Real-time incident response programs

Project Title

A real-time last line of defense against any crypto criminal activity.


How we run our society and transact will change exponentially over the next ten years. Every ecosystem of most business segments, from the financial industry to real estate, will have its blockchain-based crypto or token to do business without a trusted third party.
However, this new world must cope with several challenges. Protecting crypto assets from criminal activities is one of the most significant, especially when there are no central authorities to secure your assets for you!
From Smart contract exploits to sophisticated scams, we believe that predicting criminal activity to protect your crypto assets better is the future for Web3 security companies.


The problem

In 2022 alone, over $2.8 billion USD was lost due to smart contract exploits. Alarmingly, 92% of

the exploited contracts had been audited. While this trend is continuing in 2023, large-scale losses are due to private key and access control leakage-based exploits.

In many cases, these exploits are happening even when organizations are leveraging 3rd party custodians and/or MPC or multi-sig wallets.

In short, while security audits and traditional security measures are important, it is clear they must not be the only line of defense when it comes to on-chain asset security.

Highly efficient real-time detecting and protecting programs are missing, hence the gap between existing security solutions, and the evolving criminal activity.

The Solution

The solution to these issues lives in real-time threat detection and response.

The Cyvers Security Operations Centre (SOC) is a proactive security platform that provides real-time detection and automated mitigation against exploits.

The platform is built on top of proprietary machine learning and AI models to predict, alert, and mitigate asset loss related risks with an accuracy of 95%.

In practice, Cyvers SOC consumes all activity broadcasted to the network in real-time through Cyvers’ operated nodes and/or data providers. This allows our platform to monitor, classify, and risk score each interaction and to detect any malicious or illicit activity in real-time - in many cases, prior to. Our models have been trained on thousands of confirmed attacks leading to our impressive detection rate and an industry leading false positive rate.

Within the platform there are 3 products, all of which use the same underlying technology and provide value to different groups across the Ethereum network.

Each tool can be accessed through API and UI and can be integrated during development or post-deployment.

Product Features


Native cross-chain threat intelligence platform to identify security vulnerabilities across entire networks.

Product - Cross-chain threat intelligence platform designed to provide a robust,

real-time data feed of all security related malicious and illicit activity.

How - VigiLens consumes all on-chain activity in real-time and feeds this data through

proprietary machine learning and AI models to provide predictive alerts to mitigate security vulnerabilities. Accessible via API or UI, users have the capability to filter for different threat criteria to ensure they’re only notified and actioning alerts that are relevant to them. In addition, you can create custom workflows and triggers to ensure that any required response is automated and initiated immediately and appropriately.

Audience - This tool has a very broad use case. The Ethereum network could leverage this data feed to better understand illicit network activity, scams, ransomware attacks, exploit trends, and use it as a source of potential areas of improvement for future upgrades on Ethereum network.

Businesses, governments, NGOs, and all sort of Dapps, could leverage VigiLens as a data source to inform positions and risk exposure. These are a few of many other use cases.

With VigiLens you can build bespoke responses for each threat type (17 in total) on individual addresses or create blanket rules. This can be implemented directly through the UI or API.

● Audience - The tool integrates with both decentralized/non-custodial and centralized/custodial use cases. In DeFi, it can protect smart contracts against vulnerabilities and exploits.

By detecting malicious contract deployments, alerting teams of manipulation attempts, and pausing contracts Cyvers can prevent and mitigate asset loss.

In contrast, in CeFi it can detect and mitigate access control and private key leakage related exploits.

On other networks that VigiLens supports currently, we have lending protocols, DEXs, CEXs, insurance companies, regulators, analytics firms, hedge funds and layer 2’s using the system to protect themselves against these threats.

Address Shield

Real-time security monitoring and incident response for wallet addresses and

smart contracts.

● Product - Customizable address- level monitoring and automated rules for response.

Add addresses of interest through UI or API and protect against smart contract and

application layer risks including but not limited to malicious contract deployment, smart contract exploits, oracle manipulation, MEV/Front-running attacks, phishing scams,

private key and access control leakage exploits.

● How - The implementation and “kill chain” regarding how the response mechanism

would mitigate the risks is dependent on the use case. AddressShield can act as a first line of defense, alerting and triggering automated responses like contract pause functions, blocking transactions and triggering workflows.

Reputation Risk Scoring Engine

Cross-chain address and smart contract risk exposure


● Product - Reputation Risk Scoring provides a complete, cross-chain view of an address

or contract’s exposure to security and sanctions-related risks. It automatically scans for

exposure to scams, smart contract exploits, sanctions lists, illicit funding sources and


● How - Leveraging the VigiLens data set and models, the Reputation Risk Scoring

Engine scans the input address and calculates an overview risk score and includes a

breakdown by risk type and exposure. Please see the attached deck for further context.

● Audience - Any organization that is looking to ensure they are not facilitating or handling

digital assets that may have exposure to illicit activity can use this tool. Many criminals

are leveraging cross-chain swaps and bridges as a new way to launder and obfuscate funds and existing compliance tools are not proficient in tracing risk through these types of transactions. As such, regulated organizations who are using existing compliance tools for transaction monitoring may facilitate the trade or on/off ramp of these assets without knowledge that they carry exposure to illicit activity.

Reputation Risk Scoring can be used by CEXs, DEXs, law enforcement, banks, regulators, on/off ramp providers and more.

In short, Cyvers SOC can provide the entire Ethereum network with value. From the

Foundation itself, to builders and down to the individual users whose assets can be protected,

Cyvers SOC can be an additional pillar of security and trust in the Ethereum network.

Given the leadership role in developing the web3 ecosystem Ethereum plays, we believe that Cyvers can help further demonstrate Ethereum’s commitment to user security and safety.


