cloud technologies has ushered in a new era of opportunities, but with it comes a unique set of challenges, particularly in the realms of configuration and network security. This talk will shed light on the modern practices and strategies essential for safeguarding cloud environments against configuration missteps and network vulnerabilities. We'll dissect real-world scenarios where configuration errors led to breaches and delve into network risks that are often overlooked. By exploring tools, protocols, and best practices, attendees will gain insights into fortifying their cloud infrastructures. Join us on this journey through the intricacies of cloud security, ensuring that your organization remains resilient in the face of ever-evolving threats.
Other authorsSee publication -
Securely Integrate Multicloud Environments with Workload Identity Federation
SANS Institute
Organizations are becoming multicloud by choice or by chance. Many of them integrate their multiple clouds with one another to improve Availability, support Disaster Recovery, and leverage the services from each provider that best fits their needs. These integrations are usually supported with long-lived credentials. These credentials are much more valuable to attackers than those that are short-lived. Even following best practices will leave your multicloud environments less secure than their…
Organizations are becoming multicloud by choice or by chance. Many of them integrate their multiple clouds with one another to improve Availability, support Disaster Recovery, and leverage the services from each provider that best fits their needs. These integrations are usually supported with long-lived credentials. These credentials are much more valuable to attackers than those that are short-lived. Even following best practices will leave your multicloud environments less secure than their single-cloud counterparts.
Join Eric Johnson and Brandon Evans as they destroy these long-lived credentials in the Big 3 cloud providers using Workload Identity Federation. They will show how Cloud Security Engineers can securely authenticate from one cloud provider to another using short-lived, automatically rotating tokens that cannot be (ab)used in any other context. The session will conclude with a demonstration of a real multicloud web application that leverages these techniques to securely upload user data to Amazon S3, Azure Storage, and Google Cloud Storage.
Learning Objectives:
- Learn why organizations are choosing to integrate their multiple cloud environments together.
- Examine the risk posed by using long-lived credentials.
- Evaluate the benefits and limitations of following best practices with long-lived credentials.
- Observe integrations from AWS to GCP, from Azure to AWS and GCP, and from GCP to AWS and Azure.
- Understand why AWS cannot access resources in Azure without transmitting powerful Azure credentials to AWS.
- Access an open-source project to bootstrap your secure multicloud integrations.Other authorsSee publication -
Cloud Security Foundations, Frameworks, and Beyond
SANS Institute
Multicloud is a reality for organizations of all sizes. Aa a result, security leaders need to build capabilities and expertise for any cloud provider that the business chooses. How can security professionals get a handle on this complex world of cloud security?
For the first time, in this book, we have security leaders from the three major cloud providers – Amazon Web Services (AWS), Microsoft Azure, Google Cloud – along with independent technical experts from SANS Institute sharing…Multicloud is a reality for organizations of all sizes. Aa a result, security leaders need to build capabilities and expertise for any cloud provider that the business chooses. How can security professionals get a handle on this complex world of cloud security?
For the first time, in this book, we have security leaders from the three major cloud providers – Amazon Web Services (AWS), Microsoft Azure, Google Cloud – along with independent technical experts from SANS Institute sharing where cloud security has been, mistakes that have been made along the way, and what the future may hold.
The book covers foundational principles and strategies for cyber defense to mitigate risk. A key part of this is understanding the myths, missteps and best practices that arise in cloud migration. As
organizations mature, a more comprehensive plan is also required. This is where Zero Trust provides important architectural principles for modern security capabilities. Looking forwared even further artificial intelligence (AI) promises to help improve our cloud security posture and ability respond to threats even more effectively.
As you go through this book I suggest using it as a guide. Know that there will be many twists and turns on your journey but, by leveraging the practices introduced here, you can get a handle on cloud security.Other authorsSee publication -
Cloud Agnostic or Devout? How Cloud Native Security Varies in EKS/AKS/GKE
RSA Conference
Building apps for one environment is hard, but rewriting them to run elsewhere is a nightmare. An increasing number of organizations are using containerization to solve this problem, creating portable runtimes that are "identical" on-prem and in the cloud. In theory, "cloud native" technologies like containers and Kubernetes (K8s) should enable teams to implement security controls that are effective regardless of the environment in which their "cloud agnostic" microservices are…
Building apps for one environment is hard, but rewriting them to run elsewhere is a nightmare. An increasing number of organizations are using containerization to solve this problem, creating portable runtimes that are "identical" on-prem and in the cloud. In theory, "cloud native" technologies like containers and Kubernetes (K8s) should enable teams to implement security controls that are effective regardless of the environment in which their "cloud agnostic" microservices are running.
However, in reality, the security of containers greatly depend on the K8s engine used. Each of the Big 3 Cloud providers have their own engine flavors: Amazon's Elastic Kubernetes Service (EKS), the Azure Kubernetes Service (AKS), and the Google Kubernetes Engine (GKE). The same K8s cluster can be secure in one environment and insecure in another. Even though K8s was designed by Google, GKE has such significant security pitfalls that a deployment with the default settings can result in the total compromise of the organization's entire Google Cloud Platform account!
Guided by The Center for Internet Security's benchmarks and his own experience in the field, Brandon will help you navigate through the security nuances of each cloud provider's K8s engine. He will deploy a K8s application to a cloud Kubernetes engine, demonstrate some of the exploits that can be performed on insufficiently hardened instances, and walk through the effective and sometimes shockingly simple mitigations. When the presentation concludes, you will feel empowered to help your organization build and defend cloud native applications that are not cloud agnostic, are not cloud devout, but are truly cloud consistent. -
Cloud Agnostic or Devout? Part 2: Why Securing Multiple Clouds Using Terraform is Harder Than You Think
SANS Institute
The movement towards multicloud has been growing momentum with no end in sight. Over 50% of the respondents to the SANS 2022 Multicloud Survey not only use all of the Big 3 Cloud Providers (AWS, Azure, and Google Cloud), but they also use all of the next three most popular CSPs (Alibaba Cloud, Oracle Cloud, and IBM Cloud).
