Neodyme AG

Neodyme AG is a premier cybersecurity firm founded in 2021, specializing in blockchain security, penetration testing, and security training. Born from a team of European CTF (Capture The Flag) hacking competition champions, Neodyme has established itself as a trusted security partner for some of the world's most critical blockchain infrastructure.

Core Services

Neodyme offers three main service pillars:

Blockchain Security

Neodyme provides comprehensive blockchain security services including smart contract audits for Solana, Ethereum, and Move platforms, core blockchain audits covering cryptography and validator code, and protocol design reviews. The team has protected over $50 billion in Total Value Locked (TVL) on the Solana blockchain alone and has reported more than 100 core blockchain vulnerabilities since 2020. Their blockchain expertise extends from DeFi products and NFT platforms to liquid staking solutions and cross-chain protocols.

Penetration Testing

Leveraging real-world hacking expertise from seasoned CTF champions, Neodyme delivers thorough security assessments across three domains: Application Security (web, API, mobile app testing and source code audits), Infrastructure & Client Security (Active Directory, network assessments, cloud security), and Adversarial Simulation (red/blue/purple teaming, assumed breach scenarios, and social engineering). The team holds numerous industry certifications including OSCP, OSWE, OSEP, CISSP, CEH, and GMON, and has won 20.75 Master of Pwn points at Pwn2Own competitions in 2022 and 2024.

Security Training

Neodyme offers comprehensive security education programs including Awareness Trainings for general employees covering phishing prevention and malware defense, Technical Trainings for security teams and developers in areas like red/blue teaming and cryptography, and specialized Blockchain Training leveraging their extensive blockchain expertise. Their training programs are delivered by experienced instructors who compete at top security conferences such as Defcon.

Key Products

Riverguard is Neodyme's automated security platform for Solana smart contracts. This free service continuously fuzzes deployed Solana programs by simulating mutated transactions to identify vulnerabilities. The platform has processed over 14.7 billion fuzzed transactions and 2.67 petabytes of data, with support from the Solana Foundation. Developers receive automatic notifications of triaged findings with no setup required.

Key Strengths

Neodyme's team averages 29 years of age and includes 22 CTF players, with 11 European Hacking Champions among their 25 employees. The company's deep roots in competitive hacking provide a unique advantage in understanding complex attack vectors. Their early involvement with Solana (since 2020) has made them the go-to security partner for the Solana ecosystem. The team maintains an active research program, continuously publishing CVEs, technical blog posts, and security advisories.

Notable Clients and Projects

Neodyme's client roster includes industry leaders such as Solana Labs, Lido Finance, Jump Trading, Marinade Finance, Orca, Squads Protocol, TNG Technology Consulting, Linde, and Uniklinik Bonn. The company has prevented potential losses exceeding $50 billion in TVL through their auditing work.

Why Choose Neodyme

Neodyme stands out for their deep technical expertise in complex systems, proven track record in competitive hacking, specialized knowledge in blockchain protocols (particularly Solana), and commitment to ongoing security research. Their team thrives in complexity and doesn't stop exploring until they fully understand every aspect of a system. For organizations building complex products in blockchain, enterprise infrastructure, or any security-critical domain, Neodyme offers best-in-class security services backed by continuous cutting-edge research. As Anatoly Yakovenko, CEO of Solana Labs states: "The team at Neodyme has distinguished themselves with their attention to every aspect of smart contract security on Solana based on their experience with the core protocol going back to its early days."