Helping innovators. Protecting innovations.
Cossack Labs helps companies to efficiently and conveniently protect sensitive data in their products by providing developer tools, bespoke solutions and security consulting services.
Do not shackle your innovation with security challenges ever again.
Helping Ukraine. Protecting Ukrainians.
Cossack Labs stands with Ukraine and applies security engineering skills to protect the country. We assist Ukrainian companies in quickly understanding and correcting their security posture, especially if the company posture affects state or citizen security.
Solving security challenges
at scale that is right for you
#
From dev tools to bespoke solutions, from security control design to product security team for hire, we offer a wide gamut of ways to help you tackle security risks.
-
Acra, a database security suite
Acra provides 9 security controls in one suite, pluggable as SQL proxy, API service or SDK in your architecture. Features include transparent field level encryption, searchable encryption, data masking, authentication, firewalling and many more.
Read moreAcra, a database security suite
Themis, a cross-platform crypto library
Themis provides an easy-to-use and hard-to-misuse encryption API for securing data at rest and in transit. Solves 90% of use cases for protecting data in mobile, web and server-side apps. Helps to integrate application level encryption fast and easy.
Read moreThemis, a cross-platform crypto library
Hermes, end-to-end secure data storage
A security framework for end-to-end encrypted data flow. Hermes provides cryptographically protected data processing and data collaborating without the need to re-encrypt an excessive amount of data.
Read moreHermes, end-to-end secure data storage
Custom data security solutions
One size doesn't fit all: we build customised data security solutions that may or may not utilize our IP: from greenfield to "just add application level encryption".
Read moreCustom data security solutions -
Mobile & web application security
We design, implement and verify end-to-end encryption & key management flows for applications. According to needs, the solution may also include typical security measures, reverse engineering protection and security layers for complex use cases.
Read moreMobile & web application security
End-to-end encryption solutions
We design and implement end-to-end encrypted layers: endpoint cryptography, operations on encrypted data, integration of key management processes and ensuring consistent product experience.
Read moreEnd-to-end encryption solutions
Transparent, auditable systems
Building trust is as crucial as protecting the data. We've built a number of custom cryptographically provable audit log systems that enable qualified auditors or empowered 3rd parties to validate system's behaviour.
Read moreTransparent, auditable systems
Hermes, end-to-end secure data storage
A security framework for end-to-end encrypted data flow. Hermes provides cryptographically protected data processing and data collaborating without the need to re-encrypt an excessive amount of data.
Read moreHermes, end-to-end secure data storage -
Product security & SSDLC
The most sustainable way to ensure software security is to make it an integral part of the ongoing development process. We lead engineers to pragmatic security and "shifting security left".
Read moreProduct security & SSDLC
Security engineering & architecture
Our engineers fill your team skill gaps wherever necessary — in designing, planning, implementing, or verifying security components of your solution, ensuring its good performance, usability, and reliability.
Read moreSecurity engineering & architecture
Applied cryptography engineering
Rolling your own crypto is a sin unless you're a cryptographer. Luckly, we are :) Our core competence is designing and implementing cryptography-based components, protocols, and systems.
Read moreApplied cryptography engineering
Mobile application security
Mobile app security means building protections that don't ruin UX, but mitigate platform-specific risks & threats, and align app security with backend security. Making React Native app secure or building end-to-end encryption flow? Bring 'em on!
Read moreMobile application security -
Defining security strategy
It's tricky to correlate security matters to your product growth plan when you're aspiring for a product business. We can cover this gap, ensuring that whatever you're building is resilient against the risks you're facing.
Read moreDefining security strategy
Security advisory and risk management
We assist C-level managers in defining cybersecurity goals and choosing efficient strategies for achieving them. We provide risk assessment, strategic and tactical advice in line with pragmatic security and compliance demands.
Read moreSecurity advisory and risk management
Security engineering oversight
If you are building a security-critical system, we can act as your product security team. We provide constant oversight over features, match them to risks, and assist your engineers with implementing security-related features.