Organizations look to so-called “cloud-agnostic” technologies to manage this complexity. One such technology, Terraform, allows you to define cloud infrastructure as…The movement towards multicloud has been growing momentum with no end in sight. Over 50% of the respondents to the SANS 2022 Multicloud Survey not only use all of the Big 3 Cloud Providers (AWS, Azure, and Google Cloud), but they also use all of the next three most popular CSPs (Alibaba Cloud, Oracle Cloud, and IBM Cloud).
Organizations look to so-called “cloud-agnostic” technologies to manage this complexity. One such technology, Terraform, allows you to define cloud infrastructure as code and deploy it for many different cloud providers. Given that Terraform supports all of the top 6 CSPs, this means that an organization can produce a single set of Terraform code to securely configure them all…right?
In this blog, Brandon Evans, SANS Certified Instructor and Lead Author of SEC510: Public Cloud Security: AWS, Azure, and GCP, will explain why this is not true despite the perception of many security professionals. Not only will he demonstrate that Terraform does not work this way, but he will prove why it is practically impossible for any tool to work this way. With this understanding, attendees will learn the real, more difficult techniques required to consistently apply security controls across CSPs using Terraform.
This blog post is related to Brandon’s RSA Conference 2023 presentation, "Cloud Agnostic or Devout? How Cloud Native Security Differs Between EKS, AKS, and GKE”. While watching the RSAC presentation is not a prerequisite for reading this blog post, viewers who are interested in one will likely be interested in the other.
Associated webcast: https://youtu.be/rCFuXJtxjzg -
Evo Cyber Security #29 - The Future of Application Security
The Evolution Exchange Cyber Security Podcast
Join host James Price as he delves into the future of application security with a panel of industry experts. Cris Rodriguez from Sabre Corporation, Brandon Evans from SANS Institute, Mick Gomm from Medallia, and Jamie Prosser from Verizon share their insights on managing application security, automation, pen testing, and more. Get valuable tips and strategies for staying ahead in the ever-evolving landscape of application security. Don't miss this informative and engaging episode!
Other authorsSee publication -
DNS Security in Multicloud Environments
SANS Institute and Infoblox
The SANS Institute report on DNS security in multicloud environments documents findings from a wide-ranging survey of the global cybersecurity community. Read to learn:
• Where respondents are struggling with DNS visibility into remote users and devices.
• Why IT security teams are adding DNS to their next-gen firewalls rather than using DNS-layer security tools.
• How the majority of respondents are using DNS for visibility across their multicloud environments to empower threat…The SANS Institute report on DNS security in multicloud environments documents findings from a wide-ranging survey of the global cybersecurity community. Read to learn:
• Where respondents are struggling with DNS visibility into remote users and devices.
• Why IT security teams are adding DNS to their next-gen firewalls rather than using DNS-layer security tools.
• How the majority of respondents are using DNS for visibility across their multicloud environments to empower threat investigation and incident response. -
Cloud Security Podcast by Google EP111 How to Solve the Mystery of Application Security in the Cloud?
Cloud Security Podcast by Google
Topics covered:
• What got you interested in security and motivated you to make this your area of focus? You came from a developer background, right?
• Occasionally we hear the sentiment that “developers don’t care about security,” how would you counter it (and would you?)?
• How do we encourage developers and operations to use the appropriate security controls and settings in the cloud? Is “encourage” the right word?
• Can we really achieve “secure by default” but for…Topics covered:
• What got you interested in security and motivated you to make this your area of focus? You came from a developer background, right?
• Occasionally we hear the sentiment that “developers don’t care about security,” how would you counter it (and would you?)?
• How do we encourage developers and operations to use the appropriate security controls and settings in the cloud? Is “encourage” the right word?
• Can we really achieve “secure by default” but for developers?
• What do you think are the main application security issues that developers need to deal with in the cloud?
• You mentioned software supply chain security, do you treat this as a part of application security? How important is this, realistically, for an average organization and its developers?
• Going to our favorite subject of threat detection, how do you think we can better encourage developers to supply the logs necessary for our detection and response teams to act upon?Other authorsSee publication -
SANS 2022 Multicloud Survey: Exploring the World of Multicloud
SANS Institute
Market research shows that organizations are increasingly adopting a multicloud strategy. This survey examines how this trend has continued over the years and its implications for security teams. Amazon Web Services (AWS), Microsoft Azure, and Google Cloud are still far and away the Big Three providers, though this survey indicates that IBM, Oracle, Alibaba, and others are also utilized at an impressive scale. Respondents stated that their organizations overwhelmingly valued…
Market research shows that organizations are increasingly adopting a multicloud strategy. This survey examines how this trend has continued over the years and its implications for security teams. Amazon Web Services (AWS), Microsoft Azure, and Google Cloud are still far and away the Big Three providers, though this survey indicates that IBM, Oracle, Alibaba, and others are also utilized at an impressive scale. Respondents stated that their organizations overwhelmingly valued "cloud-agnosticism," meaning that they would like the ability to run their workloads on multiple cloud providers. Stakeholders for these organizations might actively choose to go multicloud to leverage the best services for their goals at the best price, with many porting workloads from one cloud to another in real-time to maximize cost savings. Many other respondents work with organizations that organically became multicloud through mergers and acquisitions.
These business trends pose security challenges. Forbes notes that "each major public cloud platform uses a different approach and tools for protecting its infrastructure." Many respondents stated that they are "not at all" prepared to secure certain cloud services, including some of the simplest and most foundational services. If these respondents use three cloud providers, they should feel three times as unprepared as if they were using one. This problem will likely increase alongside multicloud adoption, especially when, as the Forbes article indicates, the security "talent crunch meets the budget crunch" amidst economic uncertainty.
