Security Alliance

632 posts

Security Alliance banner
Security Alliance

Security Alliance

@_SEAL_Org

Securing the future of crypto | Cover art by @yueko__ | Emergencies: https://t.co/DAAyAETsY4

Katılım Şubat 2024
100 Takip Edilen20.9K Takipçiler
Sabitlenmiş Tweet
Security Alliance
Security Alliance@_SEAL_Org·
SEAL exists because security experts chose to share knowledge instead of hoarding it. Your donation keeps that infrastructure running: securityalliance.org/donate
Security Alliance tweet media
English
4
5
25
9.2K
Security Alliance
Security Alliance@_SEAL_Org·
He’s not exaggerating. We broke down those five things, what they are, why they keep working, & what actually stops them. Our 2Q 2026 Threat Intel Summary is available here: radar.securityalliance.org/2q-2026-threat…
bbsz@blackbigswan

I am working on a quarterly threat intel report for SEAL and goddamn blockchain projects are basically constantly getting rekt by the same things over and over again. And when I say 'the same things' it is literally the same things that somehow everybody claims to be 'well aware off' or 'not that stupid to fall for it'. And 90% of those things is actually easy to stop but that doesn't happen because nobody bothers with the actual recommendations made by security / threat / appsec / opsec people even if those are made for free or near-free if you include tooling. Like, it is honestly ridiculous when you finally get to creating the 'big picture' view. It even fooled me. I somehow thought - Omg, we deal with so many different things, tens of different things, 20 tickets and tips and signals a day, how am I supposed to cover it all! The answer - it is maybe like FIVE different things just over and over and over again. DPRK campaigns literally exists because of that massive discrepancy between signaling ("We are audited") and the reality ("... but we don't know what that means"). Yes, there is some adaptation/evolution on Norks part but only against nerds that chase them and not against geeks that get rekt by them. TTPs are EXACTLY the same, EDRs are DETECTING their malware, goddamn, I think in one or two instances we've seen their attack chain failing because of the firewall setting and they just gave up and moved to someone who just doesn't give a F at all? The bar is in hell and we only do not get another record hack front page news because the whole industry is in massive bear market.

English
0
2
10
3.3K
Security Alliance retweetledi
Adevar Labs - Security Audits
We've just signed an accreditation agreement with @_SEAL_Org . This will help us provide operational security audits to protocols. Nowadays, approximately 70% of incidents come from operational issues. A compromised signer, a DNS takeover and many more. Our opsec audits cover multisig ops, treasury, incident response, DevOps, and identity controls. Shipping safely doesn't only mean securing the code, but also the operation behind it. Ship Safely. 🚀 Operate Securely🫡
English
0
3
28
1.5K
Security Alliance
Security Alliance@_SEAL_Org·
Thank you, @UniswapFND for your generous support as a Silver Donor. Your commitment to a safer ecosystem makes our work possible. 🙏
English
0
2
16
3.4K
Security Alliance
Security Alliance@_SEAL_Org·
🌷 @flyingtulip_ is now part of SEAL Safe Harbor, so authorized whitehats can help rescue funds during active exploits. That brings us to 31 protocols that have chosen to give whitehats a legal path to act when it matters most! 🎉
Security Alliance tweet media
English
3
6
49
5.7K
Security Alliance
Security Alliance@_SEAL_Org·
We’re proud to welcome @HyperFND as our newest Platinum Donor. With this support SEAL can do more emergency response, more threat intelligence, & more protection for the entire ecosystem.
English
47
55
383
42.3K
Security Alliance
Security Alliance@_SEAL_Org·
Better-informed policy is good for everyone building in this space. OPSeC gives our industry a way to make that happen by curating free security resources, hosting educational events, and ensuring technical frameworks reach the policymakers who need them. Learn more: defieducationfund.org/defi-education…
Security Alliance tweet media
DeFi Education Fund@fund_defi

Introducing OPSeC: a new industry-wide initiative we're convening in partnership with @_SEAL_Org & @asymmetric_re to improve cybersecurity resilience across blockchain ecosystems & onchain software. Join us to ensure security is at the heart of onchain technology development.

English
0
3
25
3.5K
Security Alliance retweetledi
Oak Security
Oak Security@SecurityOak·
Want help with your operational security? We are approved by @_SEAL_Org to offer certifications that cover your operational security to make sure your systems are as safe as your code. Want to see the data Stefan refers to? We put together a 4-year report on web3 security: research.oaksecurity.io
English
0
1
10
1.4K
Security Alliance retweetledi
Usman
Usman@0xusmanf·
Most multisig failures don't start with bad code. They start with "I thought someone else was handling that." @_SEAL_Org's Multisig Ops certification has 24 controls across 6 sections. Control "Named Multisig Operations Owner" is first for a reason. It asks one question: Is there a clearly named person or team accountable for multisig operations? Accountability scope according to SEAL: — Policy maintenance — Signer onboarding/offboarding — Documentation accuracy — Periodic reviews — Incident escalation Check your protocol. Open your internal docs. Search for whoever owns each of these five things. If you can't find a name in under 60 seconds, you don't have a named owner. You have an assumption. Assumptions are how a compromised signer stays on a multisig for 3 months after they leave the team. This is day 1 of a 30-day series on the SEAL Multisig Ops certification framework. One control per day. Self-assessment questions your protocol can answer today.
English
1
4
20
44.7K
Snibby
Snibby@ItsSnibby·
@BlockSecTeam @_SEAL_Org feels like web3 security finally moving towards some standardization instead of everyone doing their own thing curious how strict these certifications actually get in practice.@BlockSecTeam cool take, connect if you’re into it
English
1
0
1
19
BlockSec
BlockSec@BlockSecTeam·
Proud to be part of the SEAL Certifications initiative @_SEAL_Org At BlockSec, we see this as an important step toward more standardized, credible, and transparent security auditing across Web3, helping build a more mature security assurance framework for the ecosystem.
Security Alliance@_SEAL_Org

