Asymmetric Research: Lessons From the Top Web3 Security Firm w/ JC, CEO

Description

In this episode, Dirt sits down with Jonathan Claudius — founder of Asymmetric Research and former Jump Crypto and Mozilla security lead — to discuss how one of crypto’s most trusted security firms approaches incident response, long-term client partnerships, and the art of being “boring but brilliant.” From leading Mozilla’s offensive security team to tackling the Wormhole hack on day two of the job, Jonathan shares deep insights into Web3 security, policy design, and why humility, trust, and steady execution matter more than hype. ⏱ Timestamps 00:00 – Intro: Dirt welcomes Jonathan Claudius, CEO of Asymmetric Research 00:34 – Jonathan’s background: from TrustWave to Mozilla to Jump Crypto 03:20 – The Wormhole hack: what happened and what it taught the industry 05:25 – Lessons in resilience and why security is like a team sport 07:14 – Founding Asymmetric Research with Felix Wilhelm (Google Project Zero) 09:18 – Offense vs defense: balancing attack and protection in security 11:07 – Long-term partnerships vs one-off audits — a new security model 13:15 – Becoming a “core contributor” and embedding with clients 16:24 – “Boring is sexy” — why simplicity wins in security design 20:17 – Remote-first operations and global incident response culture 25:46 – Policy is power: practical advice for founders on security setup 28:29 – Confidentiality & trust — the stories they can’t tell 31:08 – Hiring for EQ and the “no-assholes” policy at Asymmetric Research 33:14 – Closing thoughts & reflections on building with trust