Open Source Technology Improvement Fund (OSTIF) is proud to share the Cloud Native Computing Foundation (CNCF) Impact Report for 2022. This report is a follow-up to our August 2022 post and is based on CNCF’s strong commitment to improving security posture of projects, a sound guiding policy and project maturity model, and a repeatable process for executing audits with the help of strategic partner OSTIF. 

“We at OSTIF are so grateful to add value to partners like CNCF. I am proud of the fact that we can be approached with a project, collaborate with its community, and organize a security audit that helps improve security posture- all in a way that is effective, transparent, and cost effective. CNCF provides a strong support system to help its projects improve and grow, and funding security audits is just one example.” 

For more detailed information, see the excellent CNCF Blog Post here or check out the Full Report here: https://ostif.org/wp-content/uploads/2023/03/CNCF-OSTIF-Impact-Report-v2.pdf

Once again, sincere thanks to Cloud Native Computing Foundation for continuing to entrust OSTIF and funding this work. We look forward to more security engagements and improvements in 2023!