security-alliance
diff --git a/‎docs/pages/intro/overview-of-each-framework.mdx‎
Lines changed: 101 additions & 117 deletions b/‎docs/pages/intro/overview-of-each-framework.mdx‎
Lines changed: 101 additions & 117 deletions
@@ -23,13 +23,12 @@ import { TagList, AttributionList, TagProvider, TagFilter, ContributeFooter, Dev
 This document provides an overview of the various frameworks covered in the Security Frameworks by SEAL. Each framework
 addresses a specific aspect of Web3 security, providing best practices and guidelines to help secure your projects.
 
-## Community Management
+## AI Security
 
-This framework explores best practices for securing and managing online communities associated with Web3 projects,
-covering platforms like Discord, Twitter, Telegram, and Google. It focuses on establishing secure communication channels
-and community guidelines.
+This framework covers emerging AI-native security risks and controls, including prompt injection defenses, runtime
+execution-path enforcement, and sandboxing strategies for agentic systems.
 
-[Go to the Community Management framework →](/community-management/overview)
+[Explore the AI Security framework →](/ai-security/overview)
 
 ## Awareness
 
@@ -38,63 +37,53 @@ understanding threat vectors, cultivating a security-aware mindset, and staying
 
 [Read more about the Awareness framework →](/awareness/overview)
 
-## Operational Security (OpSec)
-
-This comprehensive framework addresses day-to-day security practices for Web3 teams, covering fundamentals, governance,
-risk management, control domains, lifecycle management, monitoring, incident response, and continuous improvement.
-
-[Explore the OpSec framework →](/opsec/overview)
-
-## Wallet Security
+## Community Management
 
-This section delves into the crucial aspect of managing cryptographic keys in Web3 projects, discussing various wallet
-types (cold vs hot, custodial vs non-custodial), hardware wallets, signing schemes, and software wallets.
+This framework explores best practices for securing and managing online communities associated with Web3 projects,
+covering platforms like Discord, Twitter, Telegram, and Google. It focuses on establishing secure communication channels
+and community guidelines.
 
-[Go to the Wallet Security framework →](/wallet-security/overview)
+[Go to the Community Management framework →](/community-management/overview)
 
-## Multisig for Protocols
+## DevSecOps
 
-This comprehensive framework provides security guidelines for managing multisig wallets in protocols, covering
-planning and classification, setup and configuration, signer onboarding, hardware wallet setup, transaction
-verification, emergency procedures, and incident reporting.
+This framework focuses on integrating security practices into the development and operations processes, covering code
+signing, CI/CD, IDE security, repository hardening, and security testing.
 
-[Read more about the Multisig for Protocols framework →](/multisig-for-protocols/overview)
+[Explore the DevSecOps framework →](/devsecops/overview)
 
-## External Security Reviews
+## Insider Threats (DPRK IT Workers)
 
-This framework provides guidance on conducting and preparing for external security audits and reviews, including setting
-expectations, preparation, security policies, and vendor selection.
+This framework addresses the organizational and personal risks related to insider threats, most commonly associated with
+North Korean hacker-freelancers. It covers identifying, recognizing, and mitigating risks from insider threat actors,
+including hardening hiring processes and organizational defenses.
 
-[Explore the External Security Reviews framework →](/external-security-reviews/overview)
+[Go to the DPRK IT Workers framework →](/dprk-it-workers/overview)
 
 <DevOnly>
 
-## Vulnerability Disclosure
+## Encryption
 
-This section discusses best practices for handling and disclosing vulnerabilities in Web3 projects, including
-establishing security contacts and managing bug bounty programs.
+This comprehensive section covers various encryption methods and their applications in protecting data, including cloud
+data encryption, communication encryption, database encryption, and various types of storage encryption.
 
-[Go to the Vulnerability Disclosure framework →](/vulnerability-disclosure/overview)
+[Explore the Encryption framework →](/encryption/overview)
 
 </DevOnly>
 
-## Infrastructure
-
-This section covers the fundamental aspects of securing the underlying infrastructure of Web3 projects, including asset
-inventory, cloud infrastructure, DDoS protection, DNS security, IAM, network security, and zero-trust principles.
-
-[Read more about the Infrastructure framework →](/infrastructure/overview)
+## ENS
 
-<DevOnly>
+This section covers Ethereum Name Service security considerations, including data integrity, cross-chain compatibility,
+smart contract integration, interface compliance, and name handling.
 
