Any tool that runs with elevated privileges on shared infrastructure needs to earn trust. Inspektor Gadget runs with root-level access on nodes to do its job, so an independent review of its security posture is a natural step as the project matures and adoption grows. OSTIF is a nonprofit dedicated to improving the security of open source software. Over the past ten years, OSTIF has managed security engagements that have uncovered more than 800 vulnerabilities across 120 open source projects.
Inspektor Gadget: Results from the first security audit… Instead, eBPF programs are loaded into the kernel at runtime to safely observe syscalls, network activity, and file access. Applications keep running unchanged while operators get the data they need. Why a security audit? …
… Runtime security mechanisms monitor system behaviour and detect anomalies during workload execution: Falco provides real-time detection of suspicious activity within containers and the host environment, with alerts integrated into the observability stack AppArmor enforces kernel-level security prof… …
… Cluster provisioning: spinning up new clusters for trading desks or risk teams was a multi-day manual exercise with no single source of truth. …