The Open Source Technology Improvement Fund is proud to share the results of our security audit of RSTUF. RSTUF is an open source implementation of the server components necessary for users to create a secure repository for downloading files from TUF (The Update Framework). Thanks to the help of X41…
OSTIF is proud to share the results of our security audit of Logback. Logback is an inclusive, fast, and adaptable logging framework for Java. With the help of 7ASecurity and the Sovereign Tech Agency, this project continues to provide reliable and flexible architecture for Java applications. Audit Process: This engagement…
The Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our security audit of Linkerd. Linkerd is an open source service mesh for Kubernetes which prioritizes reliability, security, and simplicity. Thanks to the help of 7ASecurity and the Cloud Native Computing Foundation, this project can continue…
OSTIF is proud to share the results of our security audit of Hickory DNS. Hickory DNS is an open source Rust based DNS client, server, and resolver. With the help of X41 D-Sec and Prossimo, this project can continue to provide users with a safe and secure DNS server and…
2024 was the 9th year of OSTIF, and what an exciting and groundbreaking year it was! Our annual report for 2024 starts with the OSTIF story then moves onto our impact, function, partnerships, funding, and future. We didn’t mince words here- it’s a quick read of less than five minutes.…
OSTIF is proud to share the results of our second security audit of Notary Project. Notary Project is “a set of specifications and tools intended to provide a cross-industry standard for securing software supply chains by using authentic container images and other OCI artifacts.”* With the help of Quarkslab and…
OSTIF is proud to share the results of our security audit of Karmada. Karmada is an open source Kubernetes orchestration system for running cloud-native applications seamlessly across different clouds and clusters. With the help of Shielder and the Cloud Native Computing Foundation (CNCF), this project offers users improved open, multi-cloud,…
Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our 2024 security audit collaboration with the Sovereign Tech Agency. The Sovereign Tech Agency has invested millions of Euros into technology improvement and hardening over the past two years, notably through their Sovereign Tech Resilience program. OSTIF…
OSTIF is proud to share the results of our security audit of Backstage. Backstage is an open source framework for developer portals. With the help of X41D-Sec and the Cloud Native Computing Foundation (CNCF), this project can continue to provide quick and secure development environments. Audit Process: This audit was…
OSTIF is proud to share the results of our 2024 security audit collaboration with the Cloud Native Computing Foundation (CNCF). Over the past three years, OSTIF and the CNCF have worked together to provide security audits for CNCF projects. These projects, as a part of the CNCF landscape, must undergo…