Kerberus, a Web3 security firm, has recently made a name for itself for their real-time protection of digital assets. Their flagship product, Sentinel3, has been well-recognized as a browser extension and API against phishing, scams, and malicious smart contract interactions.
Danor Cohen, the CTO & Co-Founder of Kerberus Cyber Security, joined AltCoinDesk for a quick interview to discuss web3 securities’ next battle.
Kerberus highlights a record of zero losses since 2023, but Danor states that it can only remain honest if it is precisely defined and consistently audited. Sentinel3 helps evaluate risks at a transaction or signature, but the claim applies to users protected within that window.
”You’ll notice we don’t frame it as “guaranteed 100% security” because no security vendor can responsibly make that claim,” says Danor.
At Kerberus, integrity is less about marketing discipline and more about engineering discipline, that is, coverage or the extent of protection based on what Sentinel3 reports after research.
Kerberus’ approach shifts from preventative to compensatory.
With the introduction of the $30,000 USDC transaction coverage, the company is indicating a shift in approach on how they view the modern-day concerns. Kerberus’ methods reflect a ‘mature risk management’ approach as AI-driven social engineering raises the stakes of concerns.
“The ceiling isn’t detection vs. AI; it’s more about how long we keep asking humans to be perfect under pressure. That’s why we focus on protection at the transaction level, not education that assumes calm, patient users,” says Danor.
Web3’s most significant risk
Danor said in a previous engagement that human behaviour is the biggest risk in Web3. He added to the statement that the key is in re-educating them to avoid turning security into a constant alarm.
The philosophy is ‘secure-by-default,’ so users don’t need to become mini security analysts just to use Web3
Danor Cohen, the CTO & Co-Founder of Kerberus
While talking about self-custody, Danor says that self-custody doesn’t need to be defined by suffering through scams but instead by users retaining control of assets and keys.
“Invisible shouldn’t mean opaque. The goal is frictionless protection, but with moments of clarity, so users still understand what they’re approving and why something got blocked,” Danor said.
Multi-chain and multi-layer defense
Kerberus expanded its support to include Solana in early 2025, alongside all major ethereum-virtual machine (EVM) chains. Solana’s architecture introduces unique risks like token account ownership transfers that differ from the Ethereum-based exploits.
Solana forced security teams to relearn some tough lessons. Its speed doesn’t just make transactions faster but also gives scammers new ways to operate.
“The attack isn’t always a straightforward token transfer out, but control of the token account itself is changing hands. That looks different in a signature prompt, and your detection logic must account for that difference,” Danor added.
‘Privacy vs. Protection’ trade-off
Crypto-specific antivirus
Danor described the development of crypto-specific antivirus to protect private keys and seed phrases from device-level compromises.
The fundamental questions here are, how much data does it need to analyze to provide a 99.9% detection, and where does the company store the data?
Danor responded to it, saying it is based on each transaction and how much context is required to evaluate the signature request. With privacy as a major attribute, they collect what is necessary to protect and operate the service while minimizing unnecessary data.
The role of the Sentinel3 research is evident in this process, specifically whether scans or warnings were recorded in the logs when a claim was assessed.
“Our bias is always toward minimization, not maximization,” he added.
From agent-to-agent transactions
The headline shift is that psychology becomes policy, he stated. Currently, crypto-based security tools are human-centric, such as pop-ups that raise questions such as, ‘Are you sure you want to make this transaction?’
However, in an agentic future, where transactions move from one AI agent to another, the failure mode can be permissioning, compromised dependencies, poisoned prompts, or the agent being tricked into operating outside its mandate.
Here, we search for patterns, set limits, make lists, and require consistent auditing. “Does the transaction align with the agent’s authorized intent, and is the counterparty’s behavior consistent with known scam patterns?” he added as he discussed the recurring concerns.
“It’s basically taking what we do for humans at the point of signature and turning it into machine-readable constraints. Sentinel3 already reasons about intent; agents just make that explicit.”
The future of security: the invisible protection
The mode and nature of security are bound to witness continual change, as tech and AI advance. But in the end, the purpose of security firms remains the same, protecting privacy and data for users.
Kerberus stands strong in their mission and vision to protect the experience of the crypto community, as they stand by their purpose-“born from a crisis in web3.”
