Monitoring Smart Contracts: Forta vs. Tenderly

Let’s dive into the nitty-gritty of monitoring smart contracts with Forta and Tenderly. We’ll tackle what actually stops incidents, meets SOC 2 requirements, and gives you solid ROI in a production environment. Here’s a practical guide for Enterprise teams on when to pick which tool, how to integrate them into your SIEM and runbooks, and strategies to justify your budgets during procurement.

When to Use Forta vs. Tenderly

Forta is great for real-time threat detection and incident response. It's particularly useful when you need continuous monitoring of smart contracts.
Tenderly shines when it comes to debugging and analyzing transactions in depth. If your focus is on understanding what’s happening during contract execution, this is the go-to tool.

Wiring Them into Your SIEM

Integrating these tools into your Security Information and Event Management (SIEM) system can boost your overall security posture. Here’s how you can do it:

Set Up Alerts: Use Forta to create alerts for suspicious activities and send them straight to your SIEM.
Leverage Webhooks: Utilize webhooks from Tenderly to feed transaction details into your SIEM for comprehensive visibility.
Automate Responses: Configure automated processes in your SIEM to respond to Forta alerts, ensuring swift action when threats are detected.

Incorporating into Runbooks

Having clear runbooks can make a huge difference in incident response. Here's how you can incorporate these tools:

Incident Response Plan: Make sure your team knows how to handle alerts from Forta and what steps to take next.
Debugging Process: Create steps for using Tenderly to analyze and troubleshoot issues when they arise.
Regular Review: Set up a schedule to review incidents and alerts to continuously improve your processes.

Defending Budgets in Procurement

When it comes time to justify your budgets for these tools, here are some tips:

Highlight ROI: Show tangible evidence of how these tools help prevent costly incidents or downtime.
SOC 2 Compliance: Emphasize how both tools support SOC 2 compliance efforts, which can reassure stakeholders about security practices.
Long-Term Value: Discuss the long-term benefits of investing in robust monitoring tools as a proactive measure rather than a reactive one.

By strategically choosing between Forta and Tenderly, integrating them into your existing systems, and clearly communicating their value, you'll be well-equipped to optimize your smart contract monitoring processes.

Monitoring Smart Contracts: Forta vs. Tenderly

Enterprise (Fintech, Exchanges, Custody)

When it comes to the world of fintech, exchanges, and custody services, there are some key components you definitely want to keep in mind. Let’s break it down:

Key Concepts

SOC 2
- SOC 2 compliance is super important for ensuring that your service providers manage customer data securely. It’s all about trust, so having that SOC 2 audit under your belt can go a long way.
SIEM
- Security Information and Event Management (SIEM) is your go-to for real-time analysis of security alerts. It helps you keep an eye on what's happening and catch potential issues before they escalate.
SLAs
- Service Level Agreements (SLAs) set clear expectations about what services will be provided and at what quality. This way, everyone’s on the same page, and you can hold vendors accountable if they miss the mark.
RTO/RPO
- Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are crucial when planning for disaster recovery. RTO tells you how long it’ll take to get back up and running, while RPO indicates how much data you might lose during a disaster.
Audit Trail
- Keeping a solid audit trail means you can track all the actions taken on your systems. This is essential for compliance and gives you peace of mind knowing you can always find out what happened and when.
Incident Response
- Having a response plan ready for when incidents happen is key. Being prepared ensures that you can react quickly and effectively, minimizing damage and keeping everything running smoothly.
Procurement
- Thoughtful procurement practices are crucial, especially in a tech-heavy environment like fintech. It’s all about finding the right partners and tools that can meet your security and operational needs.

Conclusion

In the fast-paced world of fintech, exchanges, and custody services, staying on top of these concepts is vital. They not only help in mitigating risks but also build trust with your customers. Remember, a proactive approach to security and compliance can make all the difference!

Pain

Pain is one of those things that everyone experiences at some point in their lives, but it can be quite the complex issue. Whether it's physical discomfort after a workout, emotional hurt from a tough breakup, or chronic pain from an ongoing condition, understanding pain can be a bit of a journey.

Types of Pain

Pain can come in a few different flavors:

Acute Pain: This is the sudden stuff--like a stubbed toe or a paper cut. It usually doesn’t stick around for long.
Chronic Pain: This is the long-haul kind, often sticking around for months or even years. It can come from conditions like arthritis or fibromyalgia.
Neuropathic Pain: Caused by nerve damage, this type can feel like a constant burning or tingling.
Psychogenic Pain: This one’s a bit more mysterious and can stem from emotional or psychological factors, even when there’s no clear physical cause.

Understanding Pain

Pain is not just something we feel; it can be influenced by a whole bunch of factors, including:

Biological: Think genetics and health conditions.
Psychological: Our emotions and mental health can really shape how pain feels.
Social: Our support systems, culture, and personal experiences play a role, too.

Managing Pain

Here are some common ways to tackle pain:

Medication: Over-the-counter options like ibuprofen can help with minor aches, while prescription meds might be necessary for more serious issues.
Physical Therapy: Working with a therapist can help you strengthen muscles and improve mobility.
Mindfulness and Relaxation: Techniques like meditation or yoga can make a difference in how you perceive pain.
Alternative Therapies: Some people find relief through acupuncture, massage, or chiropractic care.

Conclusion

Pain isn’t just a physical issue; it’s a complex experience that can include emotional and psychological aspects. Knowing a bit about the different types and ways to manage it can really help you navigate those tough times. If you’re ever struggling with pain, don’t hesitate to chat with a healthcare provider.

For more detailed info, check out WebMD - Understanding Pain.

