Security Training That Actually Prepares You
We've trained people who now work at leading blockchain firms across Southeast Asia. Not through flashy promises, but through practical work on real vulnerabilities.
Our next cohort starts in September 2025. You'll spend six months working alongside auditors who've found critical bugs in production systems.
This isn't a course. It's an apprenticeship where you'll break actual smart contracts and learn why they failed.
What You'll Actually Learn
Six months of hands-on work. You'll start with the basics and end up analyzing complex DeFi protocols.
Real Vulnerability Analysis
Start by breaking intentionally flawed contracts. Move on to finding issues in code that looks perfectly fine. We use examples from actual audits where vulnerabilities were discovered.
Testing Tools You'll Use Daily
Fuzzing, static analysis, formal verification. You'll use the same tools professional auditors rely on. And you'll learn when each one matters most.
Write Reports That Matter
Finding bugs is one thing. Explaining them so developers understand the severity and fix them correctly? That's where most training programs stop. We don't.
How The Program Works
Weeks 1-8: Foundations
You'll work through increasingly complex contracts. Each one has hidden vulnerabilities. Some obvious, some subtle. You'll learn to spot patterns that signal trouble.
Weeks 9-16: Real Audits
Work alongside our team on actual client projects. You won't be doing it alone, but you'll contribute to real findings. Your work gets reviewed by auditors who've been doing this for years.
Weeks 17-24: Independent Projects
Choose a protocol to audit. Plan your approach, execute the audit, write the report. Present your findings to our team. This becomes your portfolio piece.
Where People Go After Training
These are graduates who completed the program and where they ended up. Not guarantees, but real outcomes.
Kasem Thongchai
Security Engineer, DeFi Protocol (Singapore)
Started with JavaScript experience
Kasem worked as a frontend developer but wanted to move into security. He'd tried online courses but never got past basic Solidity tutorials. The gap between simple examples and real protocols felt massive.
Found his first real vulnerability in week 10
Working on a client audit, he noticed a reentrancy pattern everyone else had missed. Not textbook obvious, but there once you saw it. That moment changed how he read code.
18 months later, leading security reviews
He joined a DeFi team in Singapore three months after graduating. Now he's reviewing smart contracts before deployment and training their junior developers on common pitfalls.
Siriporn Wattana
Independent Security Auditor
Backend developer looking for new challenges
Siriporn had built APIs for five years but felt stuck. She understood systems and security concepts but had never touched blockchain code. Seemed too specialized to break into.
Her final project caught a critical bug
For her capstone audit, she chose a lending protocol. Found an oracle manipulation vulnerability that could have drained millions. The protocol wasn't deployed yet, but her report showed she understood the economics, not just the code.
Building her own audit practice
She spent six months with an audit firm after graduating, then went independent in early 2025. Now she works with smaller projects who need thorough security reviews but can't afford the big firms.
Arthit Pongsakul
Security Researcher, Regional Blockchain Lab
Arthit came from traditional finance IT. He completed the program in late 2024 and now works on threat modeling for cross-chain protocols. His background in banking fraud detection translated surprisingly well to smart contract security.
He still reaches out when he finds interesting vulnerabilities. Last month he discovered an edge case in a bridge protocol that our team helped him document properly.
Niran Chaiwong
Security Consultant, Freelance
Niran was a smart contract developer who kept seeing bugs in production. He joined our October 2024 cohort to understand the auditor's perspective. Now he splits time between building and auditing.
The training changed how he writes code. He thinks like an attacker first, which means his contracts need fewer fixes during audits. That makes him valuable to teams who want security built in from the start.