# Security Frameworks by SEAL > A collection of technology-agnostic security best practices to secure Web3 projects and build resilience against potential threats. Maintained by the Security Alliance (SEAL). Full documentation: https://frameworks.securityalliance.org --- ## Instructions for AI Assistants To help users with a specific topic: 1. Find the framework that best matches the question in the list below 2. Fetch the framework index file — it includes an overview and links to all per-page files 3. If you need detailed content on a specific topic, fetch the relevant per-page file 4. In your response, name the framework and link to its documentation Do not fetch multiple framework files at once. Each framework index is self-contained. If your tool loads a skill or policy file, a retrieval policy for this repository is available at https://github.com/security-alliance/frameworks/blob/develop/SKILL.md. It defines branch policy, behavior with retrieved content, and what to do when retrieval returns nothing relevant. --- ## Frameworks ### Intro File: https://frameworks.securityalliance.org/llms/intro.txt Description: Introduction to SEAL Security Frameworks: curated resources for blockchain security best practices. Learn about Web3 security, contribute to the project, and discover SEAL's mission. Topics: Introduction to SEAL Frameworks, How to Navigate the Website, Overview Of Each Framework, Attack Surface Overview, What It Is, What It Isn't, LLMs ### AI Security File: https://frameworks.securityalliance.org/llms/ai-security.txt Description: AI security framework for Web3 teams: prompt injection defenses, execution-path controls, exfiltration prevention, and sandboxing for agentic systems. Topics: AI Security, Prompt Injection Defenses, AI Browsers, AI Workflows: Developers vs Non-Developers, Data Exfiltration via Generative Systems, Execution-Path Enforcement, DevSecOps Isolation & Sandboxing Reference ### Awareness File: https://frameworks.securityalliance.org/llms/awareness.txt Description: Security Awareness Framework: Learn to recognize risk signals and cultivate a security-aware mindset. Protect against Web3 threats like crypto drainers, rug pulls, phishing, and social engineering. Topics: Security Awareness, Core Awareness Principles, Understanding Threat Vectors, Cultivating A Security Aware Mindset, Staying Informed And Continuous Learning, Security Resources & Further Reading ### Community Management File: https://frameworks.securityalliance.org/llms/community-management.txt Description: Community Management Framework: Secure your Web3 community on Telegram, Discord, and X (Twitter). Essential practices for 2FA, phishing prevention, and emergency response planning. Topics: Community Management, Discord Security, Twitter/X Security, Telegram Security ### Contribute File: https://frameworks.securityalliance.org/llms/contribute.txt Description: How to contribute to the Security Frameworks - either through direct contributions (fixes, new content, enhancements) or by becoming a Framework Steward. Topics: Contributing Guide, Spotlight Zone, Framework Stewardship ### DevSecOps File: https://frameworks.securityalliance.org/llms/devsecops.txt Description: DevSecOps Framework: Integrate security into your CI/CD pipelines with fuzzing, static and dynamic analysis. Enable collaboration between development, operations, and security teams. Topics: DevSecOps, Sandboxing & Isolation, Execution Sandboxing, Capability-Based Isolation, Sandboxing for Tool Execution, Network & Resource Isolation, Sandboxing & Policy Enforcement, Execution Sandboxing: A Practical Guide, Implementing Code Signing, Securing CI/CD Pipelines, Data Security Checklist, Governance Proposal Security Across the SDLC, Securing Development Environments, Repository Hardening, Security Testing ### DPRK IT Workers File: https://frameworks.securityalliance.org/llms/dprk-it-workers.txt Description: DPRK IT Workers Framework: Protect your organization from North Korean insider threats. Recognize hacker-freelancers, harden hiring processes, and mitigate supply-chain compromise risks. Topics: DPRK IT Workers, DPRK IT Workers: General