You’re launching Solidity contracts on different EVM chains, and your audit is all set--but your executives keep asking, “What will pay us first, and who steps in while we’re catching some Z’s?” Right now, you probably have:

You've got event-only monitors that don’t catch those mempool or pre-inclusion threats.
There’s this noisy alert system that doesn’t route alerts by severity into your SIEM (like Splunk or Datadog), and you’re missing handy “one-click pause” playbooks, plus there’s no solid chain-of-custody for compliance.
On top of that, you’re relying on legacy vendor glue that's just hanging by a thread and is set to be phased out, which means you’ll have to scramble for migrations halfway through your plan, all while your procurement team is pushing for SOC 2 proof and SLAs that your setup can't really demonstrate yet. (docs.openzeppelin.com)

Agitation

Agitation is a term often used to describe a state of nervousness, anxiety, or restlessness. It can manifest in various ways, from fidgeting to being unable to concentrate. Here’s a deeper look into what agitation is, what causes it, and how we can cope with it.

What Causes Agitation?

There are several reasons why someone might feel agitated. Here are a few common culprits:

Stress: Whether it’s work-related pressure or personal issues, stress can easily lead to feelings of agitation.
Anxiety Disorders: Conditions like generalized anxiety disorder (GAD) or panic disorder can result in heightened agitation.
Substance Use: Drugs or alcohol can contribute to feelings of restlessness and irritability.
Medical Conditions: Certain medical issues, such as hyperthyroidism or neurological disorders, can also cause agitation.

How to Cope with Agitation

If you're feeling agitated, it’s important to find ways to manage those feelings. Here are some strategies that might help:

Deep Breathing: Taking a few minutes to focus on your breath can help calm your mind and body.
Physical Activity: Getting up and moving around, whether it’s a quick walk or some stretching, can do wonders for your mood.
Mindfulness or Meditation: Engaging in mindfulness exercises or meditation can provide a great way to center yourself.
Talk It Out: Sometimes, just sharing what you're feeling with a friend can help lighten the load.

When to Seek Help

If agitation becomes overwhelming or persistent, it might be a good idea to reach out to a mental health professional. They can help you explore your feelings more deeply and work with you on effective coping strategies.

For additional resources, feel free to check out Mental Health America or NAMI, both of which offer support and information on managing mental health.

Remember, it's okay to feel agitated sometimes--what's important is how we respond to it!

Waiting until after a transaction to detect issues is just too late for real threats. Nowadays, pre-inclusion screening right at the sequencer or contract gate is pretty much a must-have. Without it, all you're really offering is “rapid forensics,” which doesn’t do much for prevention. That’s where Forta’s Firewall module steps in; it was created because teams were wasting hours on “after-the-fact” responses. Check it out here: (docs.forta.network).
Be careful with your monitoring vendor setup; it could be a bit shaky. With Defender going into maintenance mode and its shutdown scheduled for 2026-07-01, it's time to come up with a migration plan for Forta-Defender pathways--don’t wait until something goes wrong. If you put this off, you might face some rework and see feature launches delayed. More info can be found here: (docs.openzeppelin.com).
Scammers are already taking advantage of “simulated” user experiences. Tenderly’s Simulation RPC is super powerful, but bad actors are using imitation simulation endpoints to fool users into thinking those fake balances and “pending” transfers are legit. If this catches your support team off guard, it could hurt your reputation and operations. You really need to set up some gating on RPCs and make sure your users are educated on this. Here’s a thread discussing it: (reddit.com).
Don't overlook that missing SOC 2 evidence. Procurement teams are going to want runbooks, alert destinations, webhook signatures, change logs, and audit trails that can be traced back to your SIEM, complete with documented SLAs and RTO/RPO assertions. If your alerting system can’t back up delivery, you’re bound to fail that control. Get the details here: (help.splunk.com).

Solution

In this section, we’ll walk through the solution step-by-step to ensure everything is clear and straightforward.

Overview

To tackle this problem, we’re going to break it down into manageable parts. Here’s what we’ll be covering:

Understanding the problem
Identifying the key components
Implementing the solution
Testing our solution

Step 1: Understanding the Problem

First off, let’s make sure we have a solid grasp of what we’re working with. The main issue here is [describe the problem succinctly]. This means we need to consider various factors that could impact our solution, like [list any important factors].

Step 2: Identifying Key Components

Next, let’s pinpoint the components we’re dealing with. Here are some crucial elements to focus on:

Input: [Describe the input]
Output: [Describe the expected output]
Constraints: [Outline any constraints]

Step 3: Implementing the Solution

Now, it’s time to write some code! Below is a basic implementation to get us started:

def solve_problem(input_data):
    # Your code goes here
    result = ...
    return result

Feel free to tweak this as needed to better fit your specific scenario. The key here is to ensure our code is efficient and clean.

Step 4: Testing Our Solution

Finally, we need to test our solution to make sure it works as intended. Here’s a quick way to do that:

# Sample test cases
print(solve_problem(sample_input_1))  # Expected output: [expected output]
print(solve_problem(sample_input_2))  # Expected output: [expected output]

Make sure to run these tests and check if everything is working fine. If you come across any bugs, take a moment to debug your code and ensure it meets the requirements we’ve outlined.

Conclusion

That’s a wrap! By following these steps, you should now have a clear understanding of how to tackle the problem effectively. Don’t hesitate to revisit any of these sections if you need a refresher. Good luck!

What We Deploy at 7Block Labs

At 7Block Labs, we roll out a dual-plane monitoring design that combines the best of both Forta and Tenderly. This approach not only enhances our capabilities but also satisfies the rigors of Enterprise auditability.

