Ostendo is a new blockchain security audit and consulting practice that continues the work of Decidable, led by Rikard Hjort. Its positioning is clear: it provides formal rigor for “important blockchain systems,” with a focus on smart contract audits, protocol reviews, formal methods, and high-signal security advice. The company is currently in an “Open quietly” phase, and the website notes that case studies, full process details, and additional materials are still being prepared.
Ostendo is not a traditional network perimeter defense or SOC product. Instead, it offers expert services for Web3 code and protocol design. Its smart contract audits cover Solidity, Rust, and adjacent codebases, with attention to correctness, exploitability, protocol invariants, and fix verification. Its protocol and architecture reviews are aimed at bridges, lending systems, custom execution environments, and protocol upgrades. The formal methods component includes invariants, executable specifications, property design, and targeted formal verification, making it suitable for scenarios where mathematical guarantees can materially reduce risk. Typical review areas also include core protocol logic, upgrade paths, bridge and messaging assumptions, accounting/rounding issues, Wasm, and non-EVM execution environments.
Ostendo is more like a small senior consulting team than a standardized security platform. The site does not mention SaaS, on-prem deployment, a console, alerts, reporting portals, or CI/CD integration. Its working style emphasizes hands-on, invariants-first, and engineering-heavy engagement: first understanding what the system must guarantee, then reviewing the code and architecture around those guarantees. This can be valuable for complex protocols, but it is not a fit for teams looking to buy automated scanning, continuous monitoring, or compliance dashboards.
The official website does not disclose pricing, payment methods, delivery timelines, SLAs, or compliance certifications. Availability is described as “Selective, by direct inquiry,” meaning teams need to contact them directly by email, and projects may not necessarily be accepted. The upside is the possibility of deep involvement from senior experts; the downside is that budget, scheduling, and delivery boundaries are not transparent at the early stage.
Its strengths lie in its focus on high-risk blockchain systems, with an emphasis on invariants, architectural assumptions, and formal verification. The founder’s public background also indicates experience related to Runtime Verification, Cantina/Spearbit, Devcon, and GitHub. The main weakness is that the company’s site is still at a very early stage, with few public case studies, sample audit reports, methodology details, or support-system descriptions. Ostendo is better suited to complex projects such as DeFi, bridges, protocol upgrades, and non-EVM execution environments. It is less suitable for teams that only need a low-cost, fast checklist-style audit or a standard enterprise security/compliance procurement.
The site does not provide information about network access from China, payment options, or local support, so accessibility from China is unknown. If domestic Chinese teams cannot communicate or pay smoothly, they can also evaluate other blockchain security audit and formal verification providers, choosing based on chain type, language stack, delivery window, and whether Chinese-language communication is required.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on ostendo.org official site.
ostendo.org is an Sweden Cybersecurity provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach ostendo.org directly.