This course is designed to provide participants with a foundational understanding of blockchain and Web3 technologies, emphasizing existing security risks and mitigation strategies and compliance, following the guidelines from the Web3 Risk and Security Management System (RSMS). 

Learning outcome

- Gain a foundational understanding of blockchain and Web3 technologies and recognize the importance of the Security-by-Design Principle in ensuring robust security measures are integrated from the outset.

- Learn about key security risks in the Web3 threat landscape: such as private key compromise, social engineering threats, and smart contract vulnerabilities, and learn to implement effective security controls and measures to mitigate these risks.

- Gain practical skills for regulatory compliance and risk management: Master the use of tools for monitoring AML compliance and tracing illicit funds, essential for meeting regulatory requirements. Apply methodologies for on-chain monitoring, incident alerts, and compliance with regulations, in line with Web3 RSMS guidelines.

Target Audience

- Founders and CEOs of Tech Start-ups working in blockchain, cryptocurrency, or Web3 environments who need to strengthen their understanding of security risks, smart contract vulnerabilities, and regulatory compliance

- Professionals from fintech, banking, regulatory, risk, and compliance functions, who are looking to build practical capabilities in Web3 risk management, monitoring, and regulatory compliance

Course Details

Date: 10 July 2026 

Time: 9:30am – 5:00pm 

Language of Instruction: English

Venue: Oval Room, Smart-Space FinTech 1, Level 6, Core E, Cyberport 3

Lecture 1: Introduction to Web3 Security & Security-by-Design Principle 
- Evaluating Blockchain Projects Security Risks  
- Reviewing Historical Incident   
 
Lecture 2: Web3 Fundamentals: Private Keys and Addresses 
- Understanding Private Key Compromise Risk Lab 
- Setting Up a Multisig Wallet  
 
Lecture 3: Common Frauds and Social Engineering Threats in Web3  
- Protecting Against Address Poisoning Attacks  
 
Lecture 4: Introduction to Web3 Protocol and Smart Contract Security  
- Identifying Vulnerabilities in Smart Contracts  
 
Lecture 5: Web3 Monitoring, AML, Compliance, and Incident Investigation  
- Crypto AML & Compliance  
- Tracing Illicit Funds / Scam Investigation  

Web3 Security Readiness Assessment 
- Assessment reviewed by Web3 Security Companies (including CertiK)

Training Fee: 
Refundable commitment fee to Cyberport community members (i.e. Cyberport incubatees, CCMF grantees, Cyberport Alumni):

- HK$300 per head
- 100% refund to eligible participants according to Cyberport Academy attendance policy
*Please obtain the discount code by sending email to training@cyberport.hk.

Regular price: 
- HK$1,260 per head
 
*Cyberport reserves the right to charge the original price if applicants use a discount code that does not belong to his/her category
*All monies collected will be used for Cyberport’s public mission start-up events and activities

Speaker