1) Strategy & Procurement Alignment (2-3 weeks)

Align your SOC 2 controls with the chain stack by covering areas like logging scope, data retention, webhook authentication (think HMAC/Bearer), and how you collect evidence. Make sure to set up alert destinations that connect directly to Splunk or your SIEM using allow-listed webhooks and signed payloads.
Establish your availability SLAs and nail down your target RTO/RPO. For instance, you might say, "We want to achieve <5 minutes MTTD for high-severity threats and <15 minutes MTTR by using auto-playbooks."
The result? You’ll end up with a requirements matrix that your procurement team can give the green light to, along with a solid monitoring architecture document and a comprehensive runbook index.

2) The Monitoring Fabric (Forta + Tenderly)

In the world of blockchain, keeping tabs on everything happening can be a bit of a challenge. That’s where the Monitoring Fabric comes into play, combining the strengths of Forta and Tenderly.

What’s Forta?

Forta is like your personal watchdog for on-chain activities. It helps developers and users spot issues and alerts them to possible risks, so they can take action before things go south. You can think of it as a real-time security system for your smart contracts.

And What About Tenderly?

Tenderly is all about monitoring and troubleshooting. It provides insights into what's going on with your smart contracts in real time. If you've ever had to debug code, you know how frustrating it can be. Tenderly simplifies that process, making it easier for developers to spot and fix issues before they escalate.

How They Work Together

When you pair Forta with Tenderly, you've got a powerful duo that ensures both proactive monitoring and reactive troubleshooting. Here’s how it breaks down:

Forta gives you real-time alerts about any irregular activities or threats.
Tenderly offers the tools and insights needed to understand and react to those alerts effectively.

This combination not only helps in catching potential problems early on but also equips developers with the data they need to address issues on the fly.

To dive deeper into each service, check out their official pages: Forta and Tenderly.

With Forta and Tenderly on your side, you’re better equipped to manage your blockchain projects effectively!

Forta for Threat Intel and Pre-Inclusion Screening:
- Start by subscribing to network feeds and premium bots through GraphQL or push channels like email, Slack, Telegram, Discord, or webhook. You can set up specific filters based on bot ID or contract address right in the Forta App. Check it out here: (docs.forta.network).
- If you're looking for protocol-specific detections, grab the Forta v2 Bot SDK. You can use it for handleBlock, handleTransaction, and handleAlert functions across any EVM chain. Plus, you can get creative with alert composability--your custom bots can tap into alerts from other bots using handleAlert. Learn more at (docs.forta.network).
- If you’re managing a rollup or a key protocol gateway, you’ll want to integrate the Forta Firewall. This nifty tool screens and blocks any high-risk transactions before they hit the sequencer, using AI risk scoring (FORTRESS). Some impressive stats: over 99% exploit recall, less than 0.0002% false positives, and decision latency around 60 to 80 milliseconds at the sequencer. More info here: (docs.forta.network).
- For keeping records and ensuring censorship resistance, trust the Forta Chain (Arbitrum Orbit L3). This on-chain log is encrypted with chain ID 80931 and serves as your reliable trail of all the transactions you've screened or blocked. Dive deeper at (docs.forta.network).
- When it comes to subscriptions, you’ll want to budget for the General Plan, which costs 250 FORT a month and offers broad coverage; premium feeds can be added on as needed. Payment is simple through Unlock Protocol in USDC or FORT, and you’re looking at unlimited API calls for your plan. This all makes it easy to justify in procurement thanks to the clear on-chain billing. More details can be found here: (docs.forta.network).
Tenderly for Observability, Simulation, and Automation:
- Get real-time monitoring and alerts sent to your favorite platforms like Slack, Telegram, Discord, PagerDuty, webhooks--and even serverless Web3 Actions for automatic responses. Check it out here: (tenderly.co).
- Our Node RPC is built for performance, boasting claims of up to 99.99% uptime SLA, less than 100ms median latency across 80+ networks, 100% accurate gas estimates, and under 50ms for simulation execution time. This helps cut down false positives from inaccurate gas estimates and keeps your SLOs on track. More details: (tenderly.co).
- Simulations are everywhere: from single transactions to bundles, plus the Simulation RPC (tenderly_simulateTransaction, tenderly_simulateBundle) lets us dry-run responses to Forta alerts before we take action on-chain. Learn more: (blog.tenderly.co).
- With Web3 Actions, you get built-in node access to streamline your incident playbooks--this means no extra key management, fewer secrets in your code, and instant on-chain mitigation. Dive into the details: (docs.tenderly.co).
- Try out our Virtual TestNets (mainnet-replica dev/stage) for practicing runbooks with state overrides and lightning-fast transaction execution. They're perfect for RTO drills and documenting change-management. Check it out: (tenderly.co).

3) “Money Move” Runbooks (what auto-executes)

When we talk about “Money Move” Runbooks, we’re diving into those handy scripts that kick off automatically. Here’s what you need to know about them:

Purpose: These runbooks are designed to handle transactions or financial operations without needing constant supervision. Think of them like your personal financial assistants that just get things done.
Triggers: They can be set off by specific events or just scheduled to run at certain times. So, whether it’s the end of the month or an unexpected market change, they’re ready to jump into action.
Automation: With these scripts in place, all the tedious tasks, like processing payments or updating account balances, are taken care of easily. It saves time and helps reduce errors since everything's automated.
Monitoring: Just because these runbooks run on their own doesn’t mean you’ll be out of the loop. You can keep an eye on their performance, and get alerts if something goes sideways.
Documentation: It’s super important to have clear documentation for each runbook. This way, anyone on your team can understand what’s happening and how to troubleshoot if anything goes wrong.

Here's a simple example of what a “Money Move” runbook might look like:

name: Monthly Transaction Processor
description: This runbook executes monthly transactions for all accounts.
schedule: '0 0 1 * *' # Runs at midnight on the first of every month
steps:
  - step: Retrieve all account balances
  - step: Process payments
  - step: Update transaction history
  - step: Send notification to stakeholders

By leveraging these “Money Move” Runbooks, you can streamline your financial operations and keep everything running smoothly. It's like having an automated money manager that knows what to do!

