The Standard for Institutional DeFi

Web3SOC empowers institutions to evaluate DeFi organizations in key areas with confidence.

Developed in collaboration with industry leaders

What is Web3SOC?

Trusted by leading institutions and DeFi organizations, Web3SOC defines what it means to be institutional-grade. This makes it easy to assess and compare organizations. It provides:

  • Rating Classifications

    A tiered system that signals institutional readiness at a glance.

  • Detailed Scoring

    Transparent breakdowns across operational, financial, security, and regulatory dimensions.

  • Confidential Assessments

    Private reviews for internal benchmarking and improvement.

Why Use Web3SOC To Evaluate Organizations?

For Institutions

Web3SOC offers a standardized due diligence tool to assess risk. It supports informed decision-making by identifying strengths and gaps in organizational maturity across key operational and compliance domains.

For Organizations

Web3SOC provides a structured path to institutional adoption. Use it to benchmark your current standing, understand expectations, and chart a course for improvement.

How Web3SOC Works

Web3SOC scores organizations in four core areas:

  • Operational

    Team structure, governance, and risk management.

  • Financial

    Economic design, capital resilience, and financial security.

  • Security

    Smart contract, application and infrastructure robustness, attack resistance, and incident response.

  • Regulatory

    Legal compliance and jurisdictional considerations.

Each area maps to the core pillars of institutional trust and allows organizations to demonstrate progress with clarity.

Registry

See the Web3SOC ratings of popular organizations.

Ratings

Organizations are classified into one of four tiers to signal their level of institutional readiness:

  • A

    Enterprise

    Highest standards in governance, security, and compliance; fully transparent with strong risk mitigation.

  • B

    Established

    Structured governance, security, and compliance with regular audits and reporting.

  • C

    Emerging

    Basic security and governance; lacks consistency and regulatory clarity.

  • D

    Nascent

    Same as Emerging — basic controls, but with higher risk and lower maturity.

  • These ratings make it easy for institutions to assess organizational maturity at a glance, and for organizations to know exactly where they stand and what’s next.

    How to use Web3SOC?

    For Institutions

    Incorporate Web3SOC into your investment evaluation process to assess risk with clarity, structure, and confidence.

    For Organizations

    Complete the self-assessment or work with Cantina to understand your current standing — and what’s needed to earn institutional trust.