by Helen Woeste, Communications and Community Manager Amir and I were in London for State of Open Con earlier this year, where we attended a talk by Kat Cosgrove and Jeremy Rickard called “Are You Not Entertained? Open Source Isn’t a Coliseum.” This presentation was about conflict in community and…
The Open Source Technology Improvement Fund is proud to share the results of our security audits of nghttp3 and ngtcp2. Ngtcp2 is an open source project that implements the QUIC network protocol, while nghttp3 implements HTTP/3 to help improve the speed and efficacy issues of HTTP/2. With the help of…
OSTIF is proud to share the results of our security audit of NATS. NATS is an open source project made by Synadia Communications for secure always-on messaging for a variety of digital formats and clients. With the help of Trail of Bits and the Cloud Native Computing Foundation, this project…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of ztunnel. ztunnel is the open source node proxy implementation of Istio’s ambient mesh mode. Moving forward from this collaboration between Istio, Trail of Bits, and the Cloud Native Computing Foundation, there is reasonable…
The Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our security audit of PHP Specifically, the open source implementation of the interpreter for the PHP scripting language, which is popular in use for web development. As a result of this collaboration with OSTIF, Quarkslab, and…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of RSTUF. RSTUF is an open source implementation of the server components necessary for users to create a secure repository for downloading files from TUF (The Update Framework). Thanks to the help of X41…
OSTIF is proud to share the results of our security audit of Logback. Logback is an inclusive, fast, and adaptable logging framework for Java. With the help of 7ASecurity and the Sovereign Tech Agency, this project continues to provide reliable and flexible architecture for Java applications. Audit Process: This engagement…
The Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our security audit of Linkerd. Linkerd is an open source service mesh for Kubernetes which prioritizes reliability, security, and simplicity. Thanks to the help of 7ASecurity and the Cloud Native Computing Foundation, this project can continue…
OSTIF is proud to share the results of our security audit of Hickory DNS. Hickory DNS is an open source Rust based DNS client, server, and resolver. With the help of X41 D-Sec and Prossimo, this project can continue to provide users with a safe and secure DNS server and…
2024 was the 9th year of OSTIF, and what an exciting and groundbreaking year it was! Our annual report for 2024 starts with the OSTIF story then moves onto our impact, function, partnerships, funding, and future. We didn’t mince words here- it’s a quick read of less than five minutes.…