security-alliance/frameworks — Gitpedia

Welcome to the official repository of the Security Frameworks—a curated collection of structured, community-driven
security best practices maintained by the Security Alliance (SEAL). This repository powers a comprehensive, evolving
security reference resource designed for practitioners and organizations to adopt, adapt, and contribute to.

⚠️ This is a work in progress.
The Security Frameworks are continuously evolving as we add, refine, and review content.
Check out our Contributing Guide to
learn how you can help shape this resource — whether by fixing typos, suggesting improvements, or contributing new
sections.

What are the Security Frameworks?

The Security Frameworks are a modular taxonomy of security topics—ranging from operations and incident response to
community management and general security awareness.

They serve as:

A collection of best practices written in a general and technology-agnostic way, applicable across different
contexts.
A reference guide to help secure Web3 projects and build resilience against threats, from basic considerations to
complex scenarios.
A well-organized compilation of security insights, designed to centralize existing knowledge while also providing
new, practical guidance where gaps exist.
A living resource that evolves with community contributions and feedback.

Unlike typical blog posts or curated lists, this framework emphasizes fundamental security principles and practical
applications rather than chasing the latest trends. It’s not meant to be read linearly, but rather used as a
reference tool.

Why we created the Security Frameworks

Security challenges in Web3 are expanding—many of them not limited to blockchain infrastructure itself, but affecting
the broader ecosystem. While information is abundant, it is often fragmented, inconsistent, or hard to access.

We created this resource to:

Centralize knowledge scattered across the internet into one accessible reference.
Fill in the gaps by generating new content where existing resources fall short.
Support practitioners with in-depth, actionable guidance instead of surface-level commentary.
Promote resilience by focusing on principles that remain relevant across technologies, not just the
“latest and greatest.”

Who can benefit

This resource is open to everyone:

Web3 teams seeking security best practices throughout their project lifecycle.
Web2 professionals looking to understand blockchain security fundamentals.
Community managers, policy writers, incident responders, and anyone shaping secure digital ecosystems.

Think of it as a one-stop shop for Web3 security: a high-level framework that combines structured knowledge
with practical advice to help teams and individuals level up their security capabilities.

Live Resources

The Security Frameworks are published online in two versions:

Main – Website following main branch
- Contains polished, reviewed, and production-ready content.
Develop – Website following develop branch
- Contains work-in-progress material, drafts, and experimental updates.

Both versions are continuously updated, but only main reflects finalized, community-reviewed guidance.

Contributing

The Security Frameworks are an open and collaborative initiative. Whether you are part of the Security Alliance or not,
we welcome your contributions! Help us build the documentation and improve security in the ecosystem. If you'd like
to join our effort, feel free to fix typos, contribute new sections, or propose enhancements.

Every contribution helps strengthen the resource and improve security practices across the ecosystem.

See our Contributing Guide for details
on how to get started.