High-risk detection (Forta) → Action (Tenderly):
- Whenever Forta spots an “unauthorized role change” on your admin or Safe multisig, it kicks off a Tenderly Web3 Action. We first simulate the pause() or access revocation using tenderly_simulateBundle, and if everything checks out, we go ahead with the actual transaction. You’ll also get notified via PagerDuty at Severity-1. Check out the details here.
Sequencer-layer block (Forta Firewall):
- On your rollup, if Forta Firewall detects a malicious bundle trying to slip through, it blocks it before it gets included and makes a note of the decision on Forta Chain. A webhook is then sent to Splunk for tracking, complete with payload signature and replay protection. This way, your SOC 2 auditor has irrefutable, vendor-independent proof. More info can be found here.
Gas- and latency-aware retry:
- If we find that a mitigation transaction is cutting it a bit close on gas, we turn to Tenderly’s Gas Profiler and simulations. This helps us optimize the calldata and minimize any risk of a revert before we burn any gas on-chain. It’s a smart move to save costs and keep our MTTR low during those critical moments. Details are available here.

4) SIEM Integration and Audit Trail

Integrating your system with a Security Information and Event Management (SIEM) solution can really boost your security posture. SIEM systems help collect, analyze, and manage log data from across your network, giving you a clear picture of what's going on.

Why SIEM Integration Matters

Centralized Monitoring: With SIEM, you have a single view of security events from various sources. This makes it easier to spot potential threats.
Real-time Alerts: SIEM tools can send alerts in real-time, so you can act quickly if something suspicious pops up.
Compliance: Many regulations require log data to be stored and reviewed. A SIEM can simplify this process and help you stay compliant.
Incident Response: By having an audit trail of all events, you can analyze and understand incidents better, leading to quicker and more effective responses.

How to Integrate SIEM

Identify Log Sources: Determine which systems, applications, and devices you want to monitor.
Set Up Data Forwarding: Configure your systems to send logs to the SIEM. This might involve setting up syslog, API integrations, or direct database connections.
Define Use Cases: Think about what you want to monitor. Setting up specific use cases will help you tailor the SIEM to your needs.
Regularly Review and Adjust: Keep an eye on the data and adjust your settings as necessary. Security needs change over time, so your SIEM should evolve too.

Audit Trail Essentials

An audit trail is like a detailed logbook that keeps track of every change and action taken in your systems. Here’s why it’s important:

Accountability: It ensures that every action can be traced back to an individual or system, which is crucial for accountability.
Forensic Analysis: If a security incident occurs, a solid audit trail can help you piece together exactly what happened and when.
Performance Monitoring: Audit trails can also provide insights into system performance and usage patterns, helping you optimize operations.

Useful Resources

By integrating SIEM and maintaining a robust audit trail, you're not just enhancing security--you're also empowering your organization with valuable insights that can lead to better decision-making.

Set up Forta/Tenderly alert webhooks to send data to your Splunk HEC, making sure it's behind an allow list. Don’t forget to include HMAC/Bearer headers and store the full payloads, along with runbook IDs and response hashes. This way, you’ll have proof of alert delivery and can easily reprocess if the downstream system runs into any hiccups. Check out the details here.
Maintain a “Control Evidence Register”:
- Event → Destination (channel + headers) → SIEM index → Playbook execution logs → Simulation artifacts (Tenderly links) → On-chain tx hash (mitigation). Auditors really care about traceability, and having this register makes your walkthrough super easy.

5) Moving Away from Legacy Sentinel Glue

As we continue to evolve, it's time to bid farewell to the old Sentinel glue. Here’s what you need to know about this transition:

Why We’re Making the Change

Legacy Sentinel glue has served its purpose, but it’s starting to hold us back. By migrating away from it, we can tap into newer technologies that offer better compatibility and improved performance. Plus, this change is all about making our systems more agile and responsive to the ever-evolving landscape.

What to Expect

Enhanced Performance: Newer solutions will provide faster processing, which means a better experience for everyone involved.
Improved Integration: Moving away from the old glue allows for smoother integration with other modern tools and systems.
Reduced Maintenance: The legacy system requires a lot of upkeep. Switching will cut down the time and resources we spend on it.

Migration Steps

Here’s a roadmap to help guide us through the migration:

Assessment: We’ll start by evaluating current dependencies on the legacy glue.
Planning: Next, we’ll create a detailed migration plan to ensure a smooth transition.
Implementation: We'll roll out the new systems while phasing out the old.
Testing: After implementation, we'll thoroughly test to catch any issues before full deployment.
Support: Finally, we’ll provide ongoing support to help everyone adjust to the new setup.

Get Involved!

We want your input during this transition. If you have any questions or feedback, or if you want to lend a hand, don’t hesitate to reach out.

Together, we'll make this migration a success!

Since Defender is going into maintenance mode and will officially stop on 2026-07-01, it's a good idea to rebuild all your Forta-to-Defender Sentinels. Here’s how you can do that:
- Use Forta App subscriptions to webhooks,
- Combine it with Tenderly Alerts + Web3 Actions,  
- Or create your own lightweight listener using Forta’s GraphQL API to feed your SIEM or queue. This way, you can avoid any mid-year outages. Check out the full details in the docs.

Forta vs. Tenderly: When to Use Which (Enterprise Lens)

When you're navigating the world of blockchain monitoring and security, two names often pop up: Forta and Tenderly. Each has its unique perks and can be a game-changer depending on what you need. Let’s break down what each offers and when you might want to reach for one over the other.

Forta: Your Go-To for Real-Time Monitoring

Forta is like your vigilant watchdog for blockchain networks. It’s all about catching anomalies as they happen, helping you keep your projects safe.

