Helping innovators. Protecting innovations.
Cossack Labs helps companies to efficiently and conveniently protect sensitive data in their products by providing developer tools, bespoke solutions and security consulting services.
Do not shackle your innovation with security challenges ever again.
Enhancing Ukraine’s cyber resilience
Cossack Labs stands with Ukraine and applies security engineering skills to protect the country. We reflect on our ongoing efforts to strengthen Ukraine’s cyber resilience in critical national infrastructure, mission-critical systems, govtech solutions, unmanned robotic systems and many more.
Solving security challenges
at scale that is right for you
#
From dev tools to bespoke solutions, from security control design to product security team for hire, we offer a wide gamut of ways to help you tackle security risks.
Acra, a database security suite
Acra provides 9 security controls in one suite, pluggable as SQL proxy, API service or SDK in your architecture. Features include transparent field level encryption, searchable encryption, data masking, authentication, firewalling and many more.
Read moreAcra, a database security suite
Themis, a cross-platform crypto library
Themis provides an easy-to-use and hard-to-misuse encryption API for securing data at rest and in transit. Solves 90% of use cases for protecting data in mobile, web and server-side apps. Helps to integrate application level encryption fast and easy.
Read moreThemis, a cross-platform crypto library
Hermes, end-to-end secure data storage
A security framework for end-to-end encrypted data flow. Hermes provides cryptographically protected data processing and data collaborating without the need to re-encrypt an excessive amount of data.
Read moreHermes, end-to-end secure data storage
Custom data security solutions
One size doesn't fit all: we build customised data security solutions that may or may not utilize our IP: from greenfield to "just add application level encryption".
Read moreCustom data security solutions
Mobile & web application security
We design, implement and verify end-to-end encryption & key management flows for applications. According to needs, the solution may also include typical security measures, reverse engineering protection and security layers for complex use cases.
Read moreMobile & web application security
End-to-end encryption solutions
We design and implement end-to-end encrypted layers: endpoint cryptography, operations on encrypted data, integration of key management processes and ensuring consistent product experience.
Read moreEnd-to-end encryption solutions
Transparent, auditable systems
Building trust is as crucial as protecting the data. We've built a number of custom cryptographically provable audit log systems that enable qualified auditors or empowered 3rd parties to validate system's behaviour.
Read moreTransparent, auditable systemsHermes, end-to-end secure data storage
A security framework for end-to-end encrypted data flow. Hermes provides cryptographically protected data processing and data collaborating without the need to re-encrypt an excessive amount of data.
Read moreHermes, end-to-end secure data storage
Product security & SSDLC
The most sustainable way to ensure software security is to make it an integral part of the ongoing development process. We lead engineers to pragmatic security and "shifting security left".
Read moreProduct security & SSDLC
Security engineering & architecture
Our engineers fill your team skill gaps wherever necessary — in designing, planning, implementing, or verifying security components of your solution, ensuring its good performance, usability, and reliability.
Read moreSecurity engineering & architecture
Applied cryptography engineering
Rolling your own crypto is a sin unless you're a cryptographer. Luckly, we are :) Our core competence is designing and implementing cryptography-based components, protocols, and systems.
Read moreApplied cryptography engineering
Mobile application security
Mobile app security means building protections that don't ruin UX, but mitigate platform-specific risks & threats, and align app security with backend security. Making React Native app secure or building end-to-end encryption flow? Bring 'em on!
Read moreMobile application security
Defining security strategy
It's tricky to correlate security matters to your product growth plan when you're aspiring for a product business. We can cover this gap, ensuring that whatever you're building is resilient against the risks you're facing.
Read moreDefining security strategy
Security advisory and risk management
We assist C-level managers in defining cybersecurity goals and choosing efficient strategies for achieving them. We provide risk assessment, strategic and tactical advice in line with pragmatic security and compliance demands.
Read moreSecurity advisory and risk management
Security engineering oversight
If you are building a security-critical system, we can act as your product security team. We provide constant oversight over features, match them to risks, and assist your engineers with implementing security-related features.
