Matthew Fisher is a Software Security Consultant for Fortify Software, an HP Company.  Prior to Fortify, Matt was the first Security Engineer hired by SPI Dynamics. During his 7 year tenure in the web application security field, Mr. Fisher performed hundreds of application assessments and consulted to customers in the Federal Government, Department of Defense, E-Commerce, and Financial industries.

An expert in application security assessments, Mr. Fisher is credited with several original vulnerabilities, exploit and testing techniques to his name, and is an accomplished writer and speaker. Matthew Fisher’s other accomplishments include:

• A well regarded industry expert whom has been published several times in print and online media, and presented at hundreds of events including: DoD Cybercrime Conference; Air Force Information Technology Conference; ShmooCon, the only Washington D.C. area “hacker” conference; and Gartner, CSI, ISC2, SANS, InfoSecurity.
• An expert web application penetration tester with an extremely high success rate of surpassing expectations during assessments and finding important vulnerabilities
• Security researcher with multiple credits in the web application vulnerability and testing space including unique discoveries in SQL Injection and Script Injection techniques..
• Innovated, developed and refined web application security testing methodologies that encompass full range of risks far beyond capabilities of automated scanners.
• Created and conducted multi-day application security training courses, attended by some of the top penetration testers in the country.
• Contributing author for Google Hacking for Penetration Testers and editor of Web Security Testing Cookbook.
• Has held the CNS, MCP, CCSA, CCSE, CISSP and SCA certifications, from Novel, Microsoft, Checkpoint, and SPI Dynamics.