7ASecurity is proud to share the results of our security audit of Logback.  Logback is an inclusive, fast, and adaptable logging framework for Java. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Sovereign Tech Agency, this project continues to provide reliable and flexible architecture for Java applications.  Audit Process: This …

7ASecurity is proud to share the results of our security audit of LitmusChaos. LitmusChaos is an open source chaos engineering platform for a multitude of cloud platforms. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation, this project can continue to provide secure chaos testing environments for …

7ASecurity is proud to share the results of our security audit of OpenTelemetry. OpenTelemetry is an open source project for generating and collecting telemetry data for software analysis. With the help of the Open Source Technology Improvement Fund (OSTIF) and the Cloud Native Computing Foundation (CNCF), this project will experience strengthened security health as it moves to graduation status with the …

About CoverDrop Whistleblowers need a secure method to initiate contact and build trust with journalists. Existing tools often cater to later-stage correspondence, leaving crucial, early touch-points vulnerable to surveillance. In addition, many of these tools are difficult to find on newspaper websites, hard to use securely, and offer insufficient user guidance. After conducting workshops with …

Why Should You Do a Pentest? Good question! But first things first: What is a pentest? A penetration test, or pentest, is a simulated cyber attack on a computer system, network, or application to identify and exploit security vulnerabilities. The goal is to assess the security posture of the target and provide recommendations for improving …