Cortex Audit Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of Cortex. Cortex functions as a long-term, multi-tenant scalable open source storage for Prometheus and OpenTelemetry. Thanks to Quarkslab and the Cloud Native Computing Foundation (CNCF), Cortex received custom review and documentation for current…

Continue ReadingCortex Audit Complete!

KEDA Audit Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of KEDA.  KEDA (which stands for Kubernetes-based Event Driven Autoscaler) is an open source project for scaling containers in Kubernetes. With the help of 7ASecurity and the Cloud Native Computing Foundation, this project underwent…

Continue ReadingKEDA Audit Complete!

Requests, CacheControl, and urllib3 Audits Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of Requests, CacheControl, and urllib3. Requests is a widely used, elegant HTTP library for Python, designed to make HTTP requests simple and human-friendly, CacheControl is a port of the caching algorithms from httplib2 for…

Continue ReadingRequests, CacheControl, and urllib3 Audits Complete!

DEfO Audit Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security engagement on Developing ECH for OpenSSL (“DEfO”). DEfO is an open source implementation of Encrypted Client Hello (ECH) for OpenSSL, and provides proof-of-concept implementations for various clients and servers that use OpenSSL as a demonstration…

Continue ReadingDEfO Audit Complete!