Read moreSecurity engineering oversight
Privacy compliance
We translate the language of compliance requirements to your business and technological stack. We guide you towards the right balance between security, cost, and operational trade-offs.
Read morePrivacy compliance -
AI/ML security
We assist innovative AI/ML-driven startups in protecting sensitive parts of their TensorFlow models and ML pipelines.
Read moreAI/ML security
Differential privacy
We assist adtech networks to build cryptographically-proven public accountability systems (differential privacy) based on anonymisation with protection against inference attacks.
Read moreDifferential privacy
zk-SNARKs and transactions privacy
We assist mature high-assurance blockchain companies who deal with identity management with research work and applied cryptography engineering.
Read morezk-SNARKs and transactions privacy
Custom solutions
Many of the projects we're most excited about are targeting particular needs that don't fit into any typical description. We love unique challenges. If you have something that is outside of this capability navigator, we're eager to talk.
Read moreCustom solutions
Helping across industries #
Typically we work with fintech, power grids, payment processors, healthcare companies, popular applications, AI/ML solutions. Whatever is the industry, we help those where data security is a hard requirement.
FSA / Fintech
Healthcare
Industrial / CNI
Blockchain
SaaS
Consumer apps
Proudly supporting innovators in their journeys #
-
![Product security for one of the biggest African banks]()
![Product security for one of the biggest African banks]()
Product security for one of the biggest African banks
When a bank launches an entirely new banking application, it necessitates a thorough mobile security assessment, diligent efforts to ensure financial transaction security and tailored fraud prevention measures.
-
![Xumm wallet security assurance and improvements]()
![Xumm wallet security assurance and improvements]()
Xumm wallet security assurance and improvements
Conducting a comprehensive security assessment of the Xumm app to ensure the robust protection of key materials, maintain cryptographic soundness, enhance application security.
-
![Securing an ecosystem of edge ML devices]()
![Securing an ecosystem of edge ML devices]()
Securing an ecosystem of edge ML devices
Designing and implementing security of specialised IIoT devices that run ML. Data protection, ML models protection, secure communication, fleet management, and anti-reverse engineering.
-
![Protecting telemetry data of power grids]()
![Protecting telemetry data of power grids]()
Protecting telemetry data of power grids
Protecting data signals transmitted over the air between power distribution stations and central dispatch system.
-
![Quick migration to field level encryption of governmental data]()
![Quick migration to field level encryption of governmental data]()
Quick migration to field level encryption of governmental data
Integrating encryption and data masking for sensitive data stored in MySQL cluster. A combination of transparent SQL encryption via AcraServer and encryption API via AcraTranslator makes Acra fit for complex solutions.
-
![Building a secure data vault for PII protection]()
![Building a secure data vault for PII protection]()
Building a secure data vault for PII protection
Building a cryptographically secure vault for storing and processing PII that prevents developers from getting access to the plaintext data fields, shares anonymised data with BI teams, and provides sufficient performance for OLAP queries.
About Cossack Labs
At Cossack Labs, we build security solutions to protect sensitive data in customers'
products and infrastructures. We help ambitious companies innovate securely: innovate
while preserving user privacy, innovate in peace of mind that their innovation is protected.
Contact us
There are many ways we can help: with our products, bespoke solutions, and engineering services. Leave your contact information to connect with our team:
Latest blogposts
Digital payment security: Architecture guide
Building secure digital wallets is a challenge when it comes to balancing between convenience and security. How can we build secure payment solutions that meet the needs of fintech users...
How to prevent digital wallet fraud
Understanding digital wallet fraud is critical for designing and integrating an effective anti-fraud solution. Read about security events, risk models, remote device attestation, user au...
Exploring security vulnerabilities in NFC digital wallets
NFC-based devices, such as mobile digital wallets, contactless smart cards, and security keys (hardware authentication devices), are exposing users to NFC vulnerabilities in encryption, ...