Cortex Audit Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of Cortex. Cortex functions as a long-term, multi-tenant scalable open source storage for Prometheus and OpenTelemetry. Thanks to Quarkslab and the Cloud Native Computing Foundation (CNCF), Cortex received custom review and documentation for current…

Continue ReadingCortex Audit Complete!

KEDA Audit Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of KEDA.  KEDA (which stands for Kubernetes-based Event Driven Autoscaler) is an open source project for scaling containers in Kubernetes. With the help of 7ASecurity and the Cloud Native Computing Foundation, this project underwent…

Continue ReadingKEDA Audit Complete!

LibVLC Audit Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of LibVLC. LibVLC is the open source core engine and foundation of VLC media player. With auditing by Trail of Bits and funding provided by the Sovereign Tech Agency, LibVLC received scoped security work,…

Continue ReadingLibVLC Audit Complete!

Requests, CacheControl, and urllib3 Audits Complete!

The Open Source Technology Improvement Fund is proud to share the results of our security audit of Requests, CacheControl, and urllib3. Requests is a widely used, elegant HTTP library for Python, designed to make HTTP requests simple and human-friendly, CacheControl is a port of the caching algorithms from httplib2 for…

Continue ReadingRequests, CacheControl, and urllib3 Audits Complete!

Sovereign Tech Agency and OSTIF Security Audit Report

OSTIF is a proud participant in the Sovereign Tech Agency's Sovereign Tech Resilience Program. Outside of that work, we've also been funded to carried out ad hoc security engagements on critical open source software. Funding security solutions that are quantifiable, sustainable, and verifiable is an important part of the Sovereign…

Continue ReadingSovereign Tech Agency and OSTIF Security Audit Report