About Crush Security
Cybersecurity consulting and security intelligence, built by practitioners who got tired of watching organizations buy the wrong tools.
The Problem We Solve
Most organizations don't have a vendor problem — they have a visibility problem. CISOs are buried under sales pitches, analyst quadrants, and point solutions that overlap, leave gaps, or both. Security budgets grow while actual coverage stays flat. Compliance becomes a checkbox exercise disconnected from real risk posture.
We built Crush Security because we lived this from the advisory side. We watched clients stack tools they didn't need, miss categories they didn't know existed, and make six-figure decisions based on a peer's recommendation at a conference.
Who We Are
Crush Security is a cybersecurity consulting firm and security intelligence platform founded in 2026 and headquartered in Wyoming. We operate at the intersection of hands-on security consulting and AI-powered vendor intelligence, helping organizations understand what they actually have, what they're missing, and what to do about it.
We're not a reseller pretending to be objective, and we're not a SaaS tool pretending to replace your security team. We're consultants first, backed by a platform that makes our advisory work faster, sharper, and evidence-based.
What We Do
Advisory & Consulting
Penetration testing, compliance certification, security architecture reviews, and vendor strategy. We're a legitimate auditing body, not a referral shop.
The Crush Security Platform
Our AI advisory engine, Cassandra, sits on top of the proprietary Crush Cyber Vendor Taxonomy — a structured classification of the cybersecurity market. Cassandra analyzes an organization's existing tool stack, maps coverage to real control frameworks, identifies gaps, and recommends vendors.
Threat Intelligence
A dedicated intelligence platform that tracks emerging threats, vulnerability trends, and adversary behavior to keep our advisory work and our clients' decisions grounded in current risk reality.
What Makes Us Different
Practitioner-built, not analyst-built.
Our platform was designed by people who've sat across the table from CISOs, not by people who've only written about them.
Advisory-first model.
Technology amplifies our consultants — it doesn't replace them. AI handles pattern matching and data analysis. Humans handle judgment, context, and accountability.
Structured intelligence, not opinion.
The Crush Cyber Vendor Taxonomy gives us a standardized way to classify, compare, and score vendor coverage. When we say there's a gap, we can show exactly where and why.
Leadership
Josh Jones
Chief Executive Officer
Co-Founder
Josh Jones brings nearly two decades of cybersecurity experience spanning enterprise sales, vulnerability management, and security strategy. A U.S. Air Force veteran, he built his career helping Fortune 100 organizations navigate complex security decisions, from software vulnerability management and endpoint protection to identity security and application defense. He's held leadership roles across enterprise cybersecurity sales where he developed a reputation as one of the most technically fluent sales leaders in the space, consistently building customer bases from the ground up. At Crush Security, Josh leads strategic vision, client relationships, and go-to-market execution. He founded the company around a simple observation from hundreds of conversations with CISOs: the cybersecurity ecosystem was built for complexity, not clarity. His mission is to change that — giving security leaders the intelligence and structure they need to make confident investment decisions without drowning in vendor noise.
Ohio State University — B.S. Business Management & Sociology
Clayton Riness
Chief Operating Officer
Co-Founder
Clayton Riness has spent over 16 years in cybersecurity with deep expertise in incident response, risk management, and security operations. He's built and led teams across penetration testing, compliance advisory, and threat analysis, and is a recognized voice in the cybersecurity community, hosting a top-25 cybercrime podcast and regularly speaking on topics ranging from phishing and ransomware to data privacy, GDPR compliance, and social engineering tactics targeting businesses of all sizes. At Crush Security, Clayton runs operations, service delivery, and the partner ecosystem. His focus on execution and process ensures every engagement — from a penetration test to a full vendor strategy build — delivers consistent, high-quality results. He also manages the growing partner and reseller relationships that fuel the platform's vendor intelligence layer.
UC Irvine, Paul Merage School of Business
Josh Johnson
Chief Technology Officer
Co-Founder
Josh Johnson is a hands-on engineering leader with 20 years of experience across cybersecurity architecture, digital forensics, incident response, and cloud infrastructure. He's served as a Field CISO and Senior Solution Architect, advising organizations on healthcare security, CMMC compliance, and recovery engineering. His career spans forensic tool development, enterprise security architecture, and building technical teams that operate under high-stakes, high-complexity conditions. At Crush Security, Josh designs and builds the entire platform end to end — from the Cassandra AI advisory engine and vendor intelligence pipeline to the compliance tooling, threat intelligence infrastructure, and Cloud architecture. He leads the engineering team and owns the technical roadmap spanning AI/ML, platform security, and multi-tenant SaaS infrastructure.