Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Meet the Author

Matt Frost Senior Security Consultant

Matt Frost (CEH, CEPT, CPT, NET+) is a Senior Security Consultant at Bishop Fox, where his areas of expertise are application penetration testing and mobile application security. He also has extensive experience in network penetration testing, product security reviews, and reviewing Amazon Web Services (AWS).

At Bishop Fox, Matt performed a first-ever comprehensive assessment of SCADA devices used for utility management, which uncovered multiple critical- and high-risk issues. Critical issues included retrieving the personally identifiable information (PII) on every registered user and device and an authorization bypass that made it possible to take over any targeted account. High-risk issues included command injection, privilege escalation from an external user to an administrator, and another authorization bypass to set cryptographic keys used by devices.

In another engagement for an end-to-end encrypted messaging service, Matt created a script for dynamic instrumentation that led to SQL injection. He also discovered an authorization bypass vulnerability on a major communications company's SD-WAN product that allowed for control over any organizational configurations or devices, potentially putting many customers at risk. Additionally, Matt has tested Bluetooth technologies for activity tracker devices, performed black-market assessments for Fortune 500 manufacturing organizations, and conducted application tests for ride-sharing applications. He has successfully identified sources of pirated software, saving organizations millions of dollars and preventing possible reputation-damaging breaches.

Prior to joining Bishop Fox, Matt helped found and served as the lead engineer of Dogtown Media, a mobile and web application development firm. Toward the latter part of his career at Dogtown, Matt shifted his focus toward third-party hardware projects integrated with mobile applications. These projects ranged from medical devices, environmental studies, and drones. He worked with clients ranging from government entities to financial institutions in addition to gaining experience with AWS and Bluetooth technologies.


My Path to Security - How Matt Frost Got Into Cybersecurity

Matt Frost

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.