Cyber Security Researcher · Standards Advocate · Educator

Matthew J. Harmon

Three decades of building resilient infrastructure, championing global security standards, and mentoring teams on both sides of the cyber defense spectrum.

Download Résumé Proof-of-work gated
Contact
Email
social@mjh.email
Signal
mjh.42
ORCID
0000-0003-1632-8927
Portrait of Matthew J. Harmon
Matthew J. Harmon
Profile

Building resilient systems since the dial-up era

Matthew J. Harmon is a technologist who has been hands-on with offensive and defensive cyber security since the 1990s. He has designed and hardened UNIX-like environments—from Linux and FreeBSD to OpenBSD and HardenedBSD—while teaching teams how to interpret threat intelligence, hunt for intrusions, and recover from incidents without losing momentum.

Matthew shares his perspectives through public speaking, media contributions, and written guidance that translate complex emerging threats into actionable playbooks. He maintains a steady focus on practical, evidence-based security that meets teams where they are.

Offense & Defense

Bridges red team insights with blue team readiness to shorten detection and response cycles.

Infrastructure Resilience

Designs secure-by-default network and cloud topologies, stress-tested against modern adversaries.

Security Education

Develops courses, workshops, and mentoring programs that raise the bar for cyber practitioners.

Global Standards & Advisory Work

Helping shape international security guidance

Matthew represented ANSI as liaison to ISO and the ITU, contributing to the development of foundational security standards within ISO JTC 1 / SC 27, SC 31 / WG 7, and technical committees focused on fraud countermeasures and secure item management.

His work helped establish baseline expectations for radio-frequency identification security, software infrastructure protections, and smart transducer interfaces (ISO/IEC 21450, IEEE 1451).

Credentials & Training

Certifications that reinforce proven experience

Certifications

  • GIAC Security Essentials (GSEC)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Intrusion Analyst (GCIA)
  • (ISC)2 CISSP
  • Aviatrix Certified Engineer (ACE) Multi-Cloud Networking Associate
  • Gaming Commission Class E License
  • National Weather Service Certified Storm Spotter

Selected Training & Service

  • SANS MGT 414 · CISSP prep
  • SANS SEC 440 · 20 Critical Security Controls
  • ANSI “Delegate to Diplomat” program
  • Hennepin County Medical Reserve Corps volunteer
Selected Projects

Tools and resources built for practitioners

ModifiedJulian.Date

A precise time-synchronisation reference that presents Modified Julian Dates with clean visual context.

CMFWYP.com

Check My Footprint pairs live IP telemetry with Shodan InternetDB and VirusTotal intelligence for instant situational awareness.

DotDotSlash.ing

A lighter look at path traversal mishaps—memes, cautionary tales, and teachable moments.

TX (TAR Extended)

Hybrid-signed, parity-hardened archives with resumable workspaces, selective restore, and Reed–Solomon repair. Built for cold storage, remote recoveries, and trust-enforced workflows.

Snowflakes Specification Library

SF128 snowflake variants, compression math, and a live encoder/decoder that underpins telemetry pipelines with deduplicated log IDs ready for MsgPack/Zstd storage.

String Can (proof of concept)

Experimental peer-to-peer messenger showcasing post-quantum key negotiation, proof-of-work gatekeeping, and defensive telemetry aimed at raising the bar for small-team collaboration tooling.

Seasonal Cipher

A playful, fully documented substitution cipher that rotates mappings quarterly—great for illustrating why agility, shared keys, and audit trails matter even in lightweight puzzle tooling.

Toilet Duck

A field toolkit for sanitizing compromised systems: guided checklists, detection scripts, and recovery notes distilled from real-world IR rotations.

Publications

Research and commentary

  1. 2001
    SSH CRC32 Vulnerability CVE-2001-0144 — joint analysis with Dittrich; see archived write-up and Snort Signature 1324.
  2. 2010
    “Plugging Security Gaps,” ISO Focus+ — co-authored guidance on closing RFID security exposures. Read article.
  3. 2015
    “Taking Control of IT Ops with Critical Security Controls,” CSO Outlook — a pragmatic checklist for mid-market teams. Read article.
  4. 2017
    “Cyber Security Experts Panel,” Minneapolis/St. Paul Business Journal — perspectives on prioritising investments amid rapid change. Read panel recap.
  5. 2025
    Co-author of GCVE-BCP-02 Practical Guide to Vulnerability Handling and Disclosure — actionable guidance for Global CVE Allocation stakeholders on coordinated vulnerability response.
Presentations & Media

Selected talks, interviews, and workshops

TechRepublic Tech Pro

2014-2015 · Contributor

Interviews on risk assessments, penetration testing, and defensive strategy.

DataCenter Dynamics

2015 · Infrastructure Forum

DDoS mitigation strategies for critical workloads.