Helping innovators. Protecting innovations.
Cossack Labs helps companies to efficiently and conveniently protect sensitive data in their products by providing developer tools, bespoke solutions and security consulting services.
Do not shackle your innovation with security challenges ever again.
Helping Ukraine. Protecting Ukrainians.
Cossack Labs stands with Ukraine and applies security engineering skills to protect the country. We assist Ukrainian companies in quickly understanding and correcting their security posture, especially if the company posture affects state or citizen security.
Solving security challenges
at scale that is right for you
#
From dev tools to bespoke solutions, from security control design to product security team for hire, we offer a wide gamut of ways to help you tackle security risks.
Helping across industries #
Typically we work with fintech, power grids, payment processors, healthcare companies, popular applications, AI/ML solutions. Whatever is the industry, we help those where data security is a hard requirement.
Fintech
Our products and solutions help modern financial institutions tackle data security for regulatory compliance and practical business risk mitigation.
Healthcare
Patient data is an important class of sensitive data that requires combining security and compliance with usability and interoperability in special ways.
Industrial / CNI
We help state-wide organisations and industrial companies protect sensitive data, telemetry and commands in constrained environments.
Blockchain
We help cryptocurrencies and surrounding ecosystem to do the ‘crypto' and ‘security' parts right from both practical and formal perspective.
SaaS
On overlap between compliance, cloud security standards and customer requirements, SaaS security strategies often require elegant, yet unique solutions.
Consumer apps
You manage sensitive data of millions of your users? We're experienced in protecting massively successful B2C products without slowing their pace.
Our operating principles #
Latest blogposts

RepoMetaScore: evaluating supply chain risks of open-source repositories
Releasing RepoMetaScore: a dependency checking tool that analyzes metadata of open-source project, including commit history and contributors’ background. RepoMetaScore calculates risk rating, makes supply chain risks visible and prevents weaponizing OSS.

Cossack Labs stands on guard for security of Ukrainian companies
Cossack Labs stands with Ukraine and offers free security assessment and engineering services for Ukrainian companies to improve country protection and resilience.

Security of React Native libraries: the bad, the worse and the ugly
How to select a secure React Native library for your app. Sort out improper platform usage, easy to misuse API, deprecated and abandoned libraries – check our research of the React Native ecosystem security.