The Open Source Technology Improvement Fund is a corporate non-profit dedicated to securing open source apps that we all depend on. Securing software isn’t easy, and we know what it takes to succeed. By facilitating security audits and reviews, OSTIF makes it easy for projects to significantly improve security.

Better Security Through A Massive Community

 

Through the Open Source Technology Improvement Fund, projects have been able to find and fix critical security bugs.

62+
partner projects

1000+
world class security experts

5000+
hours of security review

100+
severe bugs patched

billions
protected

Support the OSTIF Mission

Open-source projects keep today’s Internet infrastructure afloat. They are critical for the operation of every webserver, every browser, and every banking platform. And they are cared for by a surprisingly small group of people with a limited amount of time. Without dedicated security experts, these projects often don’t get the attention they require.

We can do it with help from supporters like you.

Become a Sponsor

Logback Audit Complete! OSTIF is proud to share the results of our security audit of Logback.  Logback is an inclusive, fast, and adaptable logging framework for Java. With the help of 7ASecurity and… Read more »
Linkerd Audit Complete! The Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our security audit of Linkerd. Linkerd is an open source service mesh for Kubernetes which prioritizes… Read more »
Hickory DNS Audit Complete! OSTIF is proud to share the results of our security audit of Hickory DNS. Hickory DNS is an open source Rust based DNS client, server, and resolver. With the help… Read more »