The Solana Foundation has introduced a new initiative focused on solana security to improve how projects manage vulnerabilities and respond to on-chain threats.
Solana Foundation launches STRIDE to standardize DeFi risk assessments
The Solana Foundation has unveiled a new security framework, developed with Asymmetric Research and branded STRIDE, to systematically audit Solana-based protocols and strengthen risk monitoring across decentralized finance. The initiative aims to give teams a consistent methodology for identifying risks, tracking vulnerabilities, and escalating threats throughout the ecosystem.
According to the official announcement, STRIDE establishes a standard process to evaluate the security of projects that build on Solana. Moreover, it is designed to support both early-stage protocols and mature platforms by providing a clear benchmark for operational security, governance, and incident readiness.
Under STRIDE, DeFi protocols are evaluated across eight domains: program integrity, governance controls, oracle dependencies, infrastructure configuration, and day-to-day operational practices. In addition, the framework covers supply chain exposure, incident response readiness, and forensic capabilities tied to comprehensive log management, which is critical when tracing on-chain exploits.
Each participating protocol undergoes an independent review process, with findings and scores disclosed publicly. That said, the framework is intended to be iterative, with regular updates as new attack vectors emerge and defensive techniques evolve in DeFi infrastructure.
“This gives users, investors, and the broader ecosystem real transparency into the security posture of the protocols they interact with,” Asymmetric Research noted in the announcement. However, they also emphasized that continuous monitoring and rapid response remain essential even when audits are in place.
Solana Incident Response Network targets faster threat coordination
Alongside STRIDE, the foundation introduced the Solana Incident Response Network (SIRN), a coalition of specialized security firms tasked with coordinating real-time responses to active threats on the network. The group is structured to share alerts quickly and support teams under attack.
Within SIRN, members will share threat intelligence, coordinate interventions during live incidents, and contribute feedback that feeds back into the ongoing evolution of the STRIDE standards. Moreover, this combination of preventive audits and reactive coordination is intended to shorten detection times and reduce the financial impact of exploits.
The foundation said the incident response network will focus on rapid communication between protocol teams, independent security researchers, and infrastructure providers. However, participation in SIRN is expected to expand over time as more firms join the coalition and align with its playbooks and escalation procedures.
In this way, the new framework and response network together form what the Solana Foundation describes as an ecosystem-wide approach to managing security, from pre-deployment reviews to post-incident forensics.
Rising DeFi exploits keep security at the center of the conversation
The launch of STRIDE and SIRN follows a series of high-profile DeFi incidents on Solana and other chains. Most notably, Drift Protocol suffered a $280 million exploit only days before the announcement, drawing renewed scrutiny to the sector’s risk controls and monitoring tools.
Investigators linked the Drift incident to social engineering campaigns attributed to North Korean-affiliated actors. That said, the scale of the Drift Protocol exploit underscored how a single compromise of access credentials can translate into hundreds of millions of dollars in losses on-chain.
Data from DefiLlama shows that more than $168 million was stolen from 34 DeFi protocols in Q1 2026. Moreover, while this figure is sharply lower than the $1.58 billion recorded during the same period in 2025, the persistence of hacks highlights enduring decentralized finance risks that technical upgrades alone have not resolved.
The numbers suggest that even as total stolen value declines, attackers continue to probe for weaknesses in smart contracts, governance processes, and oracle configurations. However, the introduction of structured defi security audits and coordinated response frameworks may help reduce both the frequency and the impact of successful intrusions.
AI-driven attack tools add complexity to DeFi defense
Recent cases also point to the rising role of automation and AI-enhanced tools in DeFi exploits. In January, Step Finance reportedly lost roughly $40 million after attackers leveraged automated agents to execute rapid transfers, significantly amplifying the scale and speed of the breach, according to reporting from KuCoin.
While the STRIDE announcement did not explicitly reference artificial intelligence, industry observers have warned that AI-assisted reconnaissance and scripting can accelerate the discovery and exploitation of protocol weaknesses. Moreover, this trend raises the bar for defenders, who must now match faster attack cycles with better crypto threat intelligence and automated monitoring.
Within this context, the solana security initiative around STRIDE and SIRN aims to provide both a publicly verifiable baseline for protocol risk and a more agile incident-handling layer. However, its effectiveness will depend on how widely projects adopt the framework and how actively they participate in real-time information sharing.
Overall, the Solana Foundation’s new framework and response network represent an attempt to move from ad hoc practices to a coordinated, data-driven security posture for DeFi protocols, at a time when exploits, though smaller in volume than in 2025, remain a defining challenge for the sector.
Source: https://en.cryptonomist.ch/2026/04/07/solana-security-stride-sirn/
