Open Source Technology Improvement Fund
The Open Source Technology Improvement Fund is a corporate non-profit dedicated to securing open source apps that we all depend on. Securing software isn’t easy, and we know what it takes to succeed. By facilitating security audits and reviews, OSTIF makes it easy for projects to significantly improve security.
Better Security Through A Massive Community
Through the Open Source Technology Improvement Fund, projects have been able to find and fix critical security bugs.
62+
partner projects
1000+
world class security experts
5000+
hours of security review
100+
severe bugs patched
billions
protected
Support the OSTIF Mission
Open-source projects keep today’s Internet infrastructure afloat. They are critical for the operation of every webserver, every browser, and every banking platform. And they are cared for by a surprisingly small group of people with a limited amount of time. Without dedicated security experts, these projects often don’t get the attention they require.
We can do it with help from supporters like you.
PHP-TUF Audit Complete! The Drupal project partnered with OSTIF for a series of audits on key technology to support supply chain security for automatic updates. Specifically, the PHP-TUF client-side library and its server-side… Read more »
Securing Open-Source Infrastructure with Trail of Bits OSTIF started performing security audits in earnest in 2018, tackling a new level of involvement open source security. That same year was OSTIF’s first collaboration with security firm Trail of… Read more »
Amazon Web Services & Eclipse Foundation Security Audit Impact Report 2023 In collaboration with Amazon Web Services and the Eclipse Foundation, OSTIF is excited to release our Independent Security Audit Impact Report for 2023! Over the past year, OSTIF worked with… Read more »