Multicloud and its security issues are here to stay. The authors of this report hope to inform the readers of the hard work ahead of them, warn the industry that they are far away from reaching their ideal state, and highlight the technologies and techniques practitioners are using to cope with the onslaught of challenges brought about by the vast multicloud service landscape.Other authorsSee publication -
Cloud Security: Making Cloud Environments a Safer Place
SANS Institute
Large enterprises are increasingly operating in a multicloud environment, either by choice or by chance. As a result, organizations, security teams, and we—as security professionals—are on a continuous journey to develop multicloud security capabilities to enable businesses and effectively respond to the changing threat landscape.
In this book we have, for the first time, a coming together of security leaders from Microsoft Azure, Google Cloud, and independent technical experts from SANS…Large enterprises are increasingly operating in a multicloud environment, either by choice or by chance. As a result, organizations, security teams, and we—as security professionals—are on a continuous journey to develop multicloud security capabilities to enable businesses and effectively respond to the changing threat landscape.
In this book we have, for the first time, a coming together of security leaders from Microsoft Azure, Google Cloud, and independent technical experts from SANS Institute who are sharing their
perspectives on building cloud security capabilities as well as best practices for key cloud security pillars.
This book starts with a view on cloud-specific threats that can inform cloud security strategies. What follows is foundational information for key areas such as IAM, data security, and visibility. But often, foundational information does not provide enough direction. People typically learn best when making mistakes and learning lessons the hard way. Knowing this, the contributors to this book convey these lessons in the form of various security anti-patterns that highlight important “not to do” items. Cases studies like these highlight cloud security weaknesses and what you can do to shore them up. As they say, experience is often the best, if not bitterest, teacher. So please, take some time to learn from the experience of these expert contributors. Don’t leave your cloud security journey to chance.Other authorsSee publication -
Multicloud Security is Inevitable: Fact or Fiction
SANS Institute
Major enterprises are multicloud by choice or by chance. Is a shift to multicloud architectures inevitable? What do security teams need to do in preparation? Attend this session to hear a lively discussion including a brief history of technology, the current state of cloud, and how it all may inform where cloud security is headed.
Other authorsSee publication -
CloudWars Episode III - Revenge of the Hacks
SANS Institute
Tune in to the final chapter of this security saga as Eric Johnson and Brandon Evans recount another horrific cloud war story.
YouTube: https://www.youtube.com/watch?v=Y-C-UpovXbMOther authorsSee publication -
Cloud Wars: Episode II - Attack of the Packets
SANS Institute
The transition from on-premise to cloud-hosted networking is complicated. Many organizations fail because they attempt to replicate their on-premise networks in the cloud, rather than redesigning cloud networks that take advantage of new features and security controls. Join SANS Instructors Eric Johnson and Brandon Evans for a session discussing cloud-native networking architecture designs, features, and security controls that can help you avoid building an unmanageable cloud…
The transition from on-premise to cloud-hosted networking is complicated. Many organizations fail because they attempt to replicate their on-premise networks in the cloud, rather than redesigning cloud networks that take advantage of new features and security controls. Join SANS Instructors Eric Johnson and Brandon Evans for a session discussing cloud-native networking architecture designs, features, and security controls that can help you avoid building an unmanageable cloud network.
YouTube: https://www.youtube.com/watch?v=g6RpTQbPiH0Other authorsSee publication -
Cloud Wars: Episode I - The IAM Menace
SANS Institute
Vulnerabilities are synergistic. A bunch of small findings can add up to one big catastrophe. This is especially true in the cloud, where a single compromised instance can be used to escalate IAM privileges and take over an entire account.
SANS Senior Instructor Eric Johnson has seen this countless times in the field. Join Eric as he discusses one of his cloud IAM war stories with Certified Instructor Brandon Evans. This story will demonstrate how attackers pivot within the cloud, which…Vulnerabilities are synergistic. A bunch of small findings can add up to one big catastrophe. This is especially true in the cloud, where a single compromised instance can be used to escalate IAM privileges and take over an entire account.
SANS Senior Instructor Eric Johnson has seen this countless times in the field. Join Eric as he discusses one of his cloud IAM war stories with Certified Instructor Brandon Evans. This story will demonstrate how attackers pivot within the cloud, which cloud permissions need to be scrutinized, and how to segment your organization to protect your cloud assets.
YouTube: https://www.youtube.com/watch?v=8V-Uc_nou2oOther authorsSee publication -
Multi-Cloud Anomaly Detection: Finding Threats Among Us in the Big 3 Clouds
RSA Conference
Attackers are using our clouds against us. As the cloud providers introduce new services, adversaries are learning how to co-opt their features and resources. The 2019 Capital One breach illustrates how immense damage can be wrought on a cloud account using its own API calls and internal network. Monitoring for anomalies with actions taken on and within the cloud is key to identify potential compromises. Although logs are created for nearly every action taken in the cloud, if organizations fail…
Attackers are using our clouds against us. As the cloud providers introduce new services, adversaries are learning how to co-opt their features and resources. The 2019 Capital One breach illustrates how immense damage can be wrought on a cloud account using its own API calls and internal network. Monitoring for anomalies with actions taken on and within the cloud is key to identify potential compromises. Although logs are created for nearly every action taken in the cloud, if organizations fail to monitor them, they are useless.
This session will demonstrate live how defenders can unlock the full potential of their cloud audit logs. We will examine the logging and monitoring capabilities that are built-in to the Big 3 Cloud Providers. In one of our several live demonstrations, we will identify anomalies in our cloud private network flow logs. After querying the traffic metadata, we will discover infrequent communications from our cloud infrastructure to an unknown host over an irregular port. This will lead us to examine the traffic contents on our cloud host using a sniffer or traffic mirror. Upon further analysis, we can recognize that the host is exfiltrating data using DNS queries containing the Base32 encoded message chunked into blocks of 63 characters. This traffic is generated via an advanced piece of malware that was shipped as a Trojan horse using the Node Package Manager (NPM). To remedy this compromise, we will show how to leverage Terraform, a cloud Infrastructure-as-Code utility, to automatically lock-down traffic in each of our private clouds.
