x41

Read more about the article RustVMM Security Audit with OSTIF is Complete!

RustVMM Security Audit with OSTIF is Complete!

OSTIF is pleased to announce the completion of a security audit of the open source project RustVMM in collaboration with X-41 D-Sec GmbH, with funding by Amazon Web Services. The project offers crates to build customized Virtual Machine Monitors (thus, VMM), which can be vulnerable to malicious actors through its…

Continue ReadingRustVMM Security Audit with OSTIF is Complete!
Read more about the article Bugs? Search Me!- OpenSearch Security Audit Completed!

Bugs? Search Me!- OpenSearch Security Audit Completed!

OSTIF and X41-Dsec collaborated with OpenSearch on a security audit on v. 2.8.0 of the open source search engine. As a search engine, this project handles sensitive data and therefore security is of utmost importance to project users, maintainers, and community. The main objective of this security audit was to…

Continue ReadingBugs? Search Me!- OpenSearch Security Audit Completed!
Read more about the article Our Audit of libjpeg-turbo is Complete!

Our Audit of libjpeg-turbo is Complete!

OSTIF and X41 are excited to announce the completion of our security audit of libjpeg-turbo! X-41 DSec and OSTIF collaborated in May of 2023 on a source code audit of libjpeg-turbo, the accelerated JPEG image decoding software.  The audit’s emphasis was on reviewing input validation, memory management practices, and analysis…

Continue ReadingOur Audit of libjpeg-turbo is Complete!
Read more about the article Our audit of in-toto is complete!

Our audit of in-toto is complete!

In collaboration with X41 and in-toto, OSTIF is pleased to announce the publication of our audit of in-toto’s source code. In-toto, which has implementations in Python and Go, is a framework software for supply chain security. Integrating security and transparency through the entire process of application, in-toto’s holistic view of…

Continue ReadingOur audit of in-toto is complete!