Goran Babarogic Product UX Designer
Goran Babarogic Product UX Designer
Goran Babarogic Product UX Designer

Orion is a boutique security firm specialized in deep
manual reviews that cut through the noise.

Our team has helped secure:

We're a team of expert security researchers with demonstrated experience in public contests and bug bounties. Our team has helped secure more than $3 billion assets.

We're a team of expert security researchers with demonstrated experience in public contests and bug bounties. Our team has helped secure more than $3 billion assets.

Our services

Our services

From smart contract development and auditing to protocol design and security consulting, we partner with teams to create trusted, future-proof blockchain applications.

From smart contract development and auditing to protocol design and security consulting, we partner with teams to create trusted, future-proof blockchain applications.

Smart contract audits

We perform comprehensive security audits of your smart contracts, using manual code reviews, automated testing, and adversarial analysis to uncover logic flaws, economic exploits, and attack vectors.

Our smart contract audits harden your project against exploits, protecting your users, your assets, and your reputation.

Smart contract audits

We perform comprehensive security audits of your smart contracts, using manual code reviews, automated testing, and adversarial analysis to uncover logic flaws, economic exploits, and attack vectors.

Our smart contract audits harden your project against exploits, protecting your users, your assets, and your reputation.

Smart contract audits

We perform comprehensive security audits of your smart contracts, using manual code reviews, automated testing, and adversarial analysis to uncover logic flaws, economic exploits, and attack vectors.

Our smart contract audits harden your project against exploits, protecting your users, your assets, and your reputation.

Web2 Audits

We audit your Web2 infrastructure: APIs, servers, authentication layers, and cloud deployments identifying and hardening every weak point that could become an entryway.

Whether you’re running frontends, centralized services, or hybrid systems, we ensure your traditional stack is as secure as your smart contracts.

Web2 Audits

We audit your Web2 infrastructure: APIs, servers, authentication layers, and cloud deployments identifying and hardening every weak point that could become an entryway.

Whether you’re running frontends, centralized services, or hybrid systems, we ensure your traditional stack is as secure as your smart contracts.

Web2 Audits

We audit your Web2 infrastructure: APIs, servers, authentication layers, and cloud deployments identifying and hardening every weak point that could become an entryway.

Whether you’re running frontends, centralized services, or hybrid systems, we ensure your traditional stack is as secure as your smart contracts.

Early-Stage Audit

We embed alongside your team from the earliest stages of development, acting as your dedicated security partners.
Through ongoing code reviews, design threat modeling, and iterative assessments, we identify risks before they become threats.

This continuous model means faster launches, safer releases, and a security-first culture baked into your project’s DNA.

Early-Stage Audit

We embed alongside your team from the earliest stages of development, acting as your dedicated security partners.
Through ongoing code reviews, design threat modeling, and iterative assessments, we identify risks before they become threats.

This continuous model means faster launches, safer releases, and a security-first culture baked into your project’s DNA.

Early-Stage Audit

We embed alongside your team from the earliest stages of development, acting as your dedicated security partners.
Through ongoing code reviews, design threat modeling, and iterative assessments, we identify risks before they become threats.

This continuous model means faster launches, safer releases, and a security-first culture baked into your project’s DNA.

vCISO

As your Virtual Chief Information Security Officer (vCISO), we provide executive-level cybersecurity leadership, helping you design, implement, and manage a comprehensive security strategy tailored to your organization’s needs — without the overhead of a full-time hire.

vCISO

As your Virtual Chief Information Security Officer (vCISO), we provide executive-level cybersecurity leadership, helping you design, implement, and manage a comprehensive security strategy tailored to your organization’s needs — without the overhead of a full-time hire.

vCISO

As your Virtual Chief Information Security Officer (vCISO), we provide executive-level cybersecurity leadership, helping you design, implement, and manage a comprehensive security strategy tailored to your organization’s needs — without the overhead of a full-time hire.

Specializations

Specializations

Our team builds and secures protocols in Solidity, Rust, Cairo, and Go, helping founders launch smarter, safer, and faster across Ethereum, Cosmos, Starknet, and more.

Solidity

Vyper

Solana/Rust

Cairo

Soroban

Sway

Cosmos SDK

Portfolio

Portfolio

Our portfolio spans over 30+ audits and 20+ protocols launched successfully, delivering real impact in a rapidly evolving Web3 landscape.

Teller ERC4626 Vault

Teller ERC4626 Vault

May 2025

May 2025

Redacted

Redacted

Redacted

Report available soon

Report available soon

Report available soon

Mar 2025

Mar 2025

Redacted

Redacted

Redacted

Report available soon

Report available soon

Report available soon

Mar 2025

Mar 2025

Redacted

Redacted

Redacted

Report available soon

Report available soon

Report available soon

Feb 2025

Feb 2025

Contact Us

Contact Us

Whether you’re launching, scaling, or securing, we’re here to help. Let’s connect and bring your vision to life.