OSTIF is proud to share the results of our security audit of Karmada. Karmada is an open source Kubernetes orchestration system for running cloud-native applications seamlessly across different clouds and clusters. With the help of Shielder and the Cloud Native Computing Foundation (CNCF), this project offers users improved open, multi-cloud,…
Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our 2024 security audit collaboration with the Sovereign Tech Agency. The Sovereign Tech Agency has invested millions of Euros into technology improvement and hardening over the past two years, notably through their Sovereign Tech Resilience program. OSTIF…
OSTIF is proud to share the results of our security audit of Backstage. Backstage is an open source framework for developer portals. With the help of X41D-Sec and the Cloud Native Computing Foundation (CNCF), this project can continue to provide quick and secure development environments. Audit Process: This audit was…
OSTIF is proud to share the results of our 2024 security audit collaboration with the Cloud Native Computing Foundation (CNCF). Over the past three years, OSTIF and the CNCF have worked together to provide security audits for CNCF projects. These projects, as a part of the CNCF landscape, must undergo…
For a fourth year in a row, DuckDuckGo has generously donated to the Open Source Technology Improvement Fund (OSTIF) as part of its annual charitable donations program. Funding administrative overhead as a small nonprofit is incredibly tricky. The feast-or-famine nature of nonprofit work makes it complicated to budget, as well…
OSTIF is proud to share the results of our security audit of Node.js. Node.js is an open source project that is designed to build scalable network applications through asynchronous event-driven JavaScript runtime. With the help of Ada Logics and the OpenJS Foundation, this project will experience deeper fuzzing as it…
OSTIF is proud to share the results of our security audit of Express. Express is an open source web framework for Node.js that prioritizes performance and flexibility. With the help of the OpenJS Foundation and ADA Logics, this project can continue to thrive as a web application framework for users needing lightweight HTTP server tooling. Audit Process:…
OSTIF is proud to share the results of our security audit of OperatorFabric. OperatorFabric is an open source industrial platform for utility operations. With the help of Quarkslab and Linux Foundation Energy (LF Energy), this project will continue to provide secure, centralized business operations for users and high-quality service to…
OSTIF is proud to share the results of our security audit of SEAPATH. SEAPATH is an open source project hosted by Linux Foundation Energy (LF Energy) that consolidates clusters of servers for energy and power management across substations at the utility level. With the help of Ada Logics and LF…
OSTIF is proud to share the results of our security audit of LitmusChaos. LitmusChaos is an open source chaos engineering platform for a multitude of cloud platforms. With the help of 7ASecurity and the Cloud Native Computing Foundation, this project can continue to provide secure chaos testing environments for developers. …