Why Web3 security must be automated
The Web3 space has had huge profits and losses, and a part of those losses is attributed to hacks which are valued in billions of dollars for 2022. While this problem persists, a few Web3 security companies such as sec3 are developing security tools to automate safety in the ecosystem.
He revealed that the name sec3 was derived from securing Web3 and that they are a security research firm that’s focused on making Solana projects safe using auditing and other processes.
“We have three major products on our platform,” he said. The first is Soteria, a vulnerability scanner with more than 30,000 user downloads that checks Web3 products for possible weaknesses. The second is the X-ray, a SaaS security tool that runs scans and tests Web3 products before deployment, Chris explained.
Chris further stated that the sec3 team discovered a vulnerability with the X-ray tool and solved the problem by adding a new checker to it. The last product is WatchTower which is a post-deployment tool for real-time threat monitoring of Web3 products.
Why automate security in Web3
To have a safe Web3 ecosystem, it’s important to automate security, Chris said to the Breakpoint audience. This will help tackle the problem of consistent hacks in the industry.
While devs can do so much, they need to rely on tools like we have in sec3 to prevent semantic inconsistency, the Co-founder shared. Another reason for collaboration between humans and tools for securing Web3 is that humans are not as scalable as tools that can be upgraded consistently to respond to new threats.
Chris also explained that the three stages of launching a product are pre-deployment, launch, and post-deployment, and need systems that can secure what devs have created. He further noted that he believes it’s possible to develop real-time security automated tools after smart contracts for blockchain products at these stages.
The co-founder stated that while their on-chain security monitors can detect malicious activities set up by hackers before they are deployed, there can never be a perfect system for security, thus, consistently improving their system is priority.