Boutique security / evidence-led / release-aware

Bags Shield Security

Security research + engineering hardening for Web3/Solana: integrations, APIs, webhooks, auth, secrets handling, and release safety.

Start here Case studies Services Operating standards

Turnaround

48-72h reviews

Delivery

PR-sized, review-friendly

Scope

Policy-safe, client-safe

---

Case studies (sanitized)

Executive memos based on real work: outcomes, mitigations, and risk reduction. No exploit steps.

Browse case studies ->

Engineering hardening

Secure-by-default improvements applied to real code and process: auth boundaries, webhook verification, logging hygiene, abuse resistance.

View services ->

Operating standards

How we work: evidence first, minimal disruption, scope discipline, and release safety.

Read standards ->

---

What we do

• Security PR reviews with a release-readiness gate (block / warn / ok)
• Hardening for endpoints, integrations, and webhooks (auth, secrets, replay resistance)
• Threat modeling per module (small, practical, shipped)
• Smoke/regression checks to prevent expensive breakage

Contact

• X: @Cleiton16144221
• Discord: cleiton8509p
• Email: secbagsshield@gmail.com

Leadership

Cleiton Prestes

Founder / Security Research & Engineering

Solana/Web3 integrations, release hardening, PR reviews, and shipping discipline.

Luna

Research Ops / Analysis & Documentation

Evidence-led analysis, triage support, structured docs, and repeatable hardening playbooks.

Specialist network (on-demand)

Smart contracts
Solana/EVM invariants, tests, and remediation tracking.

Infra & release
CI gates, deploy safety, observability, rollback readiness.

AppSec hardening
Auth boundaries, webhooks, secrets, abuse resistance.