Stephen Touset is a Security Engineer in San Francisco with 18 years of hands-on experience spanning systems administration, secure software development, and infrastructure engineering. He combines deep Unix/Linux expertise (Debian, iptables, Apache, PostgreSQL, OpenLDAP, Samba) with broad programming fluency in C/C++, C#, Java, Perl, Ruby, Ada and modern security-focused engineering. At Square and OneLogin he has focused on hardening privileged workflows and SSO, including notable open-source contributions such as enhancing ruby-saml for canonicalization compliance and building sudo_pair integrations that require human approval of privileged sessions. Comfortable moving between low-level systems work and application-layer security, he brings a pragmatic, build-it-yourself mentality rooted in decades of production operations and release engineering. An understated strength is his history of improving legacy systems and test suites to meet modern security and interoperability standards.
18 years of coding experience
16 years of employment as a software developer
B.S., Math, Computer Science, B.S., Math, Computer Science at Kennesaw State University
Plugin for sudo that requires another human to approve and monitor privileged sudo sessions
Role in this project:
Back-end Developer & Security Engineer
Contributions:3 reviews, 352 commits, 129 PRs in 6 years 1 month
Contributions summary:Stephen's initial contributions focused on integrating the `sudo_pair` plugin with the `sudo` system, implementing core functionality to require approval for privileged sessions. Their work involved defining the plugin's API interface and creating the core components for the plugin. Subsequent commits added security features by adding new methods to deny and approve sessions as well as the addition of several security-focused checks.
Contributions summary:Stephen primarily focused on enhancing the `ruby-saml` library by adding support for different canonicalization algorithms and refactoring the code to use the Nokogiri XML parser. The contributions also involved addressing SAML specification compliance, specifically removing timezone information from the xs:dateTime format. Furthermore, the user implemented version bumps and minor adjustments to the test suite.
railssaml-ssorubysamlsso
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.