Matt Hargett
650-814-6228
Mountain View, California
http://www.clock.org/~matt

Goal:
  To drive light-weight engineering practices to improve productivity
  and deliver quality software for business advantage.

Work History:
  Independent Consulting                           9/2008-4/2009

  - strategic planning for incremental rollout of agile practices  
  - mentoring of customers in release planning and story creation
  - hands-on training of developers in OO design and unit testability
  - refactoring, unit testing, and static analysis of legacy C and C++

  Pivotal Labs                                     8/2006-8/2008

  - helped teams scale and re-discover their productivity with agile practices
  - hands-on mentoring with project managers, junior and senior programmers
  - refactoring, unit testing, and static analysis of large, dense legacy 
    codebases and new projects in many different languages and environments
  - automated and optimized builds of large code bases
  - leveraged and contributed to various open source projects
  - worked on CRM, social networking, marketplace, media search, 
    clustering, data mining, MMORPG, and collaborative learning projects

  imeem, inc.                                      1/2006-7/2006

  - mentored team of 12+ local and remote developers
  - advanced process and technology enhancements that resulted in 
    notable stability increases
  - refactored code toward unit testability and improved OO design
  - implemented continuous build that unit tested, measured code 
    coverage of tests, and did static code analysis
  - leveraged and contributed to various open source projects

  LogicLibrary, Inc.                               9/2004-9/2005

  - director of local and outsourced agile development teams
  - represented company in technical presales, analyst/press 
    presentations, and at conferences
  - deployed new features every week and maintained strict quality 
  - managed/mentored 8 junior and senior engineers locally and remotely
  - reverse engineering, programming, debugging, and unit testing
  - discovered several novel, exploitable security vulnerabilities
  - leveraged and contributed heavily to various open source projects

  BugScan, Inc. (acquired by LogicLibrary, Inc)     2/2003-9/2004

  - founder of company, director of development
  - brought product to market in 6 months in a self-funded environment
  - drove company to profitability and then high ROI acquisition
  - hired, managed, and mentored several local and remote developers
  - programming, testing, debugging, reverse engineering
  - discovered several novel, exploitable security vulnerabilities

  Cenzic, Inc. (formerly ClickToSecure, Inc.)       9/2001-1/2003

  - QA Manager through several release cycles
  - defined/implemented agile development, QA, and source control processes 
  - designed/implemented use case and defect tracking in ClearQuest
  - automated builds, blackbox testing, static/runtime analysis
  - programming, debugging, unit testing, reverse engineering
  - discovered several novel, exploitable security vulnerabilities

  TurboLinux                                        3/2000-3/2001

  - managed QA engineers as QA lead through a product release cycle
  - manual code review and automated static analysis
  - created automated test suite for dozens of Linux packages

  Network Associates, Inc. (now McAfee)             12/1997-2/2000

  - created whitebox QA team, which improved stability across several products
  - designed/deployed company-wide defect tracking system in ClearQuest
  - managed QA engineers as QA lead on several product releases
  - worked with product managers to ensure product security and reliability
  - discovered several novel, exploitable security vulnerabilities

  Blackburn College                                 8/1996-6/1997

  - created and deployed Netscape mail migration tool for entire campus
  - administration, security, and other systems management on NT and HP-UX

  Cityscape Communications                          6/1995-6/1997

  - administration and security on Linux and NT
  - MCSE training for Windows NT 4.0

Education:
  - Blackburn College, CompSci Major, 1996-1997

Publications/Speaking Engagements:
2008:
  - speaker, Bay XP: Pragmatic Unit Testing, a tour of open source tools

2007:
  - co-author, Pragmatic Unit Testing in C#, 2nd edition
  - teacher, BlackHat USA: Cutting Edge Code Analysis Techniques 2-day class
  - speaker, SecurityOpus: Automated Exploit Detection in Binaries

2006:
  - teacher, BlackHat USA: Cutting Edge Code Analysis Techniques 2-day class
  - speaker, Defcon 14: eXtreme Programming on Open Source Projects
  - speaker, Defcon 14: Automatic Exploit Detection in Binaries
  - author, Software Test & Performance: Test-Driven Development from the Trenches
  - speaker, Software Security Summit: Software Security Without the Source Code

2005:
  - speaker, EclipseCon: Finding Security Vulnerabilities using Eclipse
  - speaker, North Bay Linux User Group: Finding Exploitable Bugs in COTS Software
  - author, Security Advisory: Trillian 3.1 Remotely Exploitable Overflow Vulnerability
  - speaker, Software Security Summit: Application Security from the Inside-Out
  - speaker, Google Tech Talk: Finding Exploitable Buffer Iteration Bugs in COTS Software
  - reviewer, Exploiting Software: book contributor, listed in acknowledgements

2004:
  - teacher, Blackhat Europe: Rootkit Training 2-day class co-teacher
  - speaker, Blackhat Windows: Implementing Security in the Development Process

Pre-2004:
  - author, Security Advisory: Internet Explorer 5 for UNIX Multiple Vulnerabilities
  - speaker, Defcon 8: Testing Firewalls, VPNs, and IDSes with open source tools
  - author, Security Advisory: NetBSD Remote Denial of Service Vulnerability