Mastodawn

Can a hostile container sneak past your eBPF tracing? Sometimes, yes.

With @ostifofficial & @cloudnativefdn we audited Inspektor Gadget - 3 vulns (fixed), 6 hardenings, 6 bypasses (io_uring, openat2, jumbo frames…).

Work by @ndaprela & @suidpit

🔗 https://www.shielder.com/blog/2026/04/inspektor-gadget-security-audit/

Shielder - Inspektor Gadget Security Audit

Security audit of Inspektor Gadget, an eBPF-based observability framework for Linux and Kubernetes. Sponsored by the CNCF (Cloud Native Computing Foundation), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.

Shielder

Show thread

Shielder Mar 24

https://kccnceu2026.sched.com/event/2CW4B/kubernetes-third-party-audit-review-iain-smart-amberwolf-amir-montazery-open-source-technology-improvement-fund-rey-lejano-red-hat-rita-zhang-microsoft-pietro-tirenna-shielder

KubeCon + CloudNativeCon Europe 2026: Kubernetes Third Party Audit Review - Ia...

View more about this event at KubeCon + CloudNativeCon Europe 2026

Shielder Mar 24

#KubeCon EU starts today and guess what? Our very own @suidpit will be on stage with a panel about the #Kubernetes Security Audit we performed during 2025 with the support of @ostifofficial!

🗓️ March 25 - 16:45 CET
📍 Hall 8 | Room F

Shielder Mar 19

Attending @1ns0mn1h4ck?

Meet @not4nhacker Luk3ros and Sev1rus from our AppSec and Red teams!

They are eager to discuss about breaking complex authentication implementations and relaying all the things to DA!

Shielder Jan 31

Love breaking things just to see how they work? 🐛🔨

A @Shielder delegation is on the ground at @fosdem, and we're looking for fellow hackers and security researchers.

If you are passionate about securing the Open Source world, we definitely need to talk!

Shielder Dec 31

Happy New Year, Hackers! 🎆
We’re looking forward to a 2026 full of crazy exploits, instant patches, and - most importantly - YOU, the amazing human beings behind the screens.

Shielder Nov 25

RE: https://fosstodon.org/@ostifofficial/115605499466924817

Want to learn more about our approach into auditing complex libraries and writing cool exploits?

🗓️: Dec 02

🕗: 20:00 CET

RSVP: https://luma.com/ostif-meetups?e=calev-iJNSID5DS2YpZ4r

Shielder Nov 25

OSTIF Nov 24

@Shielder security researchers Davide and Pietro F. Tirenna will be presenting on their audit of Academy Software Foundation OpenEXR next Tuesday, 13:00 CST. Join to hear about how a team at the top of their game is auditing high-value targets used in a billion dollar industry who depends on secure development practices to avoid leaks.

RSVP here: https://luma.com/ir16fuig

Security Audit of OpenEXR · Luma

Description Join security researchers Pietro and Davide from Shielder as they take us through a source code security audit of the Academy Software Foundation's…

Shielder Aug 7, 2025

smaury Aug 7, 2025

👋🏿 Hackers!

Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? @Shielder is hiring a Red Teaming Lead to join our crew!

More info ⬇️ (share appreciated) #hiring #redteaming
https://romhack.io/job-opportunities/

RomHack - Job opportunities

Check for RomHack sponsor's job opportunities

RomHack Security Conference

Shielder Jul 31, 2025

🚨 New Open Source Audit Alert! 🚨

Shielder, with @ostifofficial & @academyswf audited OpenEXR and MaterialX:
🔍 11 issues found (1 critical, 3 still to be published)
✔️ Most fixed, others planned
🗣️ to @ndaprela @smaury @suidpit @thezero

Full details:
- Blog post: https://www.shielder.com/blog/2025/07/materialx-and-openexr-security-audit/
- Reports: https://github.com/ShielderSec/public-reports

Shielder - MaterialX and OpenEXR Security Audit

MaterialX And OpenEXR Security Audits, sponsored by the ASWF (Academy Software Foundation), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.

Shielder

Website	https://www.shielder.com
Twitter	https://twitter.com/ShielderSec
GitHub	https://github.com/ShielderSec