ICYMI: Nadim Kobeissi (On Bluesky)'s OSTIF meetup from April 23rd is available to watch back on YouTube youtu.be/2wR25jFgPSo?si… tell your friends, tell your mom, tell your mom's friends who are into crypto to watch & share!

Call for Meetups! We're looking for 20-30 minute lightning talks with accompanying deck for visual guidance. Simply fill out the form at this Calendly link (calendly.com/helen-ostif/su…) pick your date & time, and speak directly to the OSTIF community!

The recording is up now at youtube.com/watch?v=Dq_KVL…

We are proud to share the results of our audits of nghttp3 and ngtcp2! Carried out by X41 D-SEC GmbH with funding by Sovereign Tech Agency, the details of the resulting work are available on our blog: ostif.org/nghttp3-ngtcp2…

OSTIF is proud to announce publication of our audit of Ruby on Rails, done in collaboration with X41 D-SEC GmbH, 🦊 GitLab (esp. joernchen), and Sovereign Tech Agency. Read more about the work done at ostif.org/ruby-on-rails-…

We lava good audit- and Volcano definitely was one! Completed with support from CNCF and auditing by ADA Logics, this work resulted in improvements to fuzzing and secure by design processes. Read more at our blog: ostif.org/volcano-audit-…

Party on, OSTIF! We toasted in our 10 year anniversary this weekend with a new employee, new merch, and fresh eyes on the next 10 years ahead (also: cheesecake pie). See some pics of the party and read about the rest of our anniversary plans at our blog: ostif.org/10yr-party/

Happy Anniversary to our audit of CycloneDDS! Released last year, this work was a collab with Alpha-Omega, Eclipse Foundation , X41 D-SEC GmbH, and CycloneDDS maintainers with OSTIF to create security outcomes. Read the report at our blog: ostif.org/cyclndds-audit…

🔊 New 7ASecurity public #securityaudit report 🔒 #CondaForge & OSTIF Official enhance the ecosystem security with verified fixes Feedback is welcome, enjoy! 🌐 7asecurity.com/blog/2025/07/c… #CyberSecurity #PenTesting #OpenSourceSecurity #SoftwareSecurity #infosec

We “conda” believe it- our audit of conda-forge is released! Read about the work on our blog: ostif.org/conda-forge-au… Thank you to 7ASecurity for performing the auditing and Sovereign Tech Agency for funding this crucial engagement

Kairo Araujo from RSTUF, Eric Sesterhenn from X41 D-SEC GmbH, and Helen from OSTIF are 1 month away from presenting at OpenSSF Community Day in Amsterdam! RSVP to “Securing RSTUF to Secure Your Supply Chain” at sched.co/25dGk

It's possible- our audit of PowSyBl is complete! Completed with auditing by ADA Logics and funding provided by LF Energy, the work resulted in multiple holistic improvements to project security. Details at our blog: ostif.org/powsybl-audit-…

🚨 New Open Source Audit Alert! 🚨 Shielder, with OSTIF Official & Academy Software Foundation, audited OpenEXR and MaterialX: 🔍 11 issues found (1 critical, 3 still to be published) ✔️ Most fixed, others planned 🗣️ to nico smaury Pit TheZero 🍉 on BlueSky Full details in the blog post ⬇️🧵

Working with folks from Lucasfilm, Industrial Light & Magic, and Apple to secure some of the OSS foundations the movie and entertainment industries rely on was so cool! Big shout-out 📣 to the OSTIF Official and the Academy Software Foundation for making this possible.

In partnership with @aswf and @shielder we worked on audits of MaterialX and OpenEXR. Our deepest gratitude for this opportunity to work with incredible maintainers and cool projects such as these- read about them at our blogs: ostif.org/materialx-audi…, and ostif.org/openexr-audit-…

Our Managing Director Amir will be speaking at the Academy Software Foundation Open Source Days on Sunday! RSVP at sched.co/25j6n to hear about why "Security Audits Aren't Scary", and how renewable security efforts help projects, foundations, and the open source community!

We thought it would be timely to make a statement about our involvement with and position re: OpenForum Europe’s EU-STF report. Get our thoughts at the blog: ostif.org/eu-stf-and-ost…

We're thrilled to have Amir Montazery, Managing Director for OSTIF Official, presenting "Success Stories in Open Source: Third Party Security Audits" at #AllThingsOpen! 2025.allthingsopen.org/sessions/2-for…

🗣️ talk that talk!! And trust us- we’ll walk the walk too.

Bridging the gap between open source project security and foundations- its what we do. "The Bridge to Improving Security: How OSTIF Helps Foundations" is live now on our blog: ostif.org/ostif-helps-fo…