Cyber Security Researcher · Standards Advocate · Educator

Matthew J. Harmon

Thirty years building resilient infrastructure, contributing to global security standards, and teaching teams to defend what matters.

Download Résumé Proof-of-work gated
Contact
Email
social@mjh.email
Signal
mjh.42
ORCID
0000-0003-1632-8927
Portrait of Matthew J. Harmon
Matthew J. Harmon
Profile

Security practitioner since the dial-up era

Hands-on with offensive and defensive cyber security since the 1990s. Matthew has designed and hardened UNIX-like environments—Linux, FreeBSD, OpenBSD, HardenedBSD—while teaching teams to interpret threat intelligence, hunt intrusions, and recover from incidents.

He shares his perspective through public speaking, publications, and written guidance that translate emerging threats into actionable playbooks.

Offense & Defense

Bridges red-team insights with blue-team readiness to shorten detection and response cycles.

Infrastructure Resilience

Designs secure-by-default network and cloud topologies, stress-tested against modern adversaries.

Security Education

Develops courses, workshops, and mentoring programs that raise the bar for practitioners.

Global Standards & Advisory Work

Shaping international security guidance

Matthew represented ANSI as liaison to ISO and the ITU, contributing to foundational security standards within ISO JTC 1 / SC 27, SC 31 / WG 7, and technical committees focused on fraud countermeasures and secure item management.

His work helped establish baseline expectations for radio-frequency identification security, software infrastructure protections, and smart transducer interfaces (ISO/IEC 21450, IEEE 1451).

Credentials & Training

Certifications that reinforce proven experience

Certifications

  • GIAC Security Essentials (GSEC)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Intrusion Analyst (GCIA)
  • (ISC)2 CISSP
  • Aviatrix Certified Engineer (ACE) Multi-Cloud Networking Associate
  • Gaming Commission Class E License
  • National Weather Service Certified Storm Spotter

Selected Training & Service

  • SANS MGT 414 · CISSP prep
  • SANS SEC 440 · 20 Critical Security Controls
  • ANSI "Delegate to Diplomat" program
  • Hennepin County Medical Reserve Corps volunteer
Community & Teaching

Building the next generation of practitioners

Teaching

  • SANS Instructor — SEC 401 (GSEC), 464, 504 (GCIH), 2008–2020
  • Primary Instructor, CSCI 2461 & 2462 — offensive/defensive security and Linux, 2018–2020
  • Weekly mentoring sessions for emerging practitioners since 2020

Community Leadership

  • Lead Organizer, Security B-Sides MSP (2013–2017) — multi-year community conference with The Nerdery and Target Corporation
  • Founder & President, (ISC)2 Twin Cities Chapter (2012–2014)
  • Founders Award, Minnesota Cyber Security Summit
  • Minneapolis CERT and MN Medical Reserve Corps volunteer (2018–2024)
Selected Projects

Tools and resources for practitioners

CMFWYP.com

Live IP telemetry paired with Shodan and VirusTotal for instant situational awareness.

DotDotSlash.ing

A lighter look at path traversal mishaps—memes, cautionary tales, and teachable moments.

TX (TAR Extended)

Hybrid-signed archives with Reed–Solomon repair, resumable workspaces, and selective restore. Built for cold storage and trust-enforced workflows.

String Can (proof of concept)

Experimental P2P messenger with post-quantum key negotiation, proof-of-work gatekeeping, and defensive telemetry.

Seasonal Cipher

Quarterly-rotating substitution cipher for teaching key agility, shared secrets, and audit trails.

Toilet Duck

Field toolkit for sanitizing compromised systems—checklists, detection scripts, and recovery notes from real-world IR.

Publications

Research and commentary

  1. 2001
    SSH CRC32 Vulnerability CVE-2001-0144 — joint analysis with Dittrich; see archived write-up and Snort Signature 1324.
  2. 2010
    "Plugging Security Gaps," ISO Focus+ — co-authored guidance on closing RFID security exposures. Read article.
  3. 2015
    "Taking Control of IT Ops with Critical Security Controls," CSO Outlook — a pragmatic checklist for mid-market teams. Read article.
  4. 2017
    "Cyber Security Experts Panel," Minneapolis/St. Paul Business Journal — perspectives on prioritising investments amid rapid change. Read panel recap.
  5. 2025
    Co-author of GCVE-BCP-02 Practical Guide to Vulnerability Handling and Disclosure — actionable guidance for Global CVE Allocation stakeholders on coordinated vulnerability response.
Presentations & Media

Selected talks, interviews, and workshops

TechRepublic Tech Pro

2014–2015 · Contributor

Interviews on risk assessments, penetration testing, and defensive strategy.

DataCenter Dynamics

2015 · Infrastructure Forum

DDoS mitigation strategies for critical workloads.

Media Coverage

2014–2018 · KSTP, WCCO, TechRepublic

Insights on ATM skimming, breach response, and emerging threats including Noodles & Company breach analysis.