Hello, I'm Tolu.
Security Engineer. building better defenses. Automating security into pipelines, break things before production does, and share what I learn for others facing the same challenges.
Recent Post
Learning by breaking, teaching by sharing. Security insights for builders.
Article
IAM Patterns That Scale
Moving beyond basic policies. How to implement attribute-based access control, permission boundaries, and organizational guardrails.
Read more
Article
Why I Stopped Creating IAM Users
Temporary credentials, STS operations, and the federation patterns that actually matter for AWS security.
Read more
Article
IAM Basics I Keep Coming Back To
IAM identity types, policy evaluation logic, and the fundamentals that matter for AWS security work.
Read more
Side Projects & Tooling
Some of my recent builds and contributions ~ worth sharing
AWS Automated Vulnerability Remediation System
Event-driven vulnerability patching solution that automatically detects, validates, and applies security updates across AWS infrastructure with minimal manual intervention.
PolicyGuard
IaC security scanner with 15+ AWS services coverage, OPA policies, and CI/CD integration
CredScan
Security scanner that identifies credentials, API keys, and sensitive information across codebases, archives, and web applications. Features intelligent pattern recognition with 400+ signatures, binary file analysis, technology-aware detection for cloud/container environments, and context-aware scanning that minimizes false positive
My code lives on GitHub
I build. I experiment. I sometimes even document it. Check out my GitHub to see what I'm up to.