Envoy, the open source edge and service proxy designed for cloud-native applications, worked with OSTIF and X41 D-Sec to help improve the project’s security posture. The multi-phased engagement, sponsored by Google, focused first on the triaging and closing of bugs, then upon further improving the core fuzzers that continually monitor…
Today OSTIF is thrilled to release the Independent Security Audit Impact Report. This report is the culmination of over a year’s worth of work that OSTIF organized thanks to funding from Google and OpenSSF. “I am extremely proud of this work and what OSTIF continues to accomplish. Organizations like Google,…
We’re excited to report the results of a security audit of slf4j. Simple Logging Facade for Java, slf4j, is identified in the Harvard Census II results as one of the most widely-deployed logging frameworks. The security and supply chain review was facilitated by Open Source Technology Improvement Fund and carried…
Announcement: Google is partnering with Open Source Technology Improvement Fund, Inc to sponsor security reviews of critical open source software. OSTIF is elated to announce that we are planning to improve security of eight open-source projects thanks to support from the Google Open Source Security Team. This marks a major…