Information, DPRK IT Worker TTPs, Mitigating DPRK IT Worker Threats, DPRK IT Worker Case Studies, DPRK IT Workers Summary ### Encryption File: https://frameworks.securityalliance.org/llms/encryption.txt Description: Encryption Framework: Comprehensive guide covering cloud, communication, database, email, file, full disk, and hardware encryption to protect sensitive information from unauthorized access. Topics: Encryption, Cloud Data Encryption, Securing Communications, Database Encryption, Email Encryption, Encryption In Transit, File Encryption, Full Disk Encryption, Hardware Encryption, Partition Encryption, Volume Encryption ### ENS File: https://frameworks.securityalliance.org/llms/ens.txt Description: ENS Framework: Securely implement ENS in your applications with L1 data verification, ENSIP-15 normalization, bidirectional resolution, CCIP-Read support, and cross-chain compatibility. Topics: ENS Best Practices, ENS Data Integrity Verification, ENS Cross Chain Compatibility, ENS Smart Contract Integration, ENS Interface Compliance, ENS Name Handling & Normalization ### External Security Reviews File: https://frameworks.securityalliance.org/llms/external-security-reviews.txt Description: External Security Reviews: Security assessments to identify vulnerabilities in applications and infrastructure. Build stakeholder trust and meet compliance. Topics: External Security Reviews, Smart Contract Security Reviews, Smart Contract Manual Code Review, What to Expect from a Smart Contract Audit, Preparing for a Smart Contract Audit, Selecting a Smart Contract Auditor, Security Policies & Procedures ### Front End Web App File: https://frameworks.securityalliance.org/llms/front-end-web-app.txt Description: Front-End Security Framework: Secure your Web3 front-end against attacks that could expose users to malicious contracts. Best practices for web and mobile application security. Topics: Front-End Web Application Security, Web Application Security, Third-Party Script Security, Mobile Application Security, Common Web Vulnerabilities, Security Tools & Resources ### Governance File: https://frameworks.securityalliance.org/llms/governance.txt Description: Governance Framework: Implement strong governance practices with clear security policies, accountability structures, and continuous monitoring for compliance and risk management. Topics: Governance, Compliance & Regulatory Requirements, Risk Management, Security Metrics & KPIs, Security Council Best Practices ### Guides File: https://frameworks.securityalliance.org/llms/guides.txt Topics: Guides, Account Management, Discord Security, GitHub Security, GoDaddy Security, Linear Security, Mercury Security, Notion Security, Render Security, Sentry Security, Signal Security, Slack Security, Telegram Security, Trello Security, Twitter/X Security, Vercel Security, SSH Client and Key Management Hardening, Hardware Security Keys, Password Manager Endpoint Hardening, Zoom Hardening Guide ### IAM File: https://frameworks.securityalliance.org/llms/iam.txt Description: Identity and Access Management Framework: Control who accesses your systems and data with RBAC, secure authentication, and access management to prevent unauthorized access and insider threats. Topics: Identity and Access Management, Role-Based Access Control, Secure Authentication, Access Management ### Incident Management File: https://frameworks.securityalliance.org/llms/incident-management.txt Description: Incident Management Framework: Prepare for, detect, respond to, and recover from security incidents. Build response plans, communication strategies, playbooks, and lessons learned processes. Topics: Incident Management, Incident Communication Strategies, Incident Detection And Response, Forensic Readiness, Incident Lessons Learned, Incident Response Playbooks, Malware Infection Response, North Korea (DPRK) Attack Response, Wallet Drainer Attack Response, ELUSIVE COMET Attack Response, SEAL 911 War Room Guidelines, Decentralized Incident Response, Incident Response Template for Web3 Protocols, Incident Response Policy, Roles and Staffing, Communication Templates, Critical Contacts, Templates, Incident