Cortex Audit Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of Cortex. Cortex functions as a long-term, multi-tenant scalable open source storage for Prometheus and OpenTelemetry. Thanks to Quarkslab and the Cloud Native Computing Foundation (CNCF), Cortex received custom review and documentation for current…

Continue ReadingCortex Audit Complete!

KEDA Audit Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of KEDA.  KEDA (which stands for Kubernetes-based Event Driven Autoscaler) is an open source project for scaling containers in Kubernetes. With the help of 7ASecurity and the Cloud Native Computing Foundation, this project underwent…

Continue ReadingKEDA Audit Complete!

2025 Annual Report

2025 marked the 10th year of OSTIF. This year, we published 24 audits, worked on behalf of almost 50 projects, and partnered with 10 different funding bodies to create security outcomes for open source projects. As a result, 231 findings with security impact have been reported and over 98% of…

Continue Reading2025 Annual Report

Jan 2025 Community Spotlight: Introduction, David Korczynski and Adam Korczynski of Ada Logics

OSTIF would not be possible without our fantastic collaborators, partnerships, funders, and friends. Over the past 10 years, we’ve met so many amazing people, several of whom we have the utmost privilege of working with. It is deeply important to us that we give credit where credit is due. OSTIF…

Continue ReadingJan 2025 Community Spotlight: Introduction, David Korczynski and Adam Korczynski of Ada Logics

NATS Audit Complete!

OSTIF is proud to share the results of our security audit of NATS.  NATS is an open source project made by Synadia Communications for secure always-on messaging for a variety of digital formats and clients. With the help of Trail of Bits and the Cloud Native Computing Foundation, this project…

Continue ReadingNATS Audit Complete!

Linkerd Audit Complete!

The Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our security audit of Linkerd. Linkerd is an open source service mesh for Kubernetes which prioritizes reliability, security, and simplicity. Thanks to the help of 7ASecurity and the Cloud Native Computing Foundation, this project can continue…

Continue ReadingLinkerd Audit Complete!