Security Audit Archives - 7ASecurity Blog https://7asecurity.com/blog/ 7ASecurity Blog With Cybersecurity Tips and Tools Thu, 09 Jul 2026 13:09:37 +0000 en-US hourly 1 https://7asecurity.com/blog/contents/uploads/2019/06/favicon.ico Security Audit Archives - 7ASecurity Blog https://7asecurity.com/blog/ 32 32 KEDA audit by 7ASecurity https://7asecurity.com/blog/2026/06/keda-security-audit-7asecurity/ Fri, 26 Jun 2026 10:22:34 +0000 7ASecurity shares results of a KEDA security audit: 15 security-impact findings (4 high), 5 hardening recommendations, SLSA supply-chain review, and future security guidance.

The post KEDA audit by 7ASecurity appeared first on 7ASecurity Blog.

]]>
Requests, CacheControl and urllib3 audit by 7ASecurity https://7asecurity.com/blog/2026/05/requests-cachecontrol-urllib3-audit/ Fri, 01 May 2026 12:51:49 +0000 7ASecurity shares results of a whitebox audit of Requests, CacheControl and urllib3: 9 security-impact issues, 2 hardening recommendations, supply-chain review and future security guidance.

The post Requests, CacheControl and urllib3 audit by 7ASecurity appeared first on 7ASecurity Blog.

]]>
DEfO audit by 7ASecurity https://7asecurity.com/blog/2026/04/defo-audit-by-7asecurity/ Fri, 10 Apr 2026 09:59:16 +0000 7ASecurity shares results of a security audit of DEfO: 5 security-impact findings (2 high), 6 hardening recommendations, and a lightweight threat model for OpenSSL ECH clients and servers.

The post DEfO audit by 7ASecurity appeared first on 7ASecurity Blog.

]]>
7ASecurity’s Szymon Grzybowski Wins OSTIF’s 2025 Bug of the Year Award https://7asecurity.com/blog/2026/03/7asecurity-ostif-bug-of-the-year-award-2025/ Fri, 27 Mar 2026 09:37:21 +0000 OSTIF selected CVE-2025-31484 from 7ASecurity’s conda-forge audit as its 2025 Bug of the Year, recognizing Szymon Grzybowski’s high-impact supply-chain finding.

The post 7ASecurity’s Szymon Grzybowski Wins OSTIF’s 2025 Bug of the Year Award appeared first on 7ASecurity Blog.

]]>
Stork audit by 7ASecurity https://7asecurity.com/blog/2026/02/stork-security-audit-7asecurity/ Fri, 27 Feb 2026 10:39:30 +0000 7ASecurity shares results of a security audit of Stork (ISC’s admin interface for Kea servers): 7 security-impact findings (2 high) and all fixes verified, plus threat modeling, SLSA review, and an SBOM.

The post Stork audit by 7ASecurity appeared first on 7ASecurity Blog.

]]>
zlib audit by 7ASecurity https://7asecurity.com/blog/2026/02/zlib-7asecurity-audit/ Fri, 13 Feb 2026 08:41:17 +0000 7ASecurity shares results of a holistic security audit of zlib: 10 security-impact findings (1 high) and all fixes verified, plus hardening recommendations and a custom threat model.

The post zlib audit by 7ASecurity appeared first on 7ASecurity Blog.

]]>
How 7ASecurity Audits Work: Interim Findings, Manual Testing, and Free Fix Verification https://7asecurity.com/blog/2026/02/how-7asecurity-audits-work/ Fri, 06 Feb 2026 06:24:49 +0000 A clear, practical walkthrough of the 7ASecurity audit process: threat-model driven scoping, a dedicated communication channel with interim findings, and free fix verification—so issues are fixed, not just reported.

The post How 7ASecurity Audits Work: Interim Findings, Manual Testing, and Free Fix Verification appeared first on 7ASecurity Blog.

]]>
Code audit for the Tor Project by 7ASecurity https://7asecurity.com/blog/2026/01/tor-security-audit-by-7asecurity/ Fri, 30 Jan 2026 08:38:00 +0000 For the past three years, the Tor Project has been working to improve the tools, resources, and protocols used to monitor the health of the Tor network. This work aims to strengthen the Tor network's resilience and resist relay attacks. As part of this effort, in July and August 2025, 7ASecurity conducted a code audit of those …

The post Code audit for the Tor Project by 7ASecurity appeared first on 7ASecurity Blog.

]]>
Thunderbird Security Audit by 7ASecurity https://7asecurity.com/blog/2025/12/thunderbird-security-audit-by-7asecurity/ Sat, 06 Dec 2025 16:16:12 +0000 7ASecurity is proud to share the results of our security audit of Thunderbird Send. Thunderbird Send is an open source platform for sending and receiving end to end encrypted files, for use with Mozilla Thunderbird or web browsers. With the help of the Open Source Technology Improvement Fund and the Mozilla Foundation, this project will …

The post Thunderbird Security Audit by 7ASecurity appeared first on 7ASecurity Blog.

]]>
Free Pentest Contest 2025 https://7asecurity.com/blog/2025/10/free-pentest-contest-2025/ Thu, 30 Oct 2025 13:45:58 +0000 It’s back and bigger than ever!The Free Pentest Contest 2025 — giving organizations around the world the opportunity to receive a professional, full-scope penetration test completely free of charge. Our goal remains simple: to make world-class cybersecurity accessible to everyone. Whether you’re a growing startup, a large enterprise, or an independent developer, this contest is …

The post Free Pentest Contest 2025 appeared first on 7ASecurity Blog.

]]>