Brandon Gnash is a senior security consultant with expertise in offensive security, application security, and advanced vulnerability research. He has extensive experience identifying, analyzing, and exploiting complex security flaws across diverse technologies. Brian recently rejoined K2 Integrity/Leviathan Security Group after a few years in other roles outside the firm.
Before returning to Leviathan, Brandon served as a senior application security engineer at Cruise, leading threat modeling initiatives and performing security assessments across mobile applications, internal services, backend infrastructure, and CI/CD pipelines. Prior to that, he was a senior offensive security engineer at Zoom, where he conducted post-launch vulnerability research on production services and features.
Brandon began his career at K2 Integrity/Leviathan Security Group, starting as a junior consultant and rising to senior technical services lead. In that role, he oversaw the development and performance of a team of four security consultants while conducting a broad range of security assessments. His work included black-box and source-assisted application testing, mobile and web application evaluations, and network penetration testing.
Brandon is skilled in multiple programming languages, including PHP, Java, JavaScript, Python, and C, and he maintains hands-on expertise across web and mobile application security testing. He holds the Offensive Security Certified Professional (OSCP) and OffSec Wireless Professional (OSWP) certifications.