-## Monitoring
+[Go to the ENS framework →](/ens/overview)
 
-This framework discusses the importance of continuous monitoring in Web3 projects, focusing on setting up effective
-monitoring systems and defining appropriate thresholds for alerts.
+## External Security Reviews
 
-[Explore the Monitoring framework →](/monitoring/overview)
+This framework provides guidance on conducting and preparing for external security audits and reviews, including setting
+expectations, preparation, security policies, and vendor selection.
 
-</DevOnly>
+[Explore the External Security Reviews framework →](/external-security-reviews/overview)
 
 <DevOnly>
 
@@ -107,32 +96,6 @@ web and mobile application security, common vulnerabilities, and security tools.
 
 </DevOnly>
 
-## Incident Management
-
-This section outlines protocols for handling security incidents, including communication strategies, detection and
-response procedures, lessons learned, and playbooks, including specific guidelines for SEAL 911 War Room.
-
-[Read more about the Incident Management framework →](/incident-management/overview)
-
-<DevOnly>
-
-## Threat Modeling
-
-This framework provides guidance on creating and maintaining threat models, as well as identifying and mitigating
-potential threats to Web3 projects.
-
-[Explore the Threat Modeling framework →](/threat-modeling/overview)
-
-</DevOnly>
-
-## Insider Threats (DPRK IT Workers)
-
-This framework addresses the organizational and personal risks related to insider threats, most commonly associated with
-North Korean hacker-freelancers. It covers identifying, recognizing, and mitigating risks from insider threat actors,
-including hardening hiring processes and organizational defenses.
-
-[Go to the DPRK IT Workers framework →](/dprk-it-workers/overview)
-
 <DevOnly>
 
 ## Governance
@@ -146,60 +109,69 @@ establishing accountability, compliance with regulatory requirements, risk manag
 
 <DevOnly>
 
-## DevSecOps
+## Identity and Access Management (IAM)
 
-This framework focuses on integrating security practices into the development and operations processes, covering code
-signing, CI/CD, IDE security, repository hardening, and security testing.
+This framework covers best practices for managing user identities and access control in Web3 projects, including
+role-based access control and secure authentication.
 
-[Explore the DevSecOps framework →](/devsecops/overview)
+[Go to the IAM framework →](/iam/overview)
 
 </DevOnly>
 
-<DevOnly>
+## Incident Management
 
-## Privacy
+This section outlines protocols for handling security incidents, including communication strategies, detection and
+response procedures, lessons learned, and playbooks, including specific guidelines for SEAL 911 War Room.
 
-This section explores tools and practices for maintaining privacy in the Web3 ecosystem, including secure browsing, data
-removal, digital footprint management, encrypted communication, and privacy-focused operating systems.
+[Read more about the Incident Management framework →](/incident-management/overview)
 
-[Go to the Privacy framework →](/privacy/overview)
+## Infrastructure
 
-</DevOnly>
+This section covers the fundamental aspects of securing the underlying infrastructure of Web3 projects, including asset
+inventory, cloud infrastructure, DDoS protection, DNS security, IAM, network security, and zero-trust principles.
 
-<DevOnly>
+[Read more about the Infrastructure framework →](/infrastructure/overview)
 
-## Supply Chain
+## Monitoring
 
-This framework addresses the security implications of dependencies and third-party components in Web3 projects,
-including dependency awareness and supply chain levels for software artifacts.
+This framework discusses the importance of continuous monitoring in Web3 projects, focusing on setting up effective
+monitoring systems and defining appropriate thresholds for alerts.
 
-[Read more about the Supply Chain framework →](/supply-chain/overview)
+[Explore the Monitoring framework →](/monitoring/overview)
 
-</DevOnly>
+## Multisig for Protocols
 
-<DevOnly>
+This comprehensive framework provides security guidelines for managing multisig wallets in protocols, covering
+planning and classification, setup and configuration, signer onboarding, hardware wallet setup, transaction
+verification, emergency procedures, and incident reporting.
 
-## Security Automation
+[Read more about the Multisig for Protocols framework →](/multisig-for-protocols/overview)
 
-This framework focuses on using technology to perform security tasks with minimal human intervention, covering
-compliance checks, infrastructure as code, and threat detection and response to improve efficiency and reduce human
-error.
+## Operational Security (OpSec)
 
-[Explore the Security Automation framework →](/security-automation/overview)
+This comprehensive framework addresses day-to-day security practices for Web3 teams, covering fundamentals, governance,
+risk management, control domains, lifecycle management, monitoring, incident response, and continuous improvement.
 