When we can block attacks, we should. When we cannot, our next best recourse is to identify them and limit the damage they produce. Each cloud provider has powerful tools to collect and visualize potential indicators of compromise. However, these are useless if we do not use them. With the right tools, training, and personnel, security engineering and operations can thrive in the cloud. -
SANS ICS Hot Take: Cloud Security
SANS Institute
We about the challenges organizations face when integrating cloud services into the control network. We cover security requirements, data collection, service management and other issues relating to selecting a cloud service provider or integrating a cloud service.
Other authorsSee publication -
Multiple Clouds Require Multiple Solutions: AWS, Azure, & GCP
SANS Institute
Organizations in every sector are increasingly adopting cloud offerings to build their online presence. However, although cloud providers are responsible for the security of the cloud, their customers are responsible for what they do in the cloud. Unfortunately, the providers have made the customer's job difficult by offering many services that are insecure by default. Worse yet, with each provider offering hundreds of different services and with many organizations opting to use multiple…
Organizations in every sector are increasingly adopting cloud offerings to build their online presence. However, although cloud providers are responsible for the security of the cloud, their customers are responsible for what they do in the cloud. Unfortunately, the providers have made the customer's job difficult by offering many services that are insecure by default. Worse yet, with each provider offering hundreds of different services and with many organizations opting to use multiple providers, security teams need a deep understanding of the underlying details of the different services in order to lock them down. As the landscape rapidly evolves and development teams eagerly adopt the next big thing, security is constantly playing catch-up in order to avert disaster.
The Big 3 cloud providers alone provide more services than any one company can consume. As security professionals, it can be tempting to limit what the developers use to the tried-and-true solutions of yesteryear. Unfortunately, this approach will inevitably fail as the product development organization sidelines a security entity that is unwilling to change. Functionality drives adoption, not security, and if a team discovers a service offering that can help get its product to market quicker than the competition, it can and should use it. SEC510 gives you the ability to provide relevant and modern guidance and guardrails to these teams to enable them to move both quickly and safely.
Join Brandon and Eric in this webcast as they walk through the details of the new 5-day SEC510: Public Cloud Security: AWS, Azure, and GCP course.Other authorsSee publication -
More Servers, More Problems: How Serverless Changes and Reduces Risk
SANS Institute
Security professionals face the daunting challenge of keeping up with constantly changing technology trends. By the time security has a handle on a new programming paradigm, product development has been using it in production for months, if not years. Worse yet, new tech is normally designed with security as an afterthought, introducing risks that will need to be managed rapidly.
Despite all of this, in this presentation, SANS Instructor Brandon Evans will illustrate that Serverless is…Security professionals face the daunting challenge of keeping up with constantly changing technology trends. By the time security has a handle on a new programming paradigm, product development has been using it in production for months, if not years. Worse yet, new tech is normally designed with security as an afterthought, introducing risks that will need to be managed rapidly.
Despite all of this, in this presentation, SANS Instructor Brandon Evans will illustrate that Serverless is actually a breath of fresh air for security. Although it might initially seem complex and intimidating, it reduces risk when compared to traditional application architecture by shrinking the customers portion of the Shared Responsibility Model. Additionally, it empowers security automation that would otherwise be impractical. Overall, as Serverless continues to mature, Brandon argues that it will become the recommended practice from security teams. -
Instructor Spotlight: Brandon Evans, SEC510 Lead Author
SANS Institute
After becoming a SANS Certified Instructor, I shared details on my journey, advice for aspiring technologists, and some fun facts about myself.
Other authorsSee publication -
Secure Service Configuration in AWS, Azure, & GCP
SANS Institute
Multiple clouds require multiple solutions. In an ideal world, you could learn the core concepts of cloud computing and
apply them to whatever cloud provider your organization uses. Unfortunately, we live in a world where each of the top three most popular cloud platforms, Amazon Web
Services (AWS), Microsoft Azure, and the Google Cloud Platform (GCP), radically differ from one another in both
design and implementation. These differences affect how security professionals must…Multiple clouds require multiple solutions. In an ideal world, you could learn the core concepts of cloud computing and
apply them to whatever cloud provider your organization uses. Unfortunately, we live in a world where each of the top three most popular cloud platforms, Amazon Web
Services (AWS), Microsoft Azure, and the Google Cloud Platform (GCP), radically differ from one another in both
design and implementation. These differences affect how security professionals must operate in each environment.
This poster compares and contrasts the popular security services of each major cloud provider. By identifying insecure defaults and little-known security features,
you can ensure the security of your organization's assets across each public cloud environment.
The contents of this poster are based on material from SEC510: Public Cloud Security: AWS, Azure, and GCP. For more information, visit sans.org/SEC510Other authorsSee publication -
Firebase: Google Cloud's Evil Twin
SANS Institute
Firebase allows a frontend application to connect directly a backend database. Security wonks
might think the previous sentence describes a vulnerability, but this is by design. Released in
2012, Firebase was a revolutionary cloud product that set out to "Make Servers Optional". This
should raise countless red flags for all security professionals as the application server
traditionally serves as the intermediary between the frontend and backend, handling
authentication and…Firebase allows a frontend application to connect directly a backend database. Security wonks
might think the previous sentence describes a vulnerability, but this is by design. Released in
2012, Firebase was a revolutionary cloud product that set out to "Make Servers Optional". This
should raise countless red flags for all security professionals as the application server
traditionally serves as the intermediary between the frontend and backend, handling
authentication and authorization. Without it, all users could obtain full access to the database.
