Oak Security
ResourcesOpSec AgentServices ← Oak Security

Oak Security · OpSec Academy

Operational security for Web3 teams

A library of free guides on the things audits don't cover: device hardening, hardware wallets, multisig operations, key management, and infrastructure hygiene. Plus an AI assistant backed by Oak's knowledgebase.

Browse guides Ask the OpSec Agent
Library of guides · PDF + HTML · Free

Resources

Operational-security guides

Each guide is a practical, step-by-step reference. Download the Oak-branded PDF or read it online. Grouped by topic so you can share the right one with the right person.

Devices

Devices

Hardened baseline configurations for the machines your team uses every day.

  • macOS setup
  • Linux setup
  • Windows setup
  • Mobile device security
Browse devices guides Wallets & Keys

Wallets & Keys

From browser signing hygiene to hardware wallet onboarding and Safe operations.

  • Browser & wallet hardening
  • Hardware wallet setup
  • Multisig treasury ops
Browse wallets & keys guides Infrastructure

Infrastructure

Secrets, pipelines, deploy keys, domain integrity, and cloud key management.

  • GitHub & CI/CD hardening
  • Cloud account & KMS
  • DNS & frontend integrity
Browse infrastructure guides People & Access

People & Access

Authentication, access lifecycle, and defending against social engineering.

  • Authentication hardening
  • Onboarding & offboarding
  • Social engineering defence
Browse people & access guides Operations

Operations

Running securely day to day: incident response, communications, and physical safety.

  • Incident response playbook
  • Communication security
  • Travel & physical security
Browse operations guides Architecture

Architecture

Foundational models that shape every other decision: zero trust and secrets handling.

  • Zero-trust principles
  • Secrets management
Browse architecture guides
All ten guides Start with device setup

OpSec Agent

Ask an operational-security question

The agent answers opsec questions from Oak's own knowledgebase. When Oak's KB doesn't cover it, it falls back to the SEAL framework, clearly attributed. Off-topic questions are declined.

1

Ask your question

One operational-security question at a time. Plain English, any complexity level.

2

Sourced answer

The agent quotes the relevant Oak guide or wiki page. If Oak doesn't cover it, it uses the SEAL framework and says so explicitly.

3

General guidance

Answers are practical reference, not a bespoke engagement. For a full review, see our Operational Security Review.

OpSec Agent

"What hardware wallet setup minimises single points of failure for a team?"

Use a threshold signing scheme: a 2-of-3 or 3-of-5 hardware wallet setup where each signer holds a separate device from a different vendor where possible…

Source: Oak Security · Hardware wallet setup guide

Ask the agent

General guidance only, not a bespoke engagement. For tailored advice, book an OpSec Review.

Services · Oak Security

When you need more than a guide

The Academy is the free layer. Below it are two paid services for teams that need structured, expert-led operational security.

Review

Operational Security Review

A structured, multi-expert audit of your team's operational practices. Covers key management, access controls, multisig design, CI/CD, and cloud posture. Deliverable: a prioritised finding report with remediation guidance.

Learn about OpSec Review
Training

Operational Security Training

Hands-on training for technical and non-technical team members. Covers threat modelling, hardware wallet setup, multisig operations, and phishing defence. Delivered remotely or on-site.

Learn about OpSec Training

Both services are from Oak Security GmbH, with 600+ security engagements since 2017.