Open Source Security Archives - 7ASecurity Blog https://7asecurity.com/blog/ 7ASecurity Blog With Cybersecurity Tips and Tools Fri, 22 May 2026 15:14:47 +0000 en-US hourly 1 https://7asecurity.com/blog/contents/uploads/2019/06/favicon.ico Open Source Security Archives - 7ASecurity Blog https://7asecurity.com/blog/ 32 32 Ouinet audit by 7ASecurity https://7asecurity.com/blog/2026/05/ouinet-audit-7asecurity/ Fri, 22 May 2026 09:19:29 +0000 About Ouinet Ouinet is a suite of free, open source software tools and infrastructure that provides access to the open internet in repressive information contexts with limited or no connectivity. Ouinet works through a network of cooperating nodes or servers, using peer-to-peer routing, and the distributed data storage of users’ internet activity. Ouinet is a core …

The post Ouinet audit by 7ASecurity appeared first on 7ASecurity Blog.

]]> Requests, CacheControl and urllib3 audit by 7ASecurity https://7asecurity.com/blog/2026/05/requests-cachecontrol-urllib3-audit/ Fri, 01 May 2026 12:51:49 +0000 7ASecurity shares results of a whitebox audit of Requests, CacheControl and urllib3: 9 security-impact issues, 2 hardening recommendations, supply-chain review and future security guidance.

The post Requests, CacheControl and urllib3 audit by 7ASecurity appeared first on 7ASecurity Blog.

]]> 7ASecurity’s Szymon Grzybowski Wins OSTIF’s 2025 Bug of the Year Award https://7asecurity.com/blog/2026/03/7asecurity-ostif-bug-of-the-year-award-2025/ Fri, 27 Mar 2026 09:37:21 +0000 OSTIF selected CVE-2025-31484 from 7ASecurity’s conda-forge audit as its 2025 Bug of the Year, recognizing Szymon Grzybowski’s high-impact supply-chain finding.

The post 7ASecurity’s Szymon Grzybowski Wins OSTIF’s 2025 Bug of the Year Award appeared first on 7ASecurity Blog.

]]> zlib audit by 7ASecurity https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ Fri, 13 Feb 2026 08:41:17 +0000 7ASecurity shares results of a holistic security audit of zlib: 10 security-impact findings (1 high) and all fixes verified, plus hardening recommendations and a custom threat model.

The post zlib audit by 7ASecurity appeared first on 7ASecurity Blog.

]]> How 7ASecurity Audits Work: Interim Findings, Manual Testing, and Free Fix Verification https://7asecurity.com/blog/2026/02/how-7asecurity-audits-work/ Fri, 06 Feb 2026 06:24:49 +0000 A clear, practical walkthrough of the 7ASecurity audit process: threat-model driven scoping, a dedicated communication channel with interim findings, and free fix verification—so issues are fixed, not just reported.

The post How 7ASecurity Audits Work: Interim Findings, Manual Testing, and Free Fix Verification appeared first on 7ASecurity Blog.

]]> Code audit for the Tor Project by 7ASecurity https://7asecurity.com/blog/2026/01/tor-security-audit-by-7asecurity/ Fri, 30 Jan 2026 08:38:00 +0000 For the past three years, the Tor Project has been working to improve the tools, resources, and protocols used to monitor the health of the Tor network. This work aims to strengthen the Tor network's resilience and resist relay attacks. As part of this effort, in July and August 2025, 7ASecurity conducted a code audit of those …

The post Code audit for the Tor Project by 7ASecurity appeared first on 7ASecurity Blog.

]]> Interview with OWASP Executive Director on Quality Pentests https://7asecurity.com/blog/2026/01/owasp-executive-director-interview-7asecurity/ Fri, 23 Jan 2026 06:41:47 +0000 OWASP Executive Director Andrew van der Stock interviews 7ASecurity CEO Abraham Aranguren on what “quality pentesting” really means: threat-model driven scoping, researcher-led testing, interim findings, and free fix verification.

The post Interview with OWASP Executive Director on Quality Pentests appeared first on 7ASecurity Blog.

]]> LinkerD Security Audit by 7ASecurity https://7asecurity.com/blog/2025/02/linkerd-security-audit-by-7asecurity/ Wed, 19 Feb 2025 08:31:19 +0000 7ASecurity is proud to share the results of a recent security audit of Linkerd. Linkerd is an open source service mesh for Kubernetes which prioritizes reliability, security, and simplicity. Thanks to the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation, this project can continue to provide a lightweight …

The post LinkerD Security Audit by 7ASecurity appeared first on 7ASecurity Blog.

]]> 7ASecurity Completes LitmusChaos Audit https://7asecurity.com/blog/2024/08/7asecurity-completes-litmuschaos-audit/ Mon, 26 Aug 2024 09:19:58 +0000 7ASecurity is proud to share the results of our security audit of LitmusChaos. LitmusChaos is an open source chaos engineering platform for a multitude of cloud platforms. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation, this project can continue to provide secure chaos testing environments for …

The post 7ASecurity Completes LitmusChaos Audit appeared first on 7ASecurity Blog.

]]> 7asecurity Completes OpenTelemetry Audit https://7asecurity.com/blog/2024/07/7asecurity-completes-opentelemetry-audit/ Sun, 21 Jul 2024 11:19:35 +0000 7ASecurity is proud to share the results of our security audit of OpenTelemetry. OpenTelemetry is an open source project for generating and collecting telemetry data for software analysis. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation (CNCF), this project will experience strengthened security health as it moves to graduation status with the …

The post 7asecurity Completes OpenTelemetry Audit appeared first on 7ASecurity Blog.

]]>