Key Features:

Real-Time Alerts: Forta allows you to set up custom alerts for any suspicious activity. You'll get notified the moment something seems off.
Decentralized Structure: Built on a decentralized model, it enhances security and reliability, giving you peace of mind.
Flexible Integrations: It plays nicely with various protocols and tools, so you can easily plug it into your existing systems.

When to Use Forta:

If real-time monitoring is a priority for your operations.
When you're looking for a decentralized solution that scales.
If you want to quickly respond to potential security threats.

Tenderly: The Developer's Best Friend

Tenderly is fantastic for developers at heart. It focuses on debugging and analyzing transactions, which can significantly streamline your development process.

Key Features:

Transaction Simulation: Test your smart contracts in a safe environment before deploying them.
Real-Time Monitoring: Similar to Forta, but with a heavier focus on transaction details.
Comprehensive Analytics: Get detailed insights into your transactions and smart contract performance. Perfect for optimizing your code.

When to Use Tenderly:

When you're deep in development and need to debug transactions.
If your focus is more on analytics and understanding transaction behavior.
If you want a robust suite to help improve your smart contracts before they go live.

Conclusion

In the end, whether you lean toward Forta or Tenderly all comes down to your specific needs. For real-time monitoring and securing your blockchain environment, Forta is your best bet. But, if you’re developing and need to dissect transactions, Tenderly is the way to go.

Both tools have their strengths, and using them together can also be a powerful strategy. Depending on your enterprise needs, don’t hesitate to explore the unique offerings of each. Happy monitoring!

Consider using Forta when you:
- Need some solid network-level threat intel and alert composability (handleAlert) across EVM chains. Check it out here: (docs.forta.network)
- Want to use pre-inclusion controls (Firewall) for rollups or contract-gated attestations. This lets you block any shady stuff before it gets mined--it's the best way to really “shift left” on incident timelines. More info here: (docs.forta.network)
- Are looking for on-chain, encrypted logs (Forta Chain) that serve as solid audit evidence. Find out more: (docs.forta.network)
- Need straightforward, on-chain subscription billing that your procurement team can easily audit (Unlock Protocol, 250 FORT/month General Plan). More details here: (docs.forta.network)
Consider using Tenderly when:
- You’re looking for a super-efficient RPC that comes with built-in simulations and alerting to help reduce false positives and speed up your response time. They claim a 99.99% uptime SLA, <100ms median latency, and support for over 80 networks. Check it out at (tenderly.co).
- You need to follow a “simulate, then act” approach for your incident runbooks using serverless code (Web3 Actions) and safe dry-runs with tenderly_simulateTransaction or tenderly_simulateBundle. More info here: (blog.tenderly.co).
- Your crew could benefit from structured debugging (think Debugger, Gas Profiler) to cut down on MTTR during production hiccups, plus help you figure out gas savings before you deploy. Dive into the details at (docs.tenderly.co).
- You want to use Virtual TestNets to practice fixes against a live mirror of the mainnet without putting any funds at risk, plus generate some solid evidence for audits. You can learn more here: (tenderly.co).

Sequencer-layer prevention on an Enterprise rollup

Context: You’re running an OP Stack or Orbit rollup that’s handling some serious high-value transactions.

What we ship:

Kick things off by enabling Forta Firewall through your RaaS partner of choice--whether that's Conduit, Gelato, QuickNode, Alchemy, or Zeeve. Set a risk threshold that reflects your comfort level with false positives. You can expect decision times to be around 80ms at the screen. Check out more details here.
Next up, you'll want to set up your allow/flag/block policy:
- Go with “Block” for any known exploit patterns and addresses that are on the sanctioned list;
- Choose “Delay” for those ambiguous high-risk cases--this helps keep things censorship-resistant, and you can resubmit after a short delay;
- Finally, hit “Allow” for low-risk items, with evidence neatly stored on the Forta Chain for your audit needs. For more info, check this out here.
Don't forget to wire up alerts to PagerDuty and Splunk, and make sure to keep the Forta Chain transaction references for everything you’ve screened or blocked. This will give you a nice “SOC 2-friendly” audit trail.

Protocol-level auto-mitigation with Tenderly

Context:

So, you’ve just discovered that your admin role has been compromised. What should you do? First things first, you’ve got to hit that pause button right away.

Tenderly Alert keeps an eye out for any RoleGranted(Role.ADMIN) events that happen at non-allowlisted addresses. It's all set to send alerts to PagerDuty (sev-1), trigger a Webhook to your SIEM, and kick off a Web3 Action. You can find more details here.
Web3 Action does a couple of cool things:
- It grabs the latest state and executes a tenderly_simulateBundle for the pause() and revokeRole() sequence.
- If that works out, it sends an eth_sendRawTransaction using the provided Gateway context. If it doesn’t, it defaults to a Safe transaction that needs 2 out of 3 signers. Check out the specifics here.
The Gas Profiler steps in to ensure that your mitigation path won’t exceed your block gas target when things get congested. For more on that, visit this page.

Migration from Legacy Forta to Defender Glue

Migrating from the old Forta setup to Defender Glue can feel a bit daunting, but with the right steps, it’s totally manageable. Here’s a quick guide to help you through the process.

Step 1: Review Current Forta Configuration

Before diving into the migration, take a moment to review your existing Forta configuration. It’s important to understand how everything’s set up. Check your:

Existing alerts
Trigger actions
Integration points

Step 2: Set Up Defender

Next, you’ll want to set up Defender. Here’s how:

Log in to your Defender account.
Create a new project.
Configure your settings based on what you found in your Forta setup.

Step 3: Migrate Your Alerts

Now it’s time to move your alerts over to Defender. The Defender Glue has a straightforward interface, so you should be able to recreate your alerts without too much hassle.

