50th Audit Milestone

Open Source Technology Improvement Fund (OSTIF) is beyond proud to announce the completion of our 50th security audit. Since 2015, the nonprofit organization has worked to provide actualized security support to open source projects in a way that is transparent, public, and impactful. We work with open source projects that…

Continue Reading50th Audit Milestone

In-Flux-ible on bugs- Flux undergoes Security Audit with OSTIF and Trail of Bits

OSTIF is proud to announce the publication of a security audit on the Kubernetes cluster tooling Flux in collaboration with Trail of Bits. Performed over four engineer weeks, this is the second security audit with OSTIF that Flux has undertaken, the first having taken place in November 2021. Repeated security…

Continue ReadingIn-Flux-ible on bugs- Flux undergoes Security Audit with OSTIF and Trail of Bits

RustVMM Security Audit with OSTIF is Complete!

OSTIF is pleased to announce the completion of a security audit of the open source project RustVMM in collaboration with X-41 D-Sec GmbH, with funding by Amazon Web Services. The project offers crates to build customized Virtual Machine Monitors (thus, VMM), which can be vulnerable to malicious actors through its…

Continue ReadingRustVMM Security Audit with OSTIF is Complete!

OSTIF Has Completed A Security Audit of wasmCloud!

OSTIF and wasmCloud collaborated with Trail of Bits on a security audit of the application which is a deployment platform for distributed Wasm application development. The engagement priorities are listed as, but not limited to: wasmCloud sandboxing capabilities of user-provided code, if users were appropriately limited in their accessible features…

Continue ReadingOSTIF Has Completed A Security Audit of wasmCloud!

Bugs? Search Me!- OpenSearch Security Audit Completed!

OSTIF and X41-Dsec collaborated with OpenSearch on a security audit on v. 2.8.0 of the open source search engine. As a search engine, this project handles sensitive data and therefore security is of utmost importance to project users, maintainers, and community. The main objective of this security audit was to…

Continue ReadingBugs? Search Me!- OpenSearch Security Audit Completed!