Log Template, Post-Mortem Template, Runbook Template, Incident: API Outage - Rate Limiter Misconfiguration, Post-Mortem: API Outage - Rate Limiter Misconfiguration, Runbooks, Runbook: Smart Contract Exploit, Runbook: Key Compromise, Runbook: Frontend Compromise, Runbook: DNS Hijack, Runbook: CDN/Hosting Compromise, Runbook: Dependency Attack, Runbook: Build Pipeline Compromise, Runbook: DDoS Attack, Runbook: Third-Party Outage ### Infrastructure File: https://frameworks.securityalliance.org/llms/infrastructure.txt Description: Infrastructure Framework: Secure Web3 infrastructure including cloud providers, DNS security, domain registrars, DDoS protection, network security, and zero-trust principles. Topics: Infrastructure, Asset Inventory, Cloud Infrastructure, DDoS Protection, Domain & DNS Security, DNS Basics & Common Attacks, DNSSEC, CAA, SMTP DANE and Email Security, Registrar Security & Registry Locks, DNS Monitoring & Incident Response, Identity And Access Management, Network Security, Operating System Security, Zero Trust Principles ### Monitoring File: https://frameworks.securityalliance.org/llms/monitoring.txt Description: Blockchain security monitoring framework: detect anomalies and breaches in real-time with guidelines for alerts, thresholds, and monitoring tools. Topics: Monitoring, On-Chain Monitoring Guidelines, On-Chain Monitoring Tools, Monitoring Alert Thresholds ### Multisig For Protocols File: https://frameworks.securityalliance.org/llms/multisig-for-protocols.txt Description: Multisig Security Framework: Complete guide for setup, signer onboarding, hardware wallet requirements, transaction verification, and emergency procedures. Topics: Multisig Security Framework, Multisig Planning & Classification, Multisig Setup & Configuration, Multisig Registration & Documentation, Multisig Communication Setup, Multisig Use Case Requirements, Multisig Operational Runbooks, Token Transfer Runbook, Signer Rotation Runbook, Threshold Change Runbook, Emergency Pause Runbook, Joining a Multisig, Multisig Emergency Procedures, Backup Signing & Infrastructure, Multisig Personal Security (OpSec), Multisig Incident Reporting, Multisig Offboarding, Multisig Implementation Checklist ### OpSec File: https://frameworks.securityalliance.org/llms/opsec.txt Description: Operational Security Framework: Comprehensive OpSec for Web2 and Web3. Identify critical information, analyze threats, assess vulnerabilities, evaluate risks, and implement zero-trust countermeasures. Topics: Operational Security, Security Fundamentals, OpSec Implementation Process, Web3 Security Considerations, Secure Operating Systems, Endpoint Security, Browser Security, Multi-Factor Authentication, Password Management, Google Workspace Security, OpSec Control Domains, Security Improvement Metrics, OpSec Integration, Operational Security While Traveling, Travel Security Guide, Travel Security Quick Reference, OpSec Resources & Appendices ### Privacy File: https://frameworks.securityalliance.org/llms/privacy.txt Description: Privacy Framework: Protect personal and team information from unauthorized access. Manage your digital footprint, data removal, encrypted communication, VPNs, and privacy-focused tools. Topics: Privacy, Secure Browsing, Data Removal Services, Managing Your Digital Footprint, Encrypted Communication Tools, Financial Privacy Services, Privacy-Focused Operating Systems, VPN Services, HTTPS vs VPN, Attack Surfaces on Public Networks, When to Use a VPN, VPN Limitations, VPN Providers and Tools ### Safe Harbor File: https://frameworks.securityalliance.org/llms/safe-harbor.txt Description: Pre-authorize whitehats to rescue funds during DeFi exploits. Legal protection for protocols and researchers. Adopted by Uniswap, Balancer & 68B+ TVL. Topics: SEAL Whitehat Safe Harbor, Safe Harbor Self-Checklist, Safe Harbor Self-Adoption Guide, Safe Harbor Scope Terms, Safe Harbor On-Chain Adoption Guide, Whitehat Rescue Guide ### Secure Software Development File: https://frameworks.securityalliance.org/llms/secure-software-development.txt Description: Secure Software Development Framework: Integrate security throughout the SDLC with