Open Source Security Archives - 7ASecurity Blog

How 7ASecurity Audits Work: Interim Findings, Manual Testing, and Free Fix Verification

Admin — Fri, 06 Feb 2026 06:24:49 +0000

A clear, practical walkthrough of the 7ASecurity audit process: threat-model driven scoping, a dedicated communication channel with interim findings, and free fix verification—so issues are fixed, not just reported.

The post How 7ASecurity Audits Work: Interim Findings, Manual Testing, and Free Fix Verification appeared first on 7ASecurity Blog.

Code audit for the Tor Project by 7ASecurity

Admin — Fri, 30 Jan 2026 08:38:00 +0000

For the past three years, the Tor Project has been working to improve the tools, resources, and protocols used to monitor the health of the Tor network. This work aims to strengthen the Tor network's resilience and resist relay attacks. As part of this effort, in July and August 2025, 7ASecurity conducted a code audit of those …

The post Code audit for the Tor Project by 7ASecurity appeared first on 7ASecurity Blog.

What ‘Quality Pentests’ Really Mean: Interview with OWASP Executive Director Andrew van der Stock

Admin — Fri, 23 Jan 2026 06:41:47 +0000

OWASP Executive Director Andrew van der Stock interviews 7ASecurity CEO Abraham Aranguren on what “quality pentesting” really means: threat-model driven scoping, researcher-led testing, interim findings, and free fix verification.

The post What ‘Quality Pentests’ Really Mean: Interview with OWASP Executive Director Andrew van der Stock appeared first on 7ASecurity Blog.

LinkerD Security Audit by 7ASecurity

Admin — Wed, 19 Feb 2025 08:31:19 +0000

7ASecurity is proud to share the results of a recent security audit of Linkerd. Linkerd is an open source service mesh for Kubernetes which prioritizes reliability, security, and simplicity. Thanks to the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation, this project can continue to provide a lightweight …

The post LinkerD Security Audit by 7ASecurity appeared first on 7ASecurity Blog.

7ASecurity Completes LitmusChaos Audit

Admin — Mon, 26 Aug 2024 09:19:58 +0000

7ASecurity is proud to share the results of our security audit of LitmusChaos. LitmusChaos is an open source chaos engineering platform for a multitude of cloud platforms. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation, this project can continue to provide secure chaos testing environments for …

The post 7ASecurity Completes LitmusChaos Audit appeared first on 7ASecurity Blog.

7asecurity Completes OpenTelemetry Audit

Admin — Sun, 21 Jul 2024 11:19:35 +0000

7ASecurity is proud to share the results of our security audit of OpenTelemetry. OpenTelemetry is an open source project for generating and collecting telemetry data for software analysis. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation (CNCF), this project will experience strengthened security health as it moves to graduation status with the …

The post 7asecurity Completes OpenTelemetry Audit appeared first on 7ASecurity Blog.

7ASecurity completes CoverDrop Audit

Admin — Wed, 12 Jun 2024 09:46:20 +0000

About CoverDrop Whistleblowers need a secure method to initiate contact and build trust with journalists. Existing tools often cater to later-stage correspondence, leaving crucial, early touch-points vulnerable to surveillance. In addition, many of these tools are difficult to find on newspaper websites, hard to use securely, and offer insufficient user guidance. After conducting workshops with …

The post 7ASecurity completes CoverDrop Audit appeared first on 7ASecurity Blog.