Firebase attempts to solve this by moving authentication and authorization into the database
engine itself. Unfortunately, this approach has several flaws. -
Profile of a 0-Day
Security Innovation Blog
A detailed write up of an unintended 0-day I found in the InstaFriends Cyber Range by Security Innovation with two of my co-workers, Jessica Wood and Kirill Kulakov. We ethically disclosed the vulnerability and helped the development team patch it.
Other authorsSee publication -
Detecting and Locking Down Network-Based Malware in Azure
SANS Institute
With the evolution of cloud-based protections and secure application development frameworks, fewer organizations are susceptible to having their databases dumped with server-side exploits. Faced with this, data thieves are getting more sophisticated with their techniques. One novel approach is abusing the Domain Name System (DNS) protocol to quietly exfiltrate data. Although DNS traffic is often overlooked, the major cloud providers have made it easier than ever to examine it, detect data loss,…
With the evolution of cloud-based protections and secure application development frameworks, fewer organizations are susceptible to having their databases dumped with server-side exploits. Faced with this, data thieves are getting more sophisticated with their techniques. One novel approach is abusing the Domain Name System (DNS) protocol to quietly exfiltrate data. Although DNS traffic is often overlooked, the major cloud providers have made it easier than ever to examine it, detect data loss, and lock down the network to prevent similar attacks in the future. This post will illustrate this process using a Node.js application deployed to Microsoft Azure.
-
Multicloud Command-Line Interface Cheat Sheet
SANS Institute
Graphical User Interfaces (GUIs) are so passé. "Real hackers" use Command-Line Interfaces (CLIs). Why should the cloud be any different? This cheat sheet provides commands, tips, and tricks for the Amazon Web Services, Azure, and Google Cloud Platform CLIs.
For more details on how to use this cheat sheet, see this video demo: https://www.youtube.com/watch?v=3WjlmhxJ9OA -
Top 5 Considerations for Multicloud Security
SANS Institute
The move to leveraging multiple public cloud providers introduces new challenges and opportunities for security and compliance professionals. As the service offering landscape is constantly evolving, it is far too easy to prescribe security solutions that are not accurate in all cases. This paper will examine five critical considerations for securely using the three biggest public cloud providers: Amazon Web Services, Microsoft Azure, and the Google Cloud Platform. While it is tempting to…
The move to leveraging multiple public cloud providers introduces new challenges and opportunities for security and compliance professionals. As the service offering landscape is constantly evolving, it is far too easy to prescribe security solutions that are not accurate in all cases. This paper will examine five critical considerations for securely using the three biggest public cloud providers: Amazon Web Services, Microsoft Azure, and the Google Cloud Platform. While it is tempting to dismiss the multicloud movement or block it at the enterprise level, this will only make the problem harder to control. By embracing multicloud as inevitable and working to understand it, security and compliance professionals can help move the organization forward safely.
-
Attacking Serverless Servers
serverlessDays Nashville / SANS@Mic / serverlessDays Virtual
Join Brandon to get an in-depth understanding of serverless security from an attacker's perspective. In this session, Brandon will demonstrate how a compromised function can be used to gain sensitive credentials and pivot to other services through live demonstrations on AWS Lambda, Azure Functions, and Google Cloud Functions.
Also presented for a SANS@Mic talk on 03/25/2020: https://sansurl.com/attacking-serverless / https://www.youtube.com/watch?v=DegAofI3fR0
Also presented for…Join Brandon to get an in-depth understanding of serverless security from an attacker's perspective. In this session, Brandon will demonstrate how a compromised function can be used to gain sensitive credentials and pivot to other services through live demonstrations on AWS Lambda, Azure Functions, and Google Cloud Functions.
Also presented for a SANS@Mic talk on 03/25/2020: https://sansurl.com/attacking-serverless / https://www.youtube.com/watch?v=DegAofI3fR0
Also presented for serverlessDays Virtual on 04/29/2020: https://www.youtube.com/watch?v=H4WoQd2yVJQ&t=142m54s -
Secure by Default? Scoring the Big 3 Cloud Providers
SANS Institute
This presentation provides a technical comparison of the default configurations for various services provided by the Big 3 Cloud Providers: AWS, Azure, and the Google Cloud Platform. It compares services apples to apples, preferring platforms powered by open-source software where possible. Using a consistent methodology, I score each provider in a variety of categories and give each a report card. Attendees are provided resources to evaluate these services for themselves and introduce…
This presentation provides a technical comparison of the default configurations for various services provided by the Big 3 Cloud Providers: AWS, Azure, and the Google Cloud Platform. It compares services apples to apples, preferring platforms powered by open-source software where possible. Using a consistent methodology, I score each provider in a variety of categories and give each a report card. Attendees are provided resources to evaluate these services for themselves and introduce alternative viewpoints.
Topics include: the strength of access controls for file storage solutions (AWS S3, Azure Storage, and Google Cloud Storage), encryption of data in-transit and at rest for managed SQL servers (AWS RDS, Azure Database, and Google Cloud SQL), management and invocation privileges for serverless functions (AWS Lambdas, Azure Functions, and Google Cloud Functions), and much more.
Our goal is to bring attention to the importance of scrutinizing default settings, especially for new functionality. With better awareness, we can hold our providers to a higher standard to make the path of least resistance a safe one. Long-term, we should push for the ability to better control what actions and configurations are allowed within our cloud accounts. -
Security by Persuasion: How to Use Debate Tactics to Enhance Your Company's Security Posture
Greater Nashville Technology Council
In software development, there is always a balance between functionality and security. As anyone in the field knows, the only perfectly secure system is one that contains no sensitive data, is off of the network, and is powered down. For the benefit of our customers and shareholders, technology companies must balance these goals.
This can feel like a Herculean task due to the different priorities and values of team members. Technologists view product managers and salespeople as renegades…In software development, there is always a balance between functionality and security. As anyone in the field knows, the only perfectly secure system is one that contains no sensitive data, is off of the network, and is powered down. For the benefit of our customers and shareholders, technology companies must balance these goals.
