Mastodawn

While reflecting on our past 10 years, we revisited vulnerabilities discovered during OSTIF audits. As a result of our work, several hundred bugs a year are discovered on average. With that in mind, our Executive Director Derek Zimmer proposed a new program: a Bug of the Year trophy, given to the individual who finds the best bug published by OSTIF in a calendar year.

We are proud to announce our top 3 bugs of the year on our blog: https://ostif.org/bug-of-the-year-award-2025/

#OSTIF #BOTY #7ASecurity

OSTIF Mar 3

OSTIF is proud to share the results of our security audit of Stork.

Stork is an open source project developed by the Internet Systems Consortium (ISC) that acts as an administrative interface for monitoring, maintaining, and surveilling Kea servers.

With the help of 7ASecurity, this project received custom security testing, documentation, and tooling contributing to Stork’s ongoing security and development work.

Full post here: https://ostif.org/stork-audit-complete/

#OSTIF #Stork #7ASecurity

OSTIF Feb 17

The Open Source Technology Improvement Fund is proud to share the results of our security audit of zlib.

Zlib is an open source lossless data-compression library for use on virtually any computer hardware and operating system.

Thanks to the efforts of @7asecurity and the Sovereign Tech Fund, this project underwent a holistic security review.

Read about the process and results here 👉 https://ostif.org/zlib-audit-complete/

#OSTIF #7ASecurity #audit #zlib

The New Oil Dec 20

#CodeAudit for the #TorProject completed by #7aSecurity

https://blog.torproject.org/code-audit-network-health-tools/

#cybersecurity #FOSS #privacy #anonymity #Tor

Code audit for the Tor Project completed by 7aSecurity | Tor Project

7aSecurity conducted a comprehensive code audit for several tools we use to monitor the health of the Tor network. This blog post outlines key recommendations and links to the full report.