Open Source Technology Improvement Fund
The Open Source Technology Improvement Fund is a corporate non-profit dedicated to securing open source apps that we all depend on. Securing software isn’t easy, and we know what it takes to succeed. By facilitating security audits and reviews, OSTIF makes it easy for projects to significantly improve security.
Better Security Through A Massive Community
Through the Open Source Technology Improvement Fund, projects have been able to find and fix critical security bugs.
22+
partner projects
1000+
world class security experts
5000+
hours of security review
50+
severe bugs patched
billions
protected
Support the OSTIF Mission
Open-source projects keep today’s Internet infrastructure afloat. They are critical for the operation of every webserver, every browser, and every banking platform. And they are cared for by a surprisingly small group of people with a limited amount of time. Without dedicated security experts, these projects often don’t get the attention they require.
We can do it with help from supporters like you.
Our audit of in-toto is complete! In collaboration with X41 and in-toto, OSTIF is pleased to announce the publication of our audit of in-toto’s source code. In-toto, which has implementations in Python and Go, is a… Read more »
Our Audit of c-ares is Complete! OSTIF, X41, and c-ares coordinated on a security audit of c-ares’s source code in spring of 2023. C-ares is a library written in C for asynchronous DNS requests, which runs… Read more »
Our Audit of Libcap is complete! It’s our privilege to announce that OSTIF’s sixth security audit of 2023 is with libcap! This was only possible with the fantastic work of X41 D-Sec and generous support of… Read more »