This can feel like a Herculean task due to the different priorities and values of team members. Technologists view product managers and salespeople as renegades who are willing to jeopardize everything just to deliver a fancy new feature on-time. On the other-side, engineers are oftentimes viewed as impractical and naïve curmudgeons who care more about saying "no" than actually moving the needle. How can these differences be reconciled?
The truth is that we are really not so different. Regardless of how a person juggles quality, security, and agility, everyone wants to deliver value for our customers and shareholders in a responsible way. If our high-level incentives appear not to be aligned, we have a communication problem, not an idealogical one.
This presentation will demonstrate how subtle changes in how engineers communicate their concerns can drastically increase the persuasiveness of their message. Topics will include incentive alignment, language accessibility, building credibility, and being a team player without compromising your ideals.
At times, it is tempting to dismiss the other side as simply being wrong and unwilling to listen. Unfortunately, without influence, change is impossible. The more extreme of a position a person takes, the more they alienate those around them, even those who generally agree with them. By simply using a softer touch, it is possible to improve the security posture of an organization while finding allies across the aisle. -
Give Hacking a Try...You Might Just Be Great!
Security Innovation Blog
Blog post encouraging people to join Security Innovation's March Hackness Tournament and covering my experience at 2019 AppSec California where I won their previous Capture the Flag.
Originally published here: https://blog.securityinnovation.com/give-hacking-a-tryOther authorsSee publication -
Best Security Practices for Amazon RDS with Sequelize
SolutoNashville
I describe the most secure configuration for connecting to a relational database on Amazon RDS using the Node.js ORM Sequelize.
-
Ask Brandon, a Software Engineer
I was given a wonderful opportunity to write about my role working on a platform by Asurion.
Other authorsSee publication -
How to Hackathon in 5 Easy Steps
SolutoNashville
I provide some tips for how to make your hackathon experience a success.
Courses
-
Argumentative Theory
RHET 354
-
Automata Theory & Formal Languages
CS 373
-
Computer Systems III
CS 320
-
Data Structures & Algorithms
CS 240
-
Design & Analysis of Algorithms
CS 375
-
Discrete Mathematics
MATH 314
-
Ethical, Social and Global Issues in Computing
CS 301
-
Introduction To Data Mining
CS 435
-
Microcontrollers And Robotics
CS 424
-
Operating Systems
CS 350
-
Probability with Statistical Methods
MATH 327
-
Programming Languages
CS 471
-
Programming with Objects
CS 140
-
Software Engineering
CS 445
-
Calculus III
MATH 323
-
Linear Algebra
MATH 304
-
DEV540: Secure DevOps and Cloud Application Security
DEV 540
-
DEV541: Secure Coding in Java/JEE: Developing Defensible Applications
DEV 541
-
SEC401: Security Essentials Bootcamp Style
SEC 401
-
SEC542: Web App Penetration Testing and Ethical Hacking
SEC 542
-
SEC560: Network Penetration Testing and Ethical Hacking
SEC 560
-
SEC540: Cloud Security and DevOps Automation
SEC 540
Projects
-
Serverless Prey
- Present
Serverless Prey is a collection of serverless functions (FaaS) for GCP Functions, Azure Functions, and AWS Lambda. Once launched to the environment and invoked, these functions establish a TCP reverse shell for the purposes of introspecting the container runtimes of the various function runtimes.
This repository also contains research performed using these functions, including documentation on where secrets are stored, how to extract sensitive data, and identify monitoring / incident…Serverless Prey is a collection of serverless functions (FaaS) for GCP Functions, Azure Functions, and AWS Lambda. Once launched to the environment and invoked, these functions establish a TCP reverse shell for the purposes of introspecting the container runtimes of the various function runtimes.
This repository also contains research performed using these functions, including documentation on where secrets are stored, how to extract sensitive data, and identify monitoring / incident response data points.Other creatorsSee project -
Cloud Ace Podcast Season 1
-
Cloud Ace is your go-to podcast for in-depth expert discussions on all topics that touch cloud security. Information security professionals can tune in for fresh perspectives on building and managing secure cloud infrastructure, platforms, and applications. The insight shared by our experts on this podcast transcends cloud, making it valuable for professionals across all fields of cyber security.
Cloud Ace podcast delivers actionable insight through interviews with some of the top minds…Cloud Ace is your go-to podcast for in-depth expert discussions on all topics that touch cloud security. Information security professionals can tune in for fresh perspectives on building and managing secure cloud infrastructure, platforms, and applications. The insight shared by our experts on this podcast transcends cloud, making it valuable for professionals across all fields of cyber security.
Cloud Ace podcast delivers actionable insight through interviews with some of the top minds leaving their mark in cloud security. Cloud Ace covers the full gamut of cloud topics from multi-cloud and public cloud, to containers, threat detection, cloud pen testing, DevSecOps, automation and everything in between.
Here are some of Cloud Ace's peak chart rankings:
• #12 Technology Apple Podcast, #25 Spotify Podcast in U.S.
• #14 Technology Apple Podcast, #24 Spotify Podcast in Great Britain
• #1 Technology Apple Podcast in Bahrain
• #1 Technology Apple Podcast in Qatar
• #2 Technology Apple Podcast in the Republic of Trinidad and Tobago
• #3 Technology Apple Podcast in Cambodia
• #7 Technology Apple Podcast in Finland
• #7 Technology Apple Podcast in Ireland
• #7 Technology Apple Podcast in the United Arab Emirates
• #7 Technology Apple Podcast in Malaysia
• #12 Technology Apple Podcast in Slovakia
• #13 Technology Apple Podcast in Australia
• #13 Technology Apple Podcast in Saudi Arabia
• #13 Technology Apple Podcast in TurkeyOther creatorsSee project -
Pixel Puzzles
-
Fill the grid in your browser or print the puzzle to complete by hand. Edit the puzzle or generate your own using any image. Share puzzles with your friends and family!
