Blog

7ASecurity shares results of a security audit of Stork (ISC’s admin interface for Kea servers): 7 security-impact findings (2 high) and all fixes verified, plus threat modeling, SLSA review, and an SBOM.

7ASecurity shares results of a holistic security audit of zlib: 10 security-impact findings (1 high) and all fixes verified, plus hardening recommendations and a custom threat model.

7ASecurity is proud to share the results of our security audit of Logback.  Logback is an inclusive, fast, and adaptable logging framework for Java. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Sovereign Tech Agency, this project continues to provide reliable and flexible architecture for Java applications.  Audit Process: This …

7ASecurity is proud to share the results of a recent security audit of Linkerd. Linkerd is an open source service mesh for Kubernetes which prioritizes reliability, security, and simplicity. Thanks to the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation, this project can continue to provide a lightweight …

7ASecurity is proud to share the results of our security audit of LitmusChaos. LitmusChaos is an open source chaos engineering platform for a multitude of cloud platforms. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation, this project can continue to provide secure chaos testing environments for …

7ASecurity is proud to share the results of our security audit of OpenTelemetry. OpenTelemetry is an open source project for generating and collecting telemetry data for software analysis. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation (CNCF), this project will experience strengthened security health as it moves to graduation status with the …

7ASecurity had the privilege to collaborate with the Open Source Technology Improvement Fund (OSTIF), as well as the Node Version Manager (nvm) team, in a recent security audit of the nvm project. What is Node Version Manager? nvm is an open-source version manager for Node.js. It is designed to be secure, reliable and easy to use.nvm operates as …

7ASecurity had the privilege to collaborate with the Open Source Technology Improvement Fund (OSTIF), as well as the K-9 Mail and Thunderbird teams at Mozilla, in a recent security audit of the Mozilla K-9 Mail application. What is K-9 Mail? K-9 Mail is an open source email application that runs on most Android devices. Ideally, the application is reliable, intuitive and secure …