About Dr. Dayo Adetoye
A Modern Approach to Strategic, Scalable, and Resilient Cybersecurity Leadership.
A certified CISO, he excels at translating complex security risks into actionable frameworks that safeguard critical assets while driving innovation. His approach integrates zero-trust architecture with cutting-edge threat intelligence, adversarial modeling, and cyber risk quantification to build resilient, intelligence-led, business-focused security programs.
Core Skills and Expertise
Cybersecurity Leadership to Drive Business Resilience, Innovation and Growth
Combining strategic vision with deep technical expertise to build high-performing security teams and capabilities.
Aligning cybersecurity with business goals to drive resilience and innovation, ensuring security's role as a business enabler.
Certified FAIR risk professional, adept at balancing risk with productivity. Advanced risk quantification skills for data-driven decision-making aligned with business objectives.
Broad compliance certification and management experience in frameworks such as ISO 27001, SOC 2, NIST, FedRAMP, GDPR and other global standards.
Pioneering zero-trust architectures and cloud-native security models that bridge legacy systems with modern infrastructure to adapt to business requirements. Expert in Cryptography, Threat Modeling and Application Security.
AI-driven security operations automation, doing more with less. Avid programmer and developer of many open-source security tools (e.g., CheckMate, TLS Audit).
Giving Back: My Open Source Security Tools
My open source contributions are on Github. The following are a few highlights:
A common source of breaches is the presence of hard-coded secrets in code, config files, and logs. CheckMate is a code security analysis tool that detects hard-coded secrets through various advanced techniqies such as heuristics on string entropy, or code context and file types. It comes as a command-line tool but also has an API service that can be used to interact with it programmatically.
TLS Audit is a fast utility for auditing TLS (including SSL and STARTTLS) security settings. You can use it to enumerate protocols, ciphers and curves supported by an open TCP port.
Unlike excellent tools like SSL Labs server test, you can use TLS Audit to scan servers internal to your network that are not exposed to the public Internet. It supports auditing of STARTTLS servers, e.g. email servers.
SSHscan is a simple utility for inspecting or auditing an SSH server for various settings such as supported encryption and key exchange algorithms. Ensure that your SSH server is configured securely and according to best practices.
A proof of concept demonstrating the risk associated with allowing arbitrary ountbound connectivity and how this can be used to abuse a network and set up a command and control channel.