OSTIF is proud to share the results of our security audit of Logback. Logback is an inclusive, fast, and adaptable logging framework for Java. With the help of 7ASecurity and the Sovereign Tech Agency, this project continues to provide reliable and flexible architecture for Java applications. Audit Process: This engagement…
The Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our security audit of Linkerd. Linkerd is an open source service mesh for Kubernetes which prioritizes reliability, security, and simplicity. Thanks to the help of 7ASecurity and the Cloud Native Computing Foundation, this project can continue…
OSTIF is proud to share the results of our security audit of Hickory DNS. Hickory DNS is an open source Rust based DNS client, server, and resolver. With the help of X41 D-Sec and Prossimo, this project can continue to provide users with a safe and secure DNS server and…
OSTIF is proud to share the results of our second security audit of Notary Project. Notary Project is “a set of specifications and tools intended to provide a cross-industry standard for securing software supply chains by using authentic container images and other OCI artifacts.”* With the help of Quarkslab and…
OSTIF is proud to share the results of our security audit of Karmada. Karmada is an open source Kubernetes orchestration system for running cloud-native applications seamlessly across different clouds and clusters. With the help of Shielder and the Cloud Native Computing Foundation (CNCF), this project offers users improved open, multi-cloud,…
OSTIF is proud to share the results of our security audit of Backstage. Backstage is an open source framework for developer portals. With the help of X41D-Sec and the Cloud Native Computing Foundation (CNCF), this project can continue to provide quick and secure development environments. Audit Process: This audit was…
OSTIF is proud to share the results of our security audit of Node.js. Node.js is an open source project that is designed to build scalable network applications through asynchronous event-driven JavaScript runtime. With the help of Ada Logics and the OpenJS Foundation, this project will experience deeper fuzzing as it…
OSTIF is proud to share the results of our security audit of Express. Express is an open source web framework for Node.js that prioritizes performance and flexibility. With the help of the OpenJS Foundation and ADA Logics, this project can continue to thrive as a web application framework for users needing lightweight HTTP server tooling. Audit Process:…
OSTIF is proud to share the results of our security audit of OperatorFabric. OperatorFabric is an open source industrial platform for utility operations. With the help of Quarkslab and Linux Foundation Energy (LF Energy), this project will continue to provide secure, centralized business operations for users and high-quality service to…
OSTIF is proud to share the results of our security audit of SEAPATH. SEAPATH is an open source project hosted by Linux Foundation Energy (LF Energy) that consolidates clusters of servers for energy and power management across substations at the utility level. With the help of Ada Logics and LF…