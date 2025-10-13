Cantina: Redefining Security in the Web3 Era

In Brief Cantina, a security company, aims for proactive, holistic security in Web3 projects, empowering researchers to contribute to core protocols and new projects, attracting top talent.

In a space as dynamic as Web3, security is often reactive—companies respond to attacks after the damage is done. Sharon Ideguchi, GTM at Cantina, envisions a world where security is proactive, holistic, and built into the DNA of every project from day one.

“Cantina started as a way to give researchers more autonomy,” she explains, reflecting on the company’s origins as SpareBit. “Our co-founders came from Ethereum Foundation and noticed that many of the best security minds weren’t at traditional audit firms—they wanted freedom to contribute to core protocols and new projects.” By empowering researchers, Cantina was able to quickly attract top talent and expand into a full ecosystem for security, covering everything from smart contract audits to operational security for both Web3 and Web2 components.

Looking Beyond Smart Contracts

Web3 companies have invested heavily in smart contract security, but Cantina sees a bigger picture. “Companies have spent millions on smart contract security, but front-end, back-end, databases, and personnel security often get overlooked,” Ideguchi says. Simple oversights—like clicking a malicious link—have become serious attack vectors, with losses reaching millions or even billions.

Cantina’s approach is holistic. “We focus on the entire attack surface,” Ideguchi notes, “and provide operational security programs and instant response capabilities to keep both user funds and company reputations safe.” By addressing overlooked areas, the company helps protocols avoid attacks that don’t even touch their smart contracts.

Proactive, Real-Time Defense

Some of Cantina’s most impactful work happens behind the scenes. Ideguchi recounts a recent incident with a long-term client:

“They were asleep in their time zone when our 24/7 monitoring detected a potential breach. We immediately actioned it, preserved the funds, and cleaned up everything before they woke up. They just saw a message saying, ‘Everything’s fine,’ and didn’t have to panic or deal with a scandal.”

For Cantina, these interventions are part of a broader philosophy: hackers will always look for the path of least resistance, so security teams need to stay ahead, not just react. “Security researchers are constantly identifying potential attack factors and solutions before attackers exploit them,” she says. “It’s a continuous cat-and-mouse game, and our researchers keep us ahead.”

The Role of AI in Security

As AI becomes part of both attack and defense strategies, Cantina is preparing for a new frontier in cybersecurity. Ideguchi emphasizes that the interplay between hackers and researchers will accelerate: “Attackers innovate, we innovate back. It’s about anticipating new threats and building systems that adapt as fast as the risks evolve.”

A Vision for Web3 Security

Cantina’s long-term goal is ambitious: to make holistic security standard from day one for every Web3 company. “Every company should have operational security integrated into their infrastructure from the start,” Ideguchi explains. “Not just smart contracts, but processes, playbooks, and protocols. The new normal should be a built-in security culture rather than a reactive patchwork.”

For Ideguchi, Cantina isn’t just a service—it’s a movement to redefine security for an entire ecosystem, helping projects grow safely in a world where threats are constantly evolving.

“Security shouldn’t be an afterthought,” she says. “It should be the foundation of everything you build in Web3.”

