Todd Miller is a Principal Software Engineer and longtime identity and access management specialist with 33 years of experience, best known as the principal author and lead developer of the Sudo privileged access management suite. An active OpenBSD contributor since 1996 and co-originator of the strlcpy() and strlcat() C functions, he blends kernel- and user-space expertise to harden systems and tooling. Todd has modernized legacy security products—migrating codebases to git, introducing cmake builds, adding fuzzing and SAST pipelines—and implemented advanced features like I/O (keystroke) logging, sandboxing, and remote log servers. His open-source contributions span security and infrastructure projects (from awk and tinc fixes to syslog-ng TLS work and integrating sudo fuzz targets into Google OSS-Fuzz), reflecting a pragmatic focus on reliability and secure defaults. Now based in Boulder and working at Owl Cyber Defense, he continues to drive secure engineering practices across product and open-source ecosystems. An understated but telling detail: his work touches both low-level C library ergonomics and large-scale privileged access workflows, showing rare depth from bytes to systems.
33 years of coding experience
30 years of employment as a software developer
Bachelor's degree Computer Science, Bachelor's degree Computer Science at University of Colorado Boulder
Contributions:6 reviews, 8 commits, 24 PRs in 1 year 4 months
Contributions summary:Todd primarily focused on improving the functionality and stability of the `awk` implementation. Their contributions include fixing bugs related to error handling, particularly around floating-point operations and the use of `errno`. They also refactored code, renaming functions like `dprintf` to `DPRINTF` and adopting C99 variadic arguments for debugging purposes. Additionally, the user addressed memory management issues, improving the robustness of the awk interpreter.
syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, queueing, SQL & NoSQL.
Role in this project:
Back-end Developer
Contributions:4 reviews, 10 commits, 4 PRs in 4 years 1 month
Contributions summary:Todd made several contributions related to the HTTP module within the syslog-ng project. They added SSL/TLS options to the curl module, allowing for secure communication. The user also added an `ssl_version` option, allowing for more granular control over TLS/SSL versions. Further contributions include adjustments for OpenBSD compatibility.
syslog-ngpythonnosqlelasticdaemon
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Todd Miller - Principal Software Engineer at Owl Cyber Defense