-</DevOnly>
+[Explore the OpSec framework →](/opsec/overview)
 
 <DevOnly>
 
-## Identity and Access Management (IAM)
+## Privacy
 
-This framework covers best practices for managing user identities and access control in Web3 projects, including
-role-based access control and secure authentication.
+This section explores tools and practices for maintaining privacy in the Web3 ecosystem, including secure browsing, data
+removal, digital footprint management, encrypted communication, and privacy-focused operating systems.
 
-[Go to the IAM framework →](/iam/overview)
+[Go to the Privacy framework →](/privacy/overview)
 
 </DevOnly>
 
+## Safe Harbor
+
+This framework provides guidance on establishing safe harbor protocols for security researchers, including key terms,
+protocols, technical outlines, and whitehat guidelines.
+
+[Read more about the Safe Harbor framework →](/safe-harbor/overview)
+
 <DevOnly>
 
 ## Secure Software Development
@@ -211,46 +183,40 @@ coding standards, code reviews, and secure design principles.
 
 </DevOnly>
 
-## Security Testing
-
-This framework explores various methods of testing Web3 projects for security vulnerabilities, including dynamic and
-static application security testing, fuzz testing, and security regression testing.
-
-[Explore the Security Testing framework →](/security-testing/overview)
-
 <DevOnly>
 
-## AI Security
+## Security Automation
 
-This framework covers emerging AI-native security risks and controls, including prompt injection defenses, runtime
-execution-path enforcement, and sandboxing strategies for agentic systems.
+This framework focuses on using technology to perform security tasks with minimal human intervention, covering
+compliance checks, infrastructure as code, and threat detection and response to improve efficiency and reduce human
+error.
 
-[Explore the AI Security framework →](/ai-security/overview)
+[Explore the Security Automation framework →](/security-automation/overview)
 
 </DevOnly>
 
-## ENS
+## Security Testing
 
-This section covers Ethereum Name Service security considerations, including data integrity, cross-chain compatibility,
-smart contract integration, interface compliance, and name handling.
+This framework explores various methods of testing Web3 projects for security vulnerabilities, including dynamic and
+static application security testing, fuzz testing, and security regression testing.
 
-[Go to the ENS framework →](/ens/overview)
+[Explore the Security Testing framework →](/security-testing/overview)
 
-## Safe Harbor
+## Supply Chain
 
-This framework provides guidance on establishing safe harbor protocols for security researchers, including key terms,
-protocols, technical outlines, and whitehat guidelines.
+This framework addresses the security implications of dependencies and third-party components in Web3 projects,
+including dependency awareness and supply chain levels for software artifacts.
 
-[Read more about the Safe Harbor framework →](/safe-harbor/overview)
+[Read more about the Supply Chain framework →](/supply-chain/overview)
 
 <DevOnly>
 
-## Encryption
+## Threat Modeling
 
-This comprehensive section covers various encryption methods and their applications in protecting data, including cloud
-data encryption, communication encryption, database encryption, and various types of storage encryption.
+This framework provides guidance on creating and maintaining threat models, as well as identifying and mitigating
+potential threats to Web3 projects.
 
-[Explore the Encryption framework →](/encryption/overview)
+[Explore the Threat Modeling framework →](/threat-modeling/overview)
 
 </DevOnly>
 
@@ -266,6 +232,24 @@ transaction verification protocols.
 
 </DevOnly>
 
+<DevOnly>
+
+## Vulnerability Disclosure
+
+This section discusses best practices for handling and disclosing vulnerabilities in Web3 projects, including
+establishing security contacts and managing bug bounty programs.
+
+[Go to the Vulnerability Disclosure framework →](/vulnerability-disclosure/overview)
+
+</DevOnly>
+
+## Wallet Security
+
+This section delves into the crucial aspect of managing cryptographic keys in Web3 projects, discussing various wallet
+types (cold vs hot, custodial vs non-custodial), hardware wallets, signing schemes, and software wallets.
+
+[Go to the Wallet Security framework →](/wallet-security/overview)
+
 ## SEAL Certifications
 
 This framework provides a certification system developed by SEAL with standardized guidelines and evaluation criteria