The Open Source Technology Improvement Fund is proud to share the results of our security audit of zlib. Zlib is an open source lossless data-compression library for use on virtually any computer hardware and operating system. Thanks to the efforts of 7ASecurity and the Sovereign Tech Resilience Program, this project underwent…
Peter has worked with OSTIF twice on both our audits of CRI-O. We have been so lucky as to see first hand Peter’s expertise, attention to detail, and love of open source during our mutual engagements. Individuals like Peter are the backbone of the open source community and industry, and…
2025 marked the 10th year of OSTIF. This year, we published 24 audits, worked on behalf of almost 50 projects, and partnered with 10 different funding bodies to create security outcomes for open source projects. As a result, 231 findings with security impact have been reported and over 98% of…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of EVerest. EVerest is an open source project hosted by LF Energy, which functions as a firmware stack for EV charging stations. Thanks to efforts by Quarkslab and with support from LF Energy, EVerest…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Kea. Kea is an open source project developed by Internet Systems Consortium (ISC). Described in the audit report as a “modular DHCP server framework… for assigning IPv4 and IPv6 addresses and distributing…
By Adam Korczynski and David Korczynski of Ada Logics In late 2024, Alpha-Omega partnered with Ada Logics and the Open Source Technology Improvement Fund (OSTIF) to audit 25 widely used open source projects in the AI and large language model (LLM) ecosystem. This initiative aimed at evaluating the overall security…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Thunderbird Send. Thunderbird Send is an open source platform for sending and receiving end to end encrypted files, for use with Mozilla Thunderbird or web browsers. With the help of 7ASecurity and the…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Bitcoin Core. Bitcoin core, the reference implementation of the Bitcoin protocol, is an open source cryptocurrency with assets valued at several billion USD. With the help of Quarkslab, Brink, and Chaincode Labs, this…
The Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our security audit of KubeVirt. KubeVirt is short for Kubernetes Virtualization, as the project is an API and runtime for managing virtual machines. With the help of Quarkslab and the Cloud Native Computing Foundation (CNCF), this…
Transparency is a big part of OSTIF’s mission, and that extends to our strategy and long-term planning. As debates on the next phase of open source continue, we feel it necessary to share what we see our role in that future as being and how we’re trying to get there. …