The application has two game modes: the "Classic" puzzles require you to copy each square's pattern to the associated coordinates, while Nonogram puzzles work like so: https://en.wikipedia.org/wiki/Nonogram
This is a completely browser-based React application. All file manipulation is done in the browser using the…Fill the grid in your browser or print the puzzle to complete by hand. Edit the puzzle or generate your own using any image. Share puzzles with your friends and family!
The application has two game modes: the "Classic" puzzles require you to copy each square's pattern to the associated coordinates, while Nonogram puzzles work like so: https://en.wikipedia.org/wiki/Nonogram
This is a completely browser-based React application. All file manipulation is done in the browser using the File Web API. I spent 12 calendar days developing it: four days in July 2021 to create the core application, three days September of 2021 to implement image cropping, one day in October of 2021 to make a minor fix, and four days in September of 2022 to implement the nonogram game mode. -
Cyber42 Cybersecurity Leadership Simulation
-
An online simulation and game for the SANS Cybersecurity Management Curriculum. "Teams play to improve the state of security for a fictional organization. Just as in real life, any program has constraints, such as time, money, and resources. Students are required to manage their resources even amongst changing tides and requirements within the organization. They must capitalize on the schedule and available resources to accomplish necessary tasks in a timely and effective manner. Team members…
An online simulation and game for the SANS Cybersecurity Management Curriculum. "Teams play to improve the state of security for a fictional organization. Just as in real life, any program has constraints, such as time, money, and resources. Students are required to manage their resources even amongst changing tides and requirements within the organization. They must capitalize on the schedule and available resources to accomplish necessary tasks in a timely and effective manner. Team members interact with one another in order to maximize the results of their program. This type of interactive simulation puts students in real-world scenarios that spur discussion, critical thinking of situations, and melding of different points of view and personalities that they will encounter at work."
I created the web application adaptation of Cyber42. Students can create an account, form a team, and provide their answers to the various events via a form. After providing a response, they will immediately be informed of the consequences of the selected action and see their updated scores. The platform is designed to allow authors to create different versions of the game without modifying any application code.Other creatorsSee project -
untappdScraper Web
-
Web application to scrape and analyze Open-Source Intelligence (OSINT) from untappd.com
Other creatorsSee project -
CMD+CTRL New Scoreboard (Security Innovation)
-
Extensively tested the new scoreboard for CMD+CTRL by completing all 461 challenges in their Cyber Range Suite (https://www.securityinnovation.com/training/cmd-ctrl-cyber-range-security-training/cyber-range-suite/) and providing detailed feedback and bug reports.
Other creatorsSee project -
Contact Portal
-
As a part of Hack for the Community 2018, we were posed the following problem by our non-profit, the McNeilly Center for Children, and their stakeholders, Marty Mayer, Nelda Fulghum, and Shellie Fossick: how can we better keep in contact with the caretakers of the children we educate? These parents and guardians often don't have email accounts nor consistent phone numbers (many of their cellular devices are provided by the government). Additionally, they didn't have a budget for this project…
As a part of Hack for the Community 2018, we were posed the following problem by our non-profit, the McNeilly Center for Children, and their stakeholders, Marty Mayer, Nelda Fulghum, and Shellie Fossick: how can we better keep in contact with the caretakers of the children we educate? These parents and guardians often don't have email accounts nor consistent phone numbers (many of their cellular devices are provided by the government). Additionally, they didn't have a budget for this project, meaning we couldn't build this with any services that required recurring payments.
We came up with two related web-based applications to tackle this challenge:
Firstly, we created an administrator portal where employees of the McNeilly Center can manage records for their families and students, associating each child with a classroom. They can then use the portal to send blast SMS messages to each caretaker in a given family, each with a student in a particular classroom, each with a student at one of the McNeilly Center's two locations, or each in the entire system. The portal also contains admin management utilities.
Secondly, we created a self-service kiosk that families can use to update their contact information and add additional contacts. All changes are reflected in the administrator portal. The kiosk can be loaded on a cheap tablet that the caretakers are provided regularly when signing in students.
The application was built on a React.js frontend and a Dockerized Node.js backend. It is hosted on Microsoft Azure and utilizes Twilio, both of which have programs for non-profits which suited our needs. With their expected volume, we project that running this service will not cost the non-profit anything for over a decade. The application is now running in production.
Our development team is listed below. Additional contributors include, Michelle Panell, our Lead Project Manager, and Steven Ojeda, who wrote our User Manual and manual testing plan.Other creatorsSee project -
lichess.org
-
Open-source contributor to lichess.org, an online chess website serving tens of thousands of players at all times.
• Overhauled the board editor: https://github.com/ornicar/lila/issues/2632
• Created a Dockerized implementation of the website and backend services: https://github.com/BrandonE/lichocker
• Performed various other stylistic improvements and bug fixes.
Pull requests:
•…Open-source contributor to lichess.org, an online chess website serving tens of thousands of players at all times.
• Overhauled the board editor: https://github.com/ornicar/lila/issues/2632
• Created a Dockerized implementation of the website and backend services: https://github.com/BrandonE/lichocker
• Performed various other stylistic improvements and bug fixes.
Pull requests:
• https://github.com/ornicar/lila/pulls?utf8=%E2%9C%93&q=is%3Apr+is%3Aclosed+author%3ABrandonE
• https://github.com/ornicar/chessground/pulls?utf8=%E2%9C%93&q=is%3Apr+is%3Aclosed+author%3ABrandonE
• https://github.com/veloce/lichobile/pulls?utf8=%E2%9C%93&q=is%3Apr+is%3Aclosed+author%3ABrandonE -
Smartvue S12
-
The Smartvue S12 platform and software stack delivers scalable and cost effective video capture, security, transport, storage, management, and distribution worldwide. Manage your video from anywhere in the world with a simple and elegant interface.