Read moreSecurity engineering oversight
Privacy compliance
We translate the language of compliance requirements to your business and technological stack. We guide you towards the right balance between security, cost, and operational trade-offs.
Read morePrivacy compliance
AI/ML security
We assist innovative AI/ML-driven startups in protecting sensitive parts of their TensorFlow models and ML pipelines.
Read moreAI/ML security
Differential privacy
We assist adtech networks to build cryptographically-proven public accountability systems (differential privacy) based on anonymisation with protection against inference attacks.
Read moreDifferential privacy
zk-SNARKs and transactions privacy
We assist mature high-assurance blockchain companies who deal with identity management with research work and applied cryptography engineering.
Read morezk-SNARKs and transactions privacy
Custom solutions
Many of the projects we're most excited about are targeting particular needs that don't fit into any typical description. We love unique challenges. If you have something that is outside of this capability navigator, we're eager to talk.
Read moreCustom solutions
Helping across industries #
Typically we work with fintech, power grids, payment processors, healthcare companies, popular applications, AI/ML solutions. Whatever is the industry, we help those where data security is a hard requirement.
FSA / Fintech
Healthcare
Industrial / CNI
Blockchain
SaaS
Consumer apps
Proudly supporting innovators in their journeys #
![Building security for M&A solutions: 5-years of SSDLC]()
![Building security for M&A solutions: 5-years of SSDLC]()
Building security for M&A solutions: 5-years of SSDLC
Long-term cooperation with the [REDACTED] company resulted in refined security practices that matched the evolution of their B2B platform. We enabled transition from reactive "firefighting" to a proactive security posture, while simplifying security processes and building security defences.
![Product security for one of the biggest African banks]()
![Product security for one of the biggest African banks]()
Product security for one of the biggest African banks
When a bank launches an entirely new banking application, it necessitates a thorough mobile security assessment, diligent efforts to ensure financial transaction security and tailored fraud prevention measures.
![Xaman wallet security assurance and improvements]()
![Xaman wallet security assurance and improvements]()
Xaman wallet security assurance and improvements
Conducting a comprehensive security assessment of the Xaman app to ensure the robust protection of key materials, maintain cryptographic soundness, enhance application security.
![Securing an ecosystem of edge ML devices]()
![Securing an ecosystem of edge ML devices]()
Securing an ecosystem of edge ML devices
Designing and implementing security of specialised IIoT devices that run ML. Data protection, ML models protection, secure communication, fleet management, and anti-reverse engineering.
![Protecting telemetry data of power grids]()
![Protecting telemetry data of power grids]()
Protecting telemetry data of power grids
Protecting data signals transmitted over the air between power distribution stations and central dispatch system.
![Quick migration to field level encryption of governmental data]()
![Quick migration to field level encryption of governmental data]()
Quick migration to field level encryption of governmental data
Integrating encryption and data masking for sensitive data stored in MySQL cluster. A combination of transparent SQL encryption via AcraServer and encryption API via AcraTranslator makes Acra fit for complex solutions.
About Cossack Labs
At Cossack Labs, we build security solutions to protect sensitive data in customers'
products and infrastructures. We help ambitious companies innovate securely: innovate
while preserving user privacy, innovate in peace of mind that their innovation is protected.
Contact us
There are many ways we can help: with our products, bespoke solutions, and engineering services. Leave your contact information to connect with our team:
Latest blogposts
SBOM from the security perspective
Despite being a potential approach for enhancing software supply chain security, SBOM’s own flaws and complexities in implementation may be holding back its goal to improve software tran...
Protecting ML models running on edge devices and mobile apps
Machine Learning models are a significant investment in competitive advantage; thus, companies are willing to walk the extra mile to protect them. ML model security is even more critical...
Cossack Labs Mobile Security Score framework for mobile AppSec
Cossack Labs Mobile Security Score (CL MSS) is security framework for mobile applications. It focuses on risk-based requirements, continuous risk management, and measurable progress for ...