The Open Source Technology Improvement Fund is proud to share the results of our security audit of Inspektor Gadget. Inspektor Gadget is a collection of open source libraries and tools for data collection and inspection of Kubernetes clusters and Linux hosts. With the help of Shielder and the Cloud Native…
2025 marked the 10th year of OSTIF. This year, we published 24 audits, worked on behalf of almost 50 projects, and partnered with 10 different funding bodies to create security outcomes for open source projects. As a result, 231 findings with security impact have been reported and over 98% of…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of OpenEXR, a project at the Academy Software Foundation. OpenEXR is an open source specification and reference implementation of the EXR file format, which “accurately and efficiently represents high-dynamic-range scene-linear image data,” (https://openexr.com/en/latest/). With…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of MaterialX. MaterialX is an open source project hosted at the Academy Software Foundation for “representing rich material and look-development content in computer graphics, enabling its platform-independent description and exchange across applications and renderers,”…
2024 was the 9th year of OSTIF, and what an exciting and groundbreaking year it was! Our annual report for 2024 starts with the OSTIF story then moves onto our impact, function, partnerships, funding, and future. We didn’t mince words here- it’s a quick read of less than five minutes.…
OSTIF is proud to share the results of our security audit of Karmada. Karmada is an open source Kubernetes orchestration system for running cloud-native applications seamlessly across different clouds and clusters. With the help of Shielder and the Cloud Native Computing Foundation (CNCF), this project offers users improved open, multi-cloud,…