Threat Modeling &
Proactive Security for Web3
Most teams don't discover coordination failures until a crisis. Shield3 identifies those gaps before they matter, through adversarial threat modeling, incident response planning, hands-on exercises, and multisig security training.
Our Work
We've completed engagements with leading protocols across DeFi, L1/L2 chains, and critical infrastructure. We sit on security councils for top protocols.
Shield3 is a founding member and initiative lead in the Security Alliance (SEAL).
For Protocols
DeFi, L1/L2 chains, bridges, liquid staking, and infrastructure projects
End-to-end security resilience: threat modeling, incident response planning, tabletop exercises, and multisig hardening. Most engagements run 4-6 weeks.
Threat Model & Risk Assessment
We analyze your protocol's operations, infrastructure, and control model to identify failure modes and attack vectors. Includes review of admin controls, external dependencies, and critical on-chain events.
Deliverable: Protocol threat model with identified risks and prioritized mitigations
Tabletop Exercise
We run your team through realistic attack scenarios to stress-test decision-making, coordination, and response procedures. Identifies gaps in detection and incident response.
Deliverable: Exercise report with findings, gap analysis, and updated playbooks
Incident Response Playbook
We develop scenario-specific response procedures based on your threat model, including communication templates, escalation paths, and integration with your existing workflows.
Deliverable: IR playbooks with step-by-step procedures for identified scenarios
Live Drill
For teams that want hands-on experience, we execute controlled attack scenarios on testnet to validate alert systems, monitoring, and real-time coordination.
Deliverable: Drill report with technical findings and operational recommendations
Multisig Audit & Training
Comprehensive audit of multisig configurations, signer security, access controls, and operational procedures. Includes governance review and emergency operations assessment.
Deliverable: Multisig playbook for configuration, security, operations, and emergency response
Security Council & Retainer
We join your protocol's security council providing continuous oversight, incident response readiness, quarterly threat model updates, and priority incident support.
Deliverable: Defined SLAs, regular transaction reviews, and quarterly threat model updates
Typical Engagements
| Engagement Type | Includes |
|---|---|
| Multisig Audit | Multisig audit & training |
| Security Assessment | Threat model, tabletop exercise, IR playbook |
| Full Engagement | Threat model, tabletop, IR playbook, live drill, multisig audit & training |
| Retainer | Quarterly threat model updates, annual drills, priority IR support |
All engagements are scoped to your needs.
For Institutions
Funds, banks, stablecoin issuers, regulators, and legal teams
Independent technical security expertise for evaluating crypto protocols. We deliver clear, actionable findings for technical and non-technical stakeholders. Most assessments complete in 2-4 weeks.
Security Due Diligence
Pre-investment or pre-integration technical assessment of a protocol's security posture. We evaluate smart contract architecture, external dependencies, historical incidents, and known vulnerabilities.
Control Surface Analysis
Assessment of how the protocol manages admin access, upgrade mechanisms, and privileged operations. We evaluate multisig configurations, timelocks, governance processes, and key management practices.
Technical Risk Assessment
Independent evaluation of protocol risks for regulatory filings, legal proceedings, or compliance requirements. We translate complex technical risks into clear findings for non-technical audiences.
Technical Briefing
We explain protocol risks, architecture, and security considerations to investment committees, legal teams, or boards. Tailored to your audience's technical level.
Expert Witness Advisory
Technical expertise for legal disputes, regulatory inquiries, or litigation support. We provide expert opinions, testimony preparation, and technical analysis for proceedings.
Portfolio Advisory Retainer
Ongoing security monitoring and advisory for your portfolio companies or integration partners. Includes quarterly reviews, incident alerts, and on-demand technical consultation.
Typical Engagements
| Engagement Type | Includes |
|---|---|
| Pre-Investment DD | Security due diligence, control surface analysis, technical briefing |
| Integration Assessment | Security due diligence, control surface analysis |
| Regulatory Review | Technical risk assessment, expert witness advisory |
| Portfolio Retainer | Ongoing monitoring, quarterly reviews, on-demand advisory |