OSTIF’s Strategy Plan

Post published:October 17, 2025
Post category:Audits / Financial / News / Open Source

Transparency is a big part of OSTIF’s mission, and that extends to our strategy and long-term planning. As debates on the next phase of open source continue, we feel it necessary to share what we see our role in that future as being and how we’re trying to get there.

OSTIF has outlined three tenants to our mission moving forward:

Grow	Share	Develop
The community, our reach, our capabilities, and impact in helping improve the security posture of projects in the open source ecosystem.	Our expertise, audit results and methodologies, and resources.	Staff and teams, automated functions and processes, relationships within the open source space, and long-term programs that will continue to make a positive impact.

Over the next 3-5 years, we plan on investing our time and resources in the following:

Member Investment/Support

1. 1. Finding funders and supporters that are engaged in OSTIF’s work and contributing a range of resources.
  2. Practicing fiscal prudence by ensuring funding coming in is going to the right things, then allocated to the right things.

Consistent Operations and Output

1. 1. Audit findings are verifiable, public, and ideally resolved to the project’s comfortability.
  2. Audit reports are well written, empirical, and publicly released.
  3. Impact reports are accurate and released in a timely manner.
  4. Staff are hired at sustainable rates and roles, within a balanced budget.

Community Development

1. 1. Regular meetup schedule with our greater community
  2. Post audit feedback gathered and discussed internally.
  3. General feedback sourced and discussed internally.

Thought Leadership

1. 1. Guides developed and shared for free in order to help improve security health of projects.
  2. Resources are updated and available.

This year being our 10 year anniversary has created a lot of opportunity for reflection on the past, but it also raises the question of what our future could be. Operating as a small, goal-oriented non-profit means while our dreams are often financially restricted, we still brainstorm the possibilities of what we could make happen. You can help us by joining and participating in the community, participating in meetups and using/giving feedback on security resources, sourcing audits, and promoting the need for secure open source software.

There’s no certainty in this sector. The future is currently being shaped by both forces beyond us and the possibilities in our hands. These plans for OSTIFs future are what we can control and offer to the open source community; the ability to be forthcoming with our goals and involve you, our supporters, friends, and collaborators, in our journey forward.

Tags: develop, grow, open source, plan, security, share, strategy