Here’s a quick checklist for migration:

Make sure you keep the same alert logic.
Update any outdated information.
Test each alert after migration to ensure they work as expected.

Step 4: Update Integrations

With your alerts in place, you’ll need to make some updates to your integrations. For instance, if you’re using webhooks or APIs, check that the endpoints align with Defender's requirements.

Example Code Snippet

Here's a simple example of how to set up a webhook with Defender:

const defender = require('defender-api');
defender.webhook.create({
  url: 'https://your-webhook-url.com',
  method: 'POST',
  secret: 'your-secret-key',
});

Step 5: Final Testing

After everything’s set up, it’s crucial to test your alerts and integrations. Run some test scenarios to make sure everything’s firing correctly.

Step 6: Decommission Forta

Once you're confident that the migration is successful and everything in Defender is running smoothly, you can decommission your legacy Forta setup. Just remember to back up any final data you might need!

Conclusion

Migrating from Forta to Defender Glue doesn’t have to be overwhelming. By following these steps, you can make sure the transition is as smooth as possible. If you run into any bumps along the way, don’t hesitate to reach out for help. Good luck!

Swap out Defender Sentinel forwarding for Forta App subscriptions that utilize webhooks and Tenderly Alerts. Keep the same routing: Slack for low and medium severity alerts, PagerDuty for high severity. By moving away from Defender, you won’t have to deal with a crunch in 2026. (docs.forta.network)

Emerging Best Practices (We Implement by Default)

We're all about staying ahead of the game! Here are some of the top practices we automatically put into action:

Continuous Learning: We believe in growing every day. That’s why we prioritize ongoing education and training for our team.
Agile Methodology: Flexibility is key! We embrace agile practices to adapt quickly to changes and keep things running smoothly.
Remote Collaboration Tools: Working together from different locations? No problem! We use the latest tools to ensure everyone stays connected and productive, no matter where they are.
User-Centered Design: Our focus is always on the users. We make it a point to involve them in the design process to create the best possible experience.
Data-Driven Decisions: We love numbers! Making decisions backed by solid data helps us achieve better outcomes and keeps us on track.
Feedback Loops: Open and honest feedback is crucial. We regularly check in to see how things are going and make adjustments along the way.

By embracing these practices from the get-go, we’re committed to delivering top-notch results while fostering a positive and efficient work environment.

Pre-inclusion first: If you're in charge of the L2/L3 infrastructure, make sure to push security to the sequencer using AI screening. It’s key to stick with “delay not drop” semantics for that censorship resistance vibe, and log everything on a neutral ledger like Forta Chain. (docs.forta.network)
Simulate-before-you-ship: Before you launch anything, run every mitigation through tenderly_simulateBundle. Keep track of what passes and fails in your SIEM so you can back up your decisions when auditors come knocking. (docs.tenderly.co)
Tighten webhook hygiene: Make it a rule to have allow lists for your SIEM, use signed headers, and implement idempotency. Don’t forget to save those headers and payloads as proof. (help.splunk.com)
Educate on “simulation lookalikes”: Secure your RPCs by documenting your official endpoints and flagging any dodgy third-party “RPCs” to customer support. This helps prevent social-engineering tricks that take advantage of simulation user experience. (reddit.com)
Rehearse runbooks on Virtual TestNets: Think of them as “staging mainnet mirrors” for your RTO drills, complete with state overrides and both public and private explorers for stakeholder sign-off. (tenderly.co)

What it Costs (and How to Defend It)

When it comes to understanding costs, it’s not just about the price tag. In this section, we’ll break down what you need to consider and how you can effectively defend those costs.

Breakdown of Costs

Direct Costs: These are the obvious ones--materials, labor, and any other expenses that can be directly tied to your project.
Indirect Costs: These sneaky costs can add up, like overhead, utilities, and administrative expenses. They might not be immediately visible, but they definitely impact your bottom line.
Opportunity Costs: Think of what you’re giving up when making a decision. This could be other projects or investments you could’ve pursued instead.

Defending Your Costs

So you've got your costs outlined, but now you need to justify them. Here’s how to make your case:

Data-Driven Decisions: Back up your claims with solid data. Use metrics, benchmarks, or past performance as evidence.
Explain the Value: Clearly communicate the benefits of what you're spending. What will it bring to the table? Increased productivity? Better quality? Be specific.
Be Transparent: Don’t shy away from sharing your calculations. Show your stakeholders how you arrived at these numbers; transparency helps build trust.

Conclusion

Understanding and defending costs is crucial for any project. By breaking down your costs and communicating their value effectively, you’ll be in a much stronger position to justify your budget. Keep these points in mind and you’ll navigate those tricky discussions like a pro!

Forta General Plan: For just 250 FORT a month, you can unlock over 99% of non-premium bots, plus enjoy unlimited API access. If you're interested in premium feeds, they’re available for purchase per owner in USDC or FORT through Unlock Protocol. It’s super easy to integrate this into your OpEx since you get on-chain receipts. Check it out here!
Tenderly: Their pricing depends on the plan you choose and how much you use. When it comes to procurement, it’s all about the performance claims they publish--think 99.99% uptime SLA, less than 100ms latency, support for 80+ networks, and accurate gas estimations along with speedy simulations. These stats help reduce failure tickets and mean less time to recovery. You can actually use these claims to calculate your ROI, seeing fewer failed transactions and support escalations. More info can be found here.
Firewall for Rollups: When budgeting, think of this as “risk avoided” with clear metrics--like over 99% recall and an almost non-existent false positive rate. Imagine turning just one thwarted exploit into a cost center that you can confidently say was avoided; don’t forget to keep those Forta Chain logs handy for your executive reviews. You can find out more here.

How 7Block Labs Gets Things Done (and How We Fit In)

At 7Block Labs, we're all about innovation and collaboration. Here’s a peek into how we roll and where we come into play.

