Security Audit
Welcome to the Security Audit Reports page. Here, you will find a collection
of publicly available security audit reports.
2023
ADA LOGICS 2022-23 - Notary Fuzzing Audit
This report details a fuzzing audit commissioned by the CNCF and the engagement is part of the broader efforts carried out by CNCF in securing the software in the CNCF landscape. Demonstrating and ensuring the security of these software packages is vital for the CNCF.
2018
August 7, 2018 by Cure53 covering TUF and Notary
This report documents the findings of a security assessment
targeting the TUF/Notary software compound. The project, which
comprised a source code audit and a classic penetration test, was
carried out by Cure53 in 2018 and yielded only four
securityrelevant findings.
2015
July 31, 2015 by NCC covering TUF and Notary
This report documents the findings of a security assessment
targeting the TUF/Notary software compound. The project, which
comprised a source code audit and a classic penetration test, was
carried out by Cure53 in 2018 and yielded only four
securityrelevant findings.