OSTIF seeks to generally fund more audits and rapid responses to security issues to continue on its mission to secure the open source ecosystem and thus the internet as a whole.
We facilitate arguably the most cost effective and efficient security auditing available, but there are always costs for labor hours, specialized skillset, and required research, so we ask you for help funding what we do.
Why what we do deserves funding
Track record! We have audited over 100 projects, created security impact in over 200 projects, and discovered 900 vulnerabilities, many in critical internet and application infrastructure you use everyday.
Quantity and breadth of vulnerabilities
Vulnerabilities are discovered at a frightening rate and require increasingly complicated and niche specialties to develop fixes quickly.
Swift containment
Containment requires swift response; no time to raise funds for individual cases.
Funding complications and delays
Some projects can’t fundraise, they are too busy developing or have no legal structure.
Interested in joining our other OSTIF sponsors?
Academy Software Foundation
Alpha Omega
Amazon Web Services
Brink Technologies
Cloud Native Computing Foundation
Drupal Association
DuckDuckGo
Eclipse Foundation
Google
Internet Security Research Group
Internet Systems Consortium
Let’s Encrypt
Linux Foundation
Linux Foundation Energy
Linux Foundation Public Health
Monero Research Lab
Mozilla Foundation
Omidyar Network
OpenJS Foundation
OpenSSF
Php Foundation
Sovereign Tech Agency
Here’s how you can help!
You or your company can fund us through general tax deductible donations (Duckduckgo for example gives us $25,000 USD per year).
We’d like to get to know you more, so drop us a line!