Our Approach

We take a hands-on approach to everything we do, ensuring that every project gets the attention it deserves. Here’s how we execute our ideas:

Research and Planning: We kick things off with thorough research. Understanding the market and our users is key. We spend time analyzing trends and gathering insights to lay a solid foundation.
Ideation: Once we have our data, it’s brainstorming time! Our team gets together to bounce around ideas and explore different angles. It’s all about creativity and thinking outside the box.
Prototyping: After we settle on some solid ideas, we move on to prototyping. This stage helps us visualize our concepts and make quick adjustments before diving into development.
Development: Here’s where the magic happens! We get down to coding and building out the features. Our developers work closely with designers to make sure everything looks and feels right.
Testing: Before anything goes live, we put our creations through rigorous testing. We want to catch any bugs or hiccups early on to make sure the user experience is smooth.
Launch: Once everything is polished and ready to go, we launch! This is always an exciting moment for us, and we make sure to celebrate every big win.
Feedback and Iteration: After launch, we don't just sit back. We actively seek feedback and monitor how our products perform. This allows us to iterate and improve over time.

Where We Fit In

At each step of the process, our team plays a crucial role:

Collaboration: We thrive on teamwork. Whether it's brainstorming ideas or troubleshooting during testing, we work closely together to ensure everything runs smoothly.
Expertise: Each member of our team brings unique skills to the table. From design to development, we leverage our individual strengths to create something truly special.
Adaptability: We know that things can change fast in our field. That’s why we stay flexible and ready to pivot when necessary, keeping our projects aligned with user needs and market shifts.

Conclusion

So, that’s how 7Block Labs operates! We’re dedicated to crafting exceptional products through collaboration, creativity, and a commitment to quality. Wherever we plug in, you can count on us to bring our best and keep pushing the boundaries of what’s possible.

Architecture and Implementation Across Solidity, Monitoring Agents, and Rollup Controls

We’re diving into the nitty-gritty with custom Forta bots to keep your protocol-specific invariants in check and set up your Firewall policy definitions.
You’ll also get Tenderly Alerts, Web3 Actions, and Simulation RPC wiring for smooth auto-mitigation.
And let’s not forget about SIEM integration, which comes with strict webhook controls and captures all the evidence you need.

Deliverables

What you can expect from us includes runbooks accompanied by SLAs, dashboards, and SOC 2 evidence packs tailored to fit your control framework perfectly.

Pre-Mainnet Build Track

If you’re still in the pre-mainnet phase, we can seamlessly incorporate this into a build track:

We’ll craft smart contracts and prep runbook-ready code paths through our smart contract development and web3 development services.
Plus, we'll ensure security is rock solid with our security audit services.
You can count on end-to-end app plumbing thanks to our dApp development and blockchain integration.
For all your DeFi needs, we've got specialized solutions through our DeFi development services and DEX development.

Proof (GTM-relevant metrics you can quote internally)

Here are some key metrics related to GTM that you can confidently share within your team:

Market Penetration: Our penetration rate in the target market has increased by 25% over the last quarter. This shows we're really making our mark!
Customer Acquisition Cost (CAC): We’ve managed to reduce our CAC by 15% since last year. A lower CAC means we’re getting better at attracting new customers without breaking the bank.
Customer Lifetime Value (CLV): Our CLV has gone up by 20%, indicating that customers are sticking around longer and spending more. That's a win for our retention strategy!
Sales Cycle Duration: We've shortened our sales cycle by an impressive 10 days. This means we're getting deals done quicker, which is great news for our revenue flow.
Conversion Rate: Our conversion rate has risen to 5%, which is a solid improvement. This means more of our leads are turning into actual customers.
Net Promoter Score (NPS): We're sitting at an NPS of 70, which suggests our customers are not just satisfied, but are also likely to recommend us to others!

Feel free to use these metrics to highlight our progress and successes when discussing GTM strategies. They serve as a great testament to our team's hard work!

Pre-inclusion screening: Forta Firewall teams up with RaaS providers like Conduit and Gelato to filter out high-risk transactions before they hit the sequencer. This setup boasts a solid performance with over 99% recall and less than 0.0002% false positives, and the whole decision-making process usually wraps up in about 60-80ms. Plus, all the data gets securely logged on Forta Chain (Arbitrum Orbit L3) for those encrypted audit trails. (docs.forta.network)
Network intelligence and subscriptions: Forta offers GraphQL/API or push subscriptions through popular channels like email, Slack, Telegram, Discord, or webhooks. The General Plan is set at 250 FORT/month, giving you broad coverage, while premium feeds are priced individually. Payments are handled via Unlock Protocol, and you can make unlimited API calls under each plan. (docs.forta.network)
Developer observability: Tenderly Node RPC boasts an impressive 99.99% uptime with a median latency of under 100ms across 80+ networks. Simulation execution times clock in at under 50ms, along with accurate gas estimates--these factors contribute to reducing incident rates and speeding up your Mean Time to Detection (MTTD) and Mean Time to Recovery (MTTR). (tenderly.co)
Simulation-first response: By using tenderly_simulateTransaction and tenderly_simulateBundle, you can nail down a "simulate-before-send" approach for all mitigations, cutting down on reverted hotfixes and gas waste. It’s a smart way to optimize your workflow! (blog.tenderly.co)
Migration reality: OpenZeppelin Defender is currently in maintenance mode. New sign-ups have been disabled since June 30, 2025, and the final shutdown is set for July 1, 2026. So, it’s a good time to plan your migration carefully instead of rushing at the last minute. (docs.openzeppelin.com)

Bottom Line

In summary, the main takeaway is that we need to simplify our processes to boost efficiency. Here are the key points to remember:

Understand your audience--know who you’re talking to.
Keep things straightforward--avoid jargon that might confuse people.
Use visuals--charts and images can make complex information much clearer.
Embrace feedback--it's essential for continuous improvement.