If your protocol is ready to get certified, these firms are accredited and taking clients now. Already working with one of them? Ask about SEAL Certifications starting today. @audit_wizard @BlockSecTeam @chain_security @Composable_Sec @ConsensysAudits @cyfrin @DefiSafety @hackenclub @HackenProof @SecurityOak @OpenZeppelin @opsek_io @Quantstamp @0xshield3 @sigp_io @statemindio @trailofbits @Wonderland @zellic_io @zeroshadow_io Announcement: radar.securityalliance.org/seal-certifica…

English
1
1
8
3.2K
Security Alliance
Security Alliance@_SEAL_Org·
A huge thank you to @krakenfx for supporting SEAL’s mission to protect the crypto ecosystem. Your generosity directly funds the people and infrastructure keeping this space safer for everyone. We’re grateful to have you in our corner. 🙏
English
11
7
68
13K
Security Alliance
Security Alliance@_SEAL_Org·
If your protocol is ready to get certified, these firms are accredited and taking clients now. Already working with one of them? Ask about SEAL Certifications starting today. @audit_wizard @BlockSecTeam @chain_security @Composable_Sec @ConsensysAudits @cyfrin @DefiSafety @hackenclub @HackenProof @SecurityOak @OpenZeppelin @opsek_io @Quantstamp @0xshield3 @sigp_io @statemindio @trailofbits @Wonderland @zellic_io @zeroshadow_io Announcement: radar.securityalliance.org/seal-certifica…
English
1
6
45
7.1K
Security Alliance
Security Alliance@_SEAL_Org·
It's finally happening! SEAL Certifications are now open for business. 🎉
Security Alliance tweet media
English
15
28
145
30K
Security Alliance
Security Alliance@_SEAL_Org·
Welcome, @MonolithMarket! Monolith is now a SEAL Safe Harbor member — meaning authorized whitehats have the green light to help rescue funds if an active exploit hits. There are now 30 protocols under Safe Harbor protection!
Security Alliance tweet media
English
4
3
20
3.2K
Security Alliance retweetledi
Wonderland
Wonderland@Wonderland·
For years, we've been implementing opsec standards internally and pushing the same recommendations to every client we work with. With recent exploits, we saw a gap in the market that we were fit to address. So we teamed up with @_SEAL_Org and studied the last 100 opsec incidents in digital assets. That became the foundation for DARC. We are proud to introduce the @DARCStandard: Digital Asset Risk & Compliance.
DARC@DARCStandard

Introducing DARC: the Digital Asset Risk & Compliance Standard. Built by @Wonderland in collab with @_SEAL_Org, DARC is an opsec standard with 250 controls continuously monitored across your GitHub, cloud infra, multisig wallets, and more. Running every day, automatically.

English
7
33
125
12.2K
Security Alliance retweetledi
Unchained
Unchained@Unchained_pod·
"We can't expect users to do an opec audit of everything they can see onchain to get 3% interest. "At the Security Alliance, we're trying to make those things more visible so you have some assurance that a firm went in to see how their multisigs, parameters, devops and SDKs are managed." -- Isaac Patka x.com/i/broadcasts/1…
English
0
1
11
1.1K
BRÆDEN
BRÆDEN@0xKyrie_Eleison·
One thing I want to see become more mainstream in crypto is a heightened obsession with security (preemptive security). Drift and Kelp have already wrecked this year, with hundreds of millions in losses. One small way protocols can start building a trust ecosystem is by getting a certificate from @_SEAL_Org and donating so we can have more contributors. I don't necessarily know how to get people, especially in this industry, to donate their efforts pro bono. But if you're technical and this is your first time hearing about it, consider learning more and getting involved. securityalliance.org/our-work/certi…
English
1
0
1
357
Security Alliance retweetledi
Monolith
Monolith@MonolithMarket·
Monolith is now a SEAL Safe Harbor member. Whitehats are encouraged to help rescue funds for a bounty.
Security Alliance@_SEAL_Org

Welcome, @MonolithMarket! Monolith is now a SEAL Safe Harbor member — meaning authorized whitehats have the green light to help rescue funds if an active exploit hits. There are now 30 protocols under Safe Harbor protection!

English
0
1
16
2K