Hi Arbitrum DAO community,
Immunefi was elected to Arbitrum’s Security Council in September 2024 and it has been an honor to work with you all this past year. We would like to reapply for the September 2025 cohort, so that we may continue to contribute to Arbitrum’s security and potential.
After chatting with some delegates, and given last year we only filled the Tally form, it felt appropriate to create a profile post with fresh information and some updates to help inform the vote.
About Immunefi
Immunefi is the end-to-end security platform for the onchain economy. Through Immunefi Magnus, our unified security operations center, we offer a comprehensive suite of security services that protects more than 300 projects, having directly prevented hacks worth more than $25 billion USD.
Our security researchers have earned +$121M USD for responsibly disclosing over 5,000 web2 and web3 vulnerabilities, including +1,200 critical vulnerabilities impacting funds onchain. That’s nearly five critical bugs a week, one for each business day since Immunefi was founded in December 2020.
Why Immunefi
In addition to having proudly served on the Arbitrum Security Council for the past year, Immunefi has extensive expertise and a proven track record on the Arbitrum ecosystem:
-
We provide security services to some of the largest DAOs in Web3, including Arbitrum, Scroll, Aave, Compound, Optimism, ENS, and Sky (formerly MakerDAO), among others.
-
Immunefi has run over 500 Bug Bounty Programs, with ~ 60 of them being Arbitrum projects or directly interacting with the Arbitrum ecosystem.
-
We’ve been running Arbitrum’s $2 million USD Bug Bounty Program since August 2021 and were a whitelisted Security Service Provider of Arbitrum’s Security Subsidy Fund.
This year, we started partnering with a curated set of the very best security firms to build Immunefi Magnus with us — including Runtime Verification, Dedaub, Fuzzland, Nexus Mutual, Failsafe, OtterSec, ChainPatrol, Sigma Prime and others, all with extensive experience in the Arbitrum ecosystem.
Immunefi’s Representative
For the September 2024 cohort, we were represented by Gonçalo Magalhães, Immunefi’s Head of Security and formerly our Smart Contract Lead Engineer, based in Portugal.
Now, our representative is Alejandro Munoz-McDonald, based in Florida, USA. Alejandro is a Senior Security Researcher and Smart Contract Lead Triager, with 8 years of experience in web3 security, and also one of Immunefi’s earliest employees, having joined our 24/7 triage team in January 2022.
Immunefi has seen more responsible disclosures than any other security firm, and Alejandro in particular has directly handled thousands of such reports, having participated in hundreds of critical incident response events. This experience makes Alejandro one of the very most experienced security experts in the world, and equipped him to handle any web3 security challenge.
Alejandro is also an engineer by training, and has also been directly involved in Immunefi’s latest product, a multisig review service, to provide an independent review layer for projects which sadly can’t have a security council. He has a comprehensive view of onchain security needs, and we believe he can be the clinch player that Arbitrum needs for the toughest situations.
Immunefi has been deeply engaged with Arbitrum for many years now, follows the highest operational security standards in crypto, and has been working 24/7 to support its broad customer base as a matter of standard practice. We believe that we still have much to give, and through these offerings can help lift Arbitrum to even greater heights.
Thank you for allowing us to contribute to Arbitrum. We’re happy to answer any questions.