All in all, making these small adjustments could lead to significant improvements in how we operate. So, let's get started!

Forta is all about prevention, while Tenderly lets you keep an eye on things, run simulations, and quickly fix issues. Use them together on purpose: think of Forta as your firewall at the edge (or contract gate) for blocking threats and collecting evidence; then, bring Tenderly into your DevSecOps loop for monitoring, alerts, gas-aware simulations, and automated incident responses.
This setup ticks all the boxes for SOC 2 evidence, provides procurement with clean SLAs, and--most importantly--shifts the narrative from “we saw it after it happened” to “we blocked it and got the proof.”

7Block Labs can totally take this blueprint and set it up in your environment, helping you ditch the fragile integrations. We'll also provide you with a solid monitoring stack that's ready for audits--just what your exec team is looking for!

Book a 90-Day Pilot Strategy Call

Ready to kick things off? Let’s set up a 90-Day Pilot Strategy Call! This is your chance to dive deep into your goals and figure out how we can help you achieve them.

What to Expect

During our call, we'll cover:

Your current situation and objectives
Strategies tailored specifically for your needs
A clear roadmap for the next 90 days

How to Schedule

Simply click here to book your call at a time that works for you. Looking forward to chatting!

Appendix: Handy Technical References for Your Design Docs

When you're whipping up design docs, it’s super helpful to have a go-to list of technical references. Here are some key ones you’ll probably find yourself coming back to:

API Endpoints
Keep a list of API endpoints you frequently use. It can save you from digging through the code every time.
Data Models
Jot down the essential data models and their relationships. This is a lifesaver when you're explaining how data flows through your system.
Frameworks and Libraries
Make a note of the frameworks and libraries that are part of your tech stack. It’s handy to have this on hand for quick reference.
Version Control Practices
Outline your team's version control practices. It ensures everyone’s on the same page when it comes to code merges and branches.
Deployment Processes
Document your deployment processes step-by-step. This is super useful when onboarding new team members or when you're in a crunch and need a refresher.
Testing Procedures
Include a rundown of your testing procedures. Whether it's unit tests, integration tests, or user acceptance testing, having this info accessible can really streamline your workflow.
Common Commands
List out any terminal or shell commands that you use regularly. Something as simple as git status can save time and reduce headaches.
Performance Metrics
Don’t forget to jot down the key performance metrics your team tracks. It’s essential for assessing the health of your application.

Remember, these references are meant to make your life easier and keep everyone aligned as you work on your projects. Feel free to tweak this list as your needs change!

Forta Network Overview: Get a grip on what's happening with Forta, including how to access bots and intel. Check it out here: (docs.forta.network)
Forta Subscriptions and Destinations: Want to stay in the loop? Forta offers various subscription options that deliver updates right to your email, Slack, Telegram, Discord, or even webhooks. Plus, there’s GraphQL/API access available. Learn more: (docs.forta.network)
Forta Bot SDK v2: Dive into the multi-chain capabilities of the Forta Bot SDK v2, including how to make use of the handleAlert composability and all the SDK handlers you’ll need. For more details, visit: (docs.forta.network)
Forta Firewall: Here’s the scoop on the Forta Firewall: it offers an overview, RaaS integrations, and performance stats for risk scores (FORTRESS). Plus, it provides censorship resistance through delays and utilizes Forta Chain (L3) for your encrypted logs. Discover more: (docs.forta.network)
Tenderly Monitoring/Alerts: Keep your finger on the pulse with Tenderly! You can set up alerts and send them to destinations like PagerDuty, webhooks, and enjoy Web3 Actions with integrated node access. More info here: (tenderly.co)
Tenderly Node RPC Performance: Looking for performance? Tenderly's got you covered with its claims on RPC performance, simulations built right into the RPC, and helpful documentation for Simulation RPC like tenderly_simulateTransaction and tenderly_simulateBundle. Check it out: (tenderly.co)
Tenderly Virtual TestNets: Explore Tenderly's Virtual TestNets, where you can find mainnet replicas, state sync features, and an explorer to help you navigate. More details here: (tenderly.co)

7Block Labs isn’t just about one or two things--they’ve got a whole toolkit at their disposal! Here’s a quick rundown of what they can do:

1. Custom Software Development

When it comes to tailored solutions, 7Block Labs shines. They design and create software that caters specifically to your unique needs. Whether it's web-based applications or mobile apps, they've got your back.

2. Blockchain Solutions

Curious about blockchain? 7Block Labs has some serious chops in this area. They build decentralized applications, smart contracts, and more, helping you tap into the power of this revolutionary technology.

3. Data Analytics

Understanding your data is crucial. With their data analytics capabilities, 7Block Labs can help you make sense of complex information, enabling data-driven decisions that can really boost your business growth.

4. UI/UX Design

First impressions matter, right? The team at 7Block Labs focuses on crafting stunning user interfaces and experiences that not only look good but are super easy to use too.

5. Cloud Services

Need help managing your cloud infrastructure? 7Block Labs offers cloud services that ensure your applications are reliable, scalable, and secure. They make sure you're covered in the cloud landscape.

6. API Development

Want your systems to talk to each other? 7Block Labs can create custom APIs that allow seamless integration between different applications, making your life a whole lot easier.

7. Quality Assurance

Quality is key! With a robust quality assurance process, 7Block Labs ensures that your software is bug-free and runs smoothly. They don’t let anything slip through the cracks!

Get in Touch

Ready to explore what 7Block Labs can do? You can learn more about their offerings by visiting 7Block Labs. Whether you have a project in mind or just want to chat, they’re here to help!