code reviews, secure coding standards, version control, threat modeling, and secure design principles. Topics: Secure Software Development, Secure Coding Standards & Guidelines, Code Reviews & Peer Audits, Secure Code Repositories & Version Control, Threat Modeling & Secure Design ### Security Automation File: https://frameworks.securityalliance.org/llms/security-automation.txt Description: Security Automation Framework: Automate compliance checks, IaC security scans, and threat detection. Reduce human error and respond to threats faster. Topics: Security Automation, Threat Detection & Response, Automated Compliance Checks, Infrastructure as Code Security ### Security Testing File: https://frameworks.securityalliance.org/llms/security-testing.txt Description: Security Testing Framework: Unit tests, integration tests, fuzz testing, static analysis, and formal verification for smart contracts. Topics: Security Testing, Unit Testing, Integration Testing, Fuzz Testing, Static Analysis, Formal Verification, Mutation Testing ### Supply Chain File: https://frameworks.securityalliance.org/llms/supply-chain.txt Description: Supply Chain Security Framework: Secure dependencies, frontend delivery, infrastructure providers, and build artifacts in Web3 projects. Prevent supply chain attacks before they reach users. Topics: Supply Chain Security, Supply Chain Levels for Software Artifacts, Dependency Awareness, Web3 Supply Chain Threats, Vendor Risk Management, Supply Chain Incident Response ### Threat Modeling File: https://frameworks.securityalliance.org/llms/threat-modeling.txt Description: Threat Modeling Framework: Identify and mitigate security threats with a structured approach. Understand vulnerabilities, attack vectors, and develop effective mitigation strategies for your systems. Topics: Threat Modeling, Creating Threat Models, Identify & Mitigate Threats ### Treasury Operations File: https://frameworks.securityalliance.org/llms/treasury-operations.txt Description: Treasury Operations Framework: Institutional-grade security for custodial accounts and large crypto transfers. Risk classification and transfer protocols. Topics: Treasury Operations Security, Treasury Security Classification, Custodial Account Registration, Enhanced Controls for High-Risk Accounts, Treasury Transaction Verification ### User Team Security File: https://frameworks.securityalliance.org/llms/user-team-security.txt ### Vulnerability Disclosure File: https://frameworks.securityalliance.org/llms/vulnerability-disclosure.txt Description: Vulnerability Disclosure Framework: Responsible disclosure of identified vulnerabilities after fixes are implemented. Includes bug bounty reporting and Safe Harbor procedures for active exploits. Topics: Vulnerability Disclosure, Security Contact, Bug Bounty Programs ### Wallet Security File: https://frameworks.securityalliance.org/llms/wallet-security.txt Description: Wallet Security Framework: Secure digital assets with hot/cold wallets, multisig best practices, transaction verification, seed phrase management, and account abstraction. Topics: Wallet Security, Custodial Vs Non-Custodial Wallets, Cold Vs Hot Wallet, Wallets for Beginners & Small Balances, Wallets for Intermediates & Medium Funds, Secure Multisig Best Practices, Account Abstraction Wallets, TEE-based Encumbered Wallets, Signing Verification, Verifying Standard Transactions, Secure Multisig Signing Process, Safe Multisig Verification, Squads Multisig Verification, Verifying EIP-7702 Transactions, Smart Contract Interaction Security, Seed Phrase Management, Wallet Security Tools & Resources ### Certs File: https://frameworks.securityalliance.org/llms/certs.txt Description: SEAL Certification Framework: modular operational security certifications for crypto protocols with standardized evaluation criteria and on-chain attestations. Topics: SEAL Certification Framework, Certified Auditors, SFC: DevOps & Infrastructure, SFC: DNS Registrar, SFC: Identity & Accounts, SFC: Incident Response, SFC: Multisig Operations, SFC: Treasury Operations, Certification Guidelines, SEAL Certifications Changelog, Contributing to SEAL Certifications