Cube Labs (part of the Abstract ecosystem) is building a next-generation Layer-2 blockchain designed for fast, consumer-ready Web3 apps. Backed by Founders Fund, the team focuses on delivering a secure, scalable foundation for developers and users alike.

When the team began looking for ways to strengthen their security posture without slowing down development, they turned to Aikido.

“Aikido has given us great insight into potential vulnerabilities, and the confidence that we’re safe in times of crisis.”

Hey Metarsit! What’s your role, and your responsibilities?

I’m a Fullstack Engineer at Cube Labs Labs. My work revolves around DevOps, Product Engineering and Engineering Productivity.

What makes Abstract stand out in your industry?

The best way to describe it is in our blog: Abstract is a modular blockchain stack that simplifies how developers build Web3 apps. We make the Web3 experience more accessible, and more secure for everyone.

What purpose should security serve in your industry?

It’s the classic: prevent hacks and patch vulnerabilities. But in the Web3 space, hackers are incredibly creative. You have to stay two steps ahead.

What kind of pressure do your customers or investors put on your security and compliance practices today?

Heavy pressure, and rightly so. There’s money involved. We need to make sure everyone’s funds and data are safe.

“Our CEO and CTO put security at the top of our priorities. We always look out for better tools to keep us and everyone safe.”

Was there a particular moment that triggered a more strategic focus on security?

Our CEO and CTO have always prioritized security. It’s built into our culture. But as we started scaling, we wanted tools that could help us stay proactive; not just reactive.

Tell us more about the decision to look for and select Aikido.

We were familiar with Snyk, but were introduced to Aikido by a friend. We evaluated it against Snyk and a few popular tools in the space and realized it was the best fit for our usage and workflow.

The tools we used before were great, but they didn’t give us the visibility or responsiveness we needed. Aikido felt different. The product is more developer-focused, faster to iterate, and built by a team that truly hustles for results.

“We evaluated several tools, but Aikido stood out for how fast the team moves and how well-rounded the platform is.”

What were your top security concerns before adopting Aikido?

Reachability. We were using GitHub’s built-in security tools, which flagged a lot of issues, but didn’t clarify if they actually affected us. We wanted to avoid big, risky version upgrades that can introduce instability, and Aikido showed us which updates actually mattered.

How were you handling security before Aikido?

We had good engineering practices and workflows in place, but they were labor-intensive. Aikido helped us automate and speed up what used to take many engineering hours.

What stood out about Aikido during evaluation?

The team, first and foremost. They were incredibly helpful, responsive, and transparent. And the offering itself, it just made sense for us.

How easy was it to integrate Aikido into your workflows?

Mostly easy. Around 80% of it worked right out of the box, which was impressive. The rest was quick to configure.

"It was refreshingly easy to get Aikido running across our services.”

What has your experience been like working with the Aikido team?

Awesome. They’re attentive and fast to respond whenever we need help.

What’s your favorite feature?

Zen, Aikido’s in-app runtime protection, surprisingly. It adds a new layer of protection and gives us more confidence handling user data.

Before Zen, we relied on tools like Vercel Security and Sentry for runtime insights. They were good at surfacing information, but Zen is much more aggressive in identifying threats and potential exploits, with the option to easily block them.

“Zen surfaced things we wouldn’t have looked into before, like new outbound endpoints that might be malicious.”

Was there a specific incident that made you realize your existing protections weren’t enough?

There wasn’t a specific incident, but once we integrated Zen, it started surfacing outbound endpoints and activity that allowed us to be more thorough in our monitoring.

When evaluating Zen, what convinced you that in-app runtime protection was worth adding?

We didn’t overthink it, it was an extra layer of defense we could easily add across all our services. Once we turned it on, Zen started surfacing potential vulnerabilities that needed attention, and that was huge for us.

What’s your favorite Zen capability?

"The API discovery feature is really cool. It helps us see what’s actually exposed and where, which is crucial in Web3."

Have you seen a reduction in false positives or time saved since adding Zen?

We don’t auto-block yet, but Zen helps us review potential threats we might have missed before. It gives us a clearer picture without adding overhead.

How has Aikido changed the way Cube Labs approaches security and vulnerability management?

We now have SLAs that ensure vulnerabilities are patched quickly. Aikido helps us understand issues better, and decide how to address them based on real impact.

Was there a moment where Aikido saved your team time, stress, or risk?

“During a recent supply chain attack, we could trust that we were safe from any exploit. That was life-changing.”

How does Aikido help with increasing regulatory and data protection demands?

We’re extremely careful with user data, and Zen adds an extra layer of protection and compliance. It helps ensure we meet our security promises to users.

Have you seen measurable outcomes, like faster remediation or fewer missed vulnerabilities?

Not yet in quantified terms, but we can already see things running smoother and more efficiently. We’re spending less time managing security and more time building.

If you had to describe Aikido’s impact in one sentence?

Aikido has given us great insight into potential vulnerabilities, and the confidence that we’re safe in times of crisis.

The summary

Cube Labs operates in one of the most targeted industries in the world, Web3, where security failures can have financial consequences in seconds. With Aikido, the team gains clarity, automation, and peace of mind. For Cube Labs, Aikido isn’t just a tool. It’s a safety net that keeps them secure while they build the future of the decentralized web.