We just got an upgrade
Almanax
Blockchain Services
New York, NY 6,579 followers
Almanax uses the latest advancements in AI to prevent web3 hacks.
About us
Almanax uses the latest advancements in AI to prevent web3 hacks. We’re starting with a product that finds vulnerabilities in blockchain code before hackers do.
- Website
-
https://www.almanax.ai/
External link for Almanax
- Industry
- Blockchain Services
- Company size
- 2-10 employees
- Headquarters
- New York, NY
- Type
- Privately Held
- Founded
- 2024
Locations
-
Primary
Get directions
199 Water St
Fl 34
New York, NY 10038, US
Employees at Almanax
Updates
-
It's our birthday today! 🎂
Almanax turns 1 today! 1 year ago, Maxwell and I began a journey to stop hacks. He had spent years in cybersecurity and helped secure Coinbase, one of the biggest crypto exchange in the world. I had spent 4 years investigating billion-dollar hacks. Code vulnerabilities were often a major attack vector. We saw that code security was mainly done through third-party audits every 6-12 months, or through underperforming static analysis tools. Compounding on top of that, coding assistant tools like Cursor and Github Copilot were changing the way engineers write code. We asked ourselves, “What happens when companies produce 100x the number of lines of code they used to? How are security teams supposed to handle that?”. We needed a Cursor for Security teams. We started Almanax to build an AI Security Engineer because we believe LLMs will change security the same way they’re changing software engineering. On to year 2.
-
-
Almanax reposted this
Today we release ALMX-1.5, our new AI model, and the first version of the Web3 Security Atlas (W3SA), an open-source initiative led by Almanax aimed at improving Web3 security with AI. ALMX-1.5 is designed to navigate large scale and complex repositories, to perform high effort reasoning across multi-file execution paths, while empowered with the ability to consult the project documentation and navigate the internet. It supports most commonly used programming languages. This first W3SA release includes a benchmarking suite for blockchain code vulnerabilities. It initially focuses on EVM smart contracts written in Solidity and Solana programs written in Rust, with a second launch planned for Stellar and Aptos smart contracts. Why this matters: - To move the needle in AI development for security use cases, we need good datasets, for both training and evaluation. - Current industry benchmarks have clear limitations: they are Solidity-specific, limited in size, often too simplistic and outdated. They're generally built with toy examples, often containing a single simple smart contract, which does not accurately represent the complexity found in real-world projects.
-
-
We’re in the middle of a software security arms race—hackers are adopting new tricks every day. As cyberattacks become more sophisticated, Almanax is leveraging LLMs to detect hidden threats in smart contracts and software supply chains once deemed impossible to catch. Great blog by John Lawniczak! https://lnkd.in/eqkhY9Gk
New blog post by John Lawniczak just went live! (link in the comments) We talk about security issues we found in both smart contracts and traditional web2 software. One of these was a malware in a Go package that went undetected for over 3 years! "We’re in the middle of a software security arms race—hackers are adopting new tricks every day. As cyberattacks become more sophisticated, Almanax is leveraging LLMs to detect hidden threats in smart contracts and software supply chains once deemed impossible to catch."
-
-
Almanax reposted this
"Because it's very important when it comes to security to have very high detection rate and very low false positive rate"
-
Almanax reposted this
Weekend observations on the cybersecurity trends I'm seeing: https://lnkd.in/ea8vm5ZC
-
Almanax reposted this
Nice to see our story featured on Forbes Italy today! "The first is the creation of Francesco Piccoli, an Emilian founder who from aerospace engineering, moving between Turin and Berkeley, and, in the meantime, becoming increasingly passionate about blockchain and LLM, has tackled the problem of neutralizing the frequent cases of hacking with the AI security agents developed by Almanax, emerging as an Elliott Ness of Web3." Link to the article by Gianmaria Stangherlin and Marcello Siviero: https://lnkd.in/e66gzGyz
-
... and new product feature is live!
When we scan code repositories for security issues, not every flagged finding requires action. Some may be false positives, others are known and intentional design choices. How do you "silence the LLM noise"? We just wrote a blog with our approach, link in the comments.
-
-
Almanax reposted this
“There’s too much of a reliance on auditors as a whole to fix issues”. (David Schwed from Robinhood) That should be your 3rd-party validation before you launch, it can’t be a substitute for robust internal security.
🔍 Smart contract audits are essential, but they shouldn’t be the only line of defense. 🚨 David Schwed, COO of Halborn, sits down with Ian Andrews (former Chainalysis host) to dive deep into why over-relying on audits could be a major cybersecurity risk. 🚫 From critical vulnerabilities to the root causes behind them, David explains why Web3 projects need to rethink their approach to security. 👉 Watch now to learn more about what’s really needed to safeguard your projects. #Cybersecurity #SmartContracts #Web3 #BlockchainSecurity #Halborn #RiskManagement #TechInsights