The Open Source Technology Improvement Fund is proud to share the results of our security audit of CRI-O. CRI-O is an implementation of the Kubernetes Container Runtime Interface (CRI) that is OCI-compliant (-O) that provides the backend between OCI-format container images and the Kubernetes control plane. With the help of…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Kea. Kea is an open source project developed by Internet Systems Consortium (ISC). Described in the audit report as a “modular DHCP server framework… for assigning IPv4 and IPv6 addresses and distributing…
By Adam Korczynski and David Korczynski of Ada Logics In late 2024, Alpha-Omega partnered with Ada Logics and the Open Source Technology Improvement Fund (OSTIF) to audit 25 widely used open source projects in the AI and large language model (LLM) ecosystem. This initiative aimed at evaluating the overall security…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Thunderbird Send. Thunderbird Send is an open source platform for sending and receiving end to end encrypted files, for use with Mozilla Thunderbird or web browsers. With the help of 7ASecurity and the…
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Bitcoin Core. Bitcoin core, the reference implementation of the Bitcoin protocol, is an open source cryptocurrency with assets valued at several billion USD. With the help of Quarkslab, Brink, and Chaincode Labs, this…
The Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our security audit of KubeVirt. KubeVirt is short for Kubernetes Virtualization, as the project is an API and runtime for managing virtual machines. With the help of Quarkslab and the Cloud Native Computing Foundation (CNCF), this…
Transparency is a big part of OSTIF’s mission, and that extends to our strategy and long-term planning. As debates on the next phase of open source continue, we feel it necessary to share what we see our role in that future as being and how we’re trying to get there. …
The Open Source Technology Improvement Fund is proud to share the results of our security audit of OpenSSF Scorecard. OpenSSF Scorecard is an open source automated testing resource to help projects continually assess security risks. With the help of ADA Logics and the OpenSSF, this project can continue to provide…
The team at OSTIF is honored and excited to announce that for a fifth consecutive year we are a recipient of the DuckDuckGo Charitable Donations Program. The privilege of receiving this donation a fifth time is not lost on us, and reinforces that our mission is being carried out effectively…
The Open Source Technology Improvement Fund (OSTIF) is proud to share the results of our documentation audit of PHP. Specifically, the open source implementation of the interpreter for the PHP scripting language, which is popular in use for web development. As a result of this collaboration with OSTIF, Quarkslab, and…