Cyvers successfully secured a seed round of funding in December 2022, ensuring financial stability until mid-2025. The allocated funds are earmarked exclusively for advancing Cyvers’ capabilities on the Ethereum network.

The strategic focus of our business growth revolves around acquiring new clients across diverse sectors, including but not limited to DeFi, CeFi, government entities, NGOs, regulators, law enforcement agencies, hedge funds, insurance companies, data aggregators, and financial institutions.

In response to evolving global regulatory landscapes, digital asset businesses are increasingly obligated to implement compliance tools, adhering to AML standards such as the Travel Rule and the Bank Secrecy Act (BSA).

The International Organization of Securities Commissions (IOSCO) recently issued policy recommendations for DeFi, emphasizing the crucial role of security monitoring. Cyvers anticipates a similar trend in regulatory requirements for security monitoring, thus projecting a further expansion of our already substantial addressable market.

To foster collaboration and knowledge exchange within the industry, Cyvers, in conjunction with the OSWAR community—an initiative founded by Cyvers, now comprising over 250 web3 security companies and experts—is delighted to host a virtual roundtable on December 21st.

Notably, the event will feature the participation of Mr. Martin Moloney, the Secretary General of IOSCO, providing a unique opportunity to delve into the future of regulatory frameworks and security standards in the rapidly evolving landscape of decentralized finance.

Herer after are our Q1 2024 major milestones.

    • AI detection platform improvements
    • Support of Bitcoin.
    • Support of Ethereum network.

Differentiation (from other projects)

Our primary competitors operate in the realm of providing comprehensive or partial real-time incident response programs. However, what truly sets our platform apart is our unparalleled capability to detect private-key leakage, a crucial security concern.

Notably, we consistently position ourselves as pioneers in the field, often being the first to identify and respond to suspicious activities.

This distinctive feature not only highlights our proactive approach but also underscores our leadership in addressing critical security challenges that others in the market may not have the capacity to identify.


About Deddy Lavid, Co-Founder & CEO,

Serial ML-entrepreneur. Skilled in giving life to abstract, cutting-edge ideas and turning them into powerhouses - founded 3 startups from the ground up (a 0 to 1 kind of person), including one which was acquired and one that is currently growing fast. Loves envisioning the future and builds amazing teams that focus on making these visions a reality.
Created SW startup for predictive maintenance using ML which became the worldwide AI center of excellence in SKF corporation, and quickly set a high standard for Data Science technologies and initiatives within the corporation. Managed 5 global development centers from around the world (~300 people).
Bussiness, Engineering, and AI leader. Experienced software manager and senior machine learning architect. Strong background in Computer Science, algorithms design and big data architectures. Always eager to learn and improve.
Enjoys being part of a skilled management team, in a mission to develop exceptional and (b)leeding-edge technologies. Repeated delivery of award-winning applications and services and creating substantial shareholder value in the process.
30+ Recommendations, 11 data science patents, 7 big data publications, 5 work excellence and appreciation awards (missile interception projects), 2 machines learning research papers

About Meir Dolev, Co-Founder & CTO,

Entrepreneur, passionate about startups, developing products and technologies since his first working experience in a startup company when he was 18 years old.
With over 11 years of experience, he had the opportunity to work on all aspects of the product development life cycle, with vast experience in building teams, developing cutting edge technologies, product management, business development, strategy, and managing multi-disciplinary products (SW & HW) from ideation to operation.
Joined Aquallence on the Ideation phase, and led the company as a CTO to successful acquisition in 2018.
His biggest passion is to innovate, turn inventions into a products that is used in the real world and to build successful companies from scratch to acquisition.

Yossi Hammer, Ai lead,

Ziv Dayan, Application lead,

Grant Request $

The total funding request is $ 150,000 USD, and the plans for the use are broken down as follows:

Development: 70%

Marketing 20%

Sales and other promotional activities: 10%.

What the Funds Are For

1/ Blockchain Data Flows

    • Ethereum network ETL.
    • Deploy and maintain Ethereum nodes that will act as the primary data source for the
    • Cyvers SOC analytical engine.
    • Implement services responsible for retrieving transactional data.
    • Implement services responsible for retrieving smart contract data.
    • Implement Parsers and enrich network data with prices (market prices)
    • Extract required features for ML models.

Completion criteria: Blockchain data flows from nodes to the ETL and ready for ML models.

Expected Duration: 45 days, 1500 hours, 4 team members.

Expected Budget: $50,000 USD

2/ Alerts generation on real time transactions

    • Attack Detection Engine
    • Research and build datasets for malicious contracts and attacks.
    • Build ML models for Preparation Phase of attack: Malicious funding and
    • malicious contracts deployments
    • Build ML models for behavioural analysis model that can detect access control /
    • private key leakage attack
    • Build risk engine and model that will be responsible for classification of the
    • attacks and risk scoring to transactions & interactions.
    • Deploy ML models and risk engine.
    • o Note: All models currently exist for other chains so only modifications for the Ethereum network would be necessary.

Completion criteria: Alerts are generated on real-time transactions.

Expected Duration: 60 days, 2000 hours, 6 team members.

Expected Budget: $60,000 USD

3. Alerting and Response engine

    • Implement alerting mechanism: Slack, Discord, email, Telegram etc.
    • Implement automated response / semi-automated to transfer funds from
    • wallet/contract to customer backup wallet
    • Implement automated response / semi-automated to pause contract.

Completion criteria: Actions are triggered by analytical engine and executed as defined.

Expected Duration: 30 days, 1200 hours, 5 team members.

Expected Budget: $40,000 USD

Total expected budget. $ 150,000 USD.

Additional Resources, Links, Portfolio

Cyvers- Q3 Success Stories -Oct 2 (1).pdf

CyVers Deck Nov 15-2023 .pptx