Cortex Audit Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of Cortex. Cortex functions as a long-term, multi-tenant scalable open source storage for Prometheus and OpenTelemetry. Thanks to Quarkslab and the Cloud Native Computing Foundation (CNCF), Cortex received custom review and documentation for current…

Continue ReadingCortex Audit Complete!

KEDA Audit Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of KEDA.  KEDA (which stands for Kubernetes-based Event Driven Autoscaler) is an open source project for scaling containers in Kubernetes. With the help of 7ASecurity and the Cloud Native Computing Foundation, this project underwent…

Continue ReadingKEDA Audit Complete!

BOLT Security Engagement Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security work on the BOLT binary scanner for LLVM.  LLVM is an open source compiler for translating human-readable source code for machine-readable hardware. In 2024, Arm engineer Kristof Beyls developed a static binary analyzer on BOLT,…

Continue ReadingBOLT Security Engagement Complete!

Hack to the Future: The Impact and Legacy of the DARPA AIxCC Challenge

AIxCC Competition Background & Results:  In 2023, DARPA announced a two-year long competition called the Artificial Intelligence Cyber Challenge (AIxCC) with the goal to safeguard open source software used in critical infrastructure throughout America. The intent is to hasten the development of open source AI tooling that can assist developers…

Continue ReadingHack to the Future: The Impact and Legacy of the DARPA AIxCC Challenge

LibVLC Audit Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of LibVLC. LibVLC is the open source core engine and foundation of VLC media player. With auditing by Trail of Bits and funding provided by the Sovereign Tech Agency, LibVLC received scoped security work,…

Continue ReadingLibVLC Audit Complete!