Solana Foundation Unveils STRIDE and SIRN to Tackle Rising DeFi Threats

Highlights:

• The Solana Foundation launched STRIDE to set clear security standards and publish audit results for DeFi protocols.
• The STRIDE framework introduces eight security checks to improve risk detection and protocol transparency.
• Solana Foundation added an incident response network to speed up threat response across its ecosystem.

The Solana Foundation announced on Monday the launch of Solana Trust, Resilience and Infrastructure for DeFi Enterprises (STRIDE), and a new incident response network to strengthen ecosystem security. The foundation partnered with Asymmetric Research to design structured systems for evaluating and responding to threats. The move aims to improve security standards and reduce risks across the Solana DeFi ecosystem.

Solana Foundation launches two new security initiatives (STRIDE & SIRN) after recent DeFi exploits, aiming to standardize risk assessment & incident response. Is this a turning point for ecosystem confidence? pic.twitter.com/j55RRd0qcA

— CryptoBard (@WorldBrieftu2d) April 7, 2026

Moreover, the foundation said attackers now use faster and more coordinated methods to target DeFi platforms. It warned that weak monitoring systems and delayed responses continue to expose protocols to major exploits. Therefore, the new framework and response network focus on improving detection, evaluation, and coordination across projects. The foundation also confirmed it will fund security efforts led by Asymmetric Research to support these initiatives.

STRIDE will evaluate protocol security through defined standards, while the incident response network will coordinate responses during active threats. Together, these systems aim to improve transparency and reduce the impact of security breaches. However, the Solana Foundation stated that each protocol must maintain its own security systems and prevent vulnerabilities.

STRIDE Sets Eight Security Checks and Public Reviews for Solana Protocols

STRIDE introduces a structured framework that evaluates, monitors, and escalates security risks across Solana-based DeFi protocols. The framework outlines how projects identify vulnerabilities, track risks, and respond to threats across their systems.

The system evaluates each protocol across eight defined security pillars that cover technical and operational risks. These pillars include program security, governance controls, and Oracle dependencies that affect pricing and execution. It also reviews infrastructure setup, supply chain exposure, and operational security practices. In addition, the framework examines monitoring systems, incident response readiness, and forensic tools used to investigate breaches.

Asymmetric Research will conduct independent assessments to evaluate protocol security and identify risks across Solana projects. The Solana Foundation will publish the assessment results publicly so users and investors can review each protocol’s security status. This approach allows users to assess risk before interacting with protocols or depositing funds.

Furthermore, the program offers security support based on total value locked across protocols. Projects with more than $10 million in TVL will receive ongoing operational security support and active threat monitoring. Projects with more than $100 million in TVL will access formal verification tools to test smart contracts and reduce vulnerabilities.

The Solana Foundation introduced these initiatives after attackers stole about $280 million from Drift Protocol last week. Investigators linked the exploit to social engineering tactics connected to North Korean threat actors. The attack exposed gaps in protocol security, monitoring systems, and incident response coordination.

#PeckShieldAlert Drift Protocol @DriftProtocol has been exploited, resulting in a loss of over $285M – more than 50% of its TVL. $DRIFT has plummeted by -37%.

The exploiter has already bridged the stolen assets from #Solana to #Ethereum via the CCTP TokenMessengerMinterV2,… pic.twitter.com/EZE4tP0f6c

— PeckShieldAlert (@PeckShieldAlert) April 2, 2026

Solana Foundation Expands Incident Response While DeFi Threats Continue

The Solana Incident Response Network by the Solana Foundation connects security firms and researchers to coordinate responses during active incidents across the ecosystem. The network allows participants to share real-time data and respond quickly to ongoing attacks.

Moreover, the network will improve the STRIDE framework by sharing attack data and response outcomes across Solana protocols. Access remains open to all Solana projects, but the network will prioritize support based on total value locked.

DefiLlama reported that attackers stole over $446 million from 34 DeFi protocols during the first quarter of this year. This figure remains lower than the $1.58 billion stolen during the same period last year. The recent attacks show that threat actors are now using social engineering and automated tools to increase damage.

In a related hack, attackers exploited Step Finance in January and stole about $40 million through compromised access and rapid transfers. KuCoin reported that automated agents increased the scale of the attack by executing fast transactions.

Today we are announcing that Step Finance, SolanaFloor, and Remora Markets will be winding down all operations.

Following the hack at the end of January we explored every possible path forward, including financing and acquisition opportunities.

Unfortunately, we were unable to…

— Step (@StepFinance_) February 23, 2026