CertiK, TÜBİTAK BİLGEM host security workshop in Turkey

CertiK and TÜBİTAK BİLGEM held an institutional security workshop in Turkey on June 5, 2026, convening regulators, banks and crypto asset service providers to review technical and regulatory requirements for licensed CASPs. The event focused on custody, key management, incident response and smart contract security for tokenized assets.

The workshop opened with remarks from Jason Jiang, CertiK’s chief business officer; Ünal Altinay, head of TÜBİTAK BİLGEM’s Blockchain Lab; and Oguz Kucukcelebi, head of safety and business development at Forcerta. Presentations and technical sessions ran throughout the day and were delivered by CertiK security engineers Peiyu Wang, Uzeyir Destan and Turgay Arda Usman.

Speakers reviewed Turkey’s CASP regulatory framework and its technical requirements for licensed providers. Regulators in attendance outlined specifications for hardware security modules, multi-party key management protocols and infrastructure hosting mandates. Altinay explained the regulatory hierarchy, citing primary legislation, Capital Markets Board communiqués, TÜBİTAK BİLGEM technical mandates and Financial Crimes Investigation Board obligations on AML/CFT and the Travel Rule.

CertiK’s sessions addressed current threats and practical controls. Peiyu Wang presented the 2026 Web3 threat landscape and noted that recorded exploits through May 2026 had nearly matched the total for 2025. Uzeyir Destan covered custody architecture, key management and incident response planning, using the WOO X and Kelp DAO incidents as case studies to illustrate operational failures and remediation steps. Turgay Arda Usman discussed common smart contract vulnerabilities affecting stablecoins and tokenized real-world assets and provided an auditor’s checklist for tokenized-asset infrastructure.

Jason Jiang described Turkey’s framework as among the most technically prescriptive globally and said the workshop sought to help institutions understand the regulatory requirements and the security risks they face. Organizers characterized the event as part of ongoing engagement with regulators and financial institutions in markets where digital asset rules are being implemented.

CertiK, founded in 2017 and headquartered in New York, provides Web3 security services including smart contract audits, formal verification, penetration testing and custody reviews. TÜBİTAK BİLGEM’s Blockchain Lab develops technical mandates and research to support Turkey’s regulatory framework for digital assets. Both organizations aimed to give attendees practical guidance for meeting regulatory standards and managing operational security risks in institutional settings.