Core Features:
• High-definition live video feeds
• A searchable timeline of archived video with markers for events such as motion and user-created bookmarks
• Custom recording schedules (Including recording only when motion is…The Smartvue S12 platform and software stack delivers scalable and cost effective video capture, security, transport, storage, management, and distribution worldwide. Manage your video from anywhere in the world with a simple and elegant interface.
Core Features:
• High-definition live video feeds
• A searchable timeline of archived video with markers for events such as motion and user-created bookmarks
• Custom recording schedules (Including recording only when motion is occurring)
• Ability to remotely store archived video to enable storage in larger volumes and allow for access in the event of the system being stolen or destroyed.
• Custom views for organizing cameras across multiple sites
• Support for over 100 camera models from over 10 manufacturers
• E-Mail and SMS alerts (Motion, user login, etc.)
• User interfaces for graphically illustrating the position of the installed cameras at a given site or all of your sites on a global mapOther creatorsSee project -
Binghamton Student Association Employee Time Sheet
-
• Created a web-based application to enable the tracking of hours worked by Student Association employees.
• Eliminated the possibility of forged or inaccurate data by requiring employees to clock-in and out through the application and restricting access to the work sites.
• Significantly reduced the project’s expenses by enabling the organization to install the application on inexpensive servers instead of buying costly dedicated machines.
• Provided administrative tools to provision…• Created a web-based application to enable the tracking of hours worked by Student Association employees.
• Eliminated the possibility of forged or inaccurate data by requiring employees to clock-in and out through the application and restricting access to the work sites.
• Significantly reduced the project’s expenses by enabling the organization to install the application on inexpensive servers instead of buying costly dedicated machines.
• Provided administrative tools to provision accounts for employees and their managers as well as generate reports of a user’s worked hours over a specified period.
• Delivered on all of the requested functionality on a tight timeline.
• Developed using a PHP and MySQL back-end and seamlessly integrated into the site's existing layout.Other creators -
2048-SendGrid
-
A 2048 clone that is controlled by E-Mail. Just send your move (Up, Down, Left, or Right) in the body to move@2048.bymail.in to move the tiles. The results are synchronized to every client's screen. The page shows a list of all of the users who have submitted moves and what they were. Created for the 2014 HackBU Hackathon, in which it won "Best use of the SendGrid API".
-
Binghamton Speech and Debate
-
Developed and maintained a platform on which people around the world can participate in online debates. Helped administrate online debate tournaments with over 100 participants. Created an video archive with over 50 policy debate videos. Developed administrative tools for my director to use to manage the site without assistance or web development experience.
Other creators -
BizHawk
-
A multi-system emulator written in C#. As well as quality-of-life features for casual players, it also has recording/playback and debugging tools, making it the first choice for TASers (Tool-Assisted Speedrunners).
• Original developer of IntelliHawk, an emulation core for the Intellivision: https://github.com/TASEmulators/BizHawk/tree/master/src/BizHawk.Emulation.Cores/Consoles/Intellivision
• Wrote several "movie importers", which translated input files generated from one emulator…A multi-system emulator written in C#. As well as quality-of-life features for casual players, it also has recording/playback and debugging tools, making it the first choice for TASers (Tool-Assisted Speedrunners).
• Original developer of IntelliHawk, an emulation core for the Intellivision: https://github.com/TASEmulators/BizHawk/tree/master/src/BizHawk.Emulation.Cores/Consoles/Intellivision
• Wrote several "movie importers", which translated input files generated from one emulator to BizHawk
• Enhanced various tools used by speed runners, such as the ones used to analyze and search through values in the console's RAM. -
Towers of Hanoi Demonstration
-
Wikipedia describes The Towers of Hanoi as a mathematical puzzle that has become a popular example of the concept of recursion. On this page, we have provided the puzzle, several options used to create variations of it, a method of playing these games manually, and solutions to many of the combinations. We made this program to educate, entertain, and strive for the best solutions to these variations.
Other creatorsSee project
Honors & Awards
-
2nd Place at the 2019 Middle Tennessee Cyber Conference Capture the Flag
Middle Tennessee Cyber Conference
-
First Runner-up for the DEF CON 27 CMD+CTRL Capture the Flag
Security Innovation
-
Mackelprang Pwnie Award
Asurion
-
Winner of the 2019 MusicCityCon Capture the Flag
Security Innovation
-
Top Scorer at LetSee Capture the Flag
Security Innovation
-
Winner of the 2019 March Hackness Capture the Flag
Security Innovation
-
Winner of the 2019 AppSec California Capture the Flag
Security Innovation
-
Winner of the 2017 Asurion Hackathon (Nashville)
Asurion
-
Best use of the SendGrid API
SendGrid
-
All-American
Cross Examination Debate Association
-
National Debate Scholar (Summa Cum Laude)
Cross Examination Debate Association
-
National Public Debate Award (2nd Place)
Cross Examination Debate Association
Languages
-
English
Native or bilingual proficiency
Recommendations received
14 people have recommended Brandon Join now to view
More activity by Brandon
Just delivered my latest SANS Institute workshop! The moral of the story: if it exists, it might be exploitable. This includes *security…
Shared by Brandon Evans
Welcome to Chapter 3 of this epic adventure, where we find ourselves at a pivotal moment, ready to embark on a journey of transformation with a path…
Liked by Brandon Evans
Not to be missed! Brandon has created a masterpiece workshop that's FREE TO ATTEND! Join now!
Liked by Brandon Evans
It's finally time! Join my workshop in less than 10 minutes to learn about a critical security feature and how it can be exploited. This was months…
Shared by Brandon Evans
Other similar profiles
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Brandon Evans in United States
697 others named Brandon Evans in United States are on LinkedIn
See others named Brandon Evans