Matomo

Encryption and data protection for your apps | Cossack Labs

🇺🇦 We stand with Ukraine, and we stand for Ukraine. We offer free assessment and mitigation services to improve Ukrainian companies security resilience.

Helping innovators. Protecting innovations.

Cossack Labs helps companies to efficiently and conveniently protect sensitive data in their products by providing developer tools, bespoke solutions and security consulting services.

Do not shackle your innovation with security challenges ever again.

Helping Ukraine. Protecting Ukrainians.

Cossack Labs stands with Ukraine and applies security engineering skills to protect the country. We assist Ukrainian companies in quickly understanding and correcting their security posture, especially if the company posture affects state or citizen security.

Solving security challenges at scale that is right for you #

From dev tools to bespoke solutions, from security control design to product security team for hire, we offer a wide gamut of ways to help you tackle security risks.

  • Acra, <span class="font-normal">a database security suite</span>

    Acra, a database security suite

    Acra provides 9 security controls in one suite, pluggable as SQL proxy, API service or SDK in your architecture. Features include transparent field level encryption, searchable encryption, data masking, authentication, firewalling and many more.

    Read more
    Themis, <span class="font-normal">a cross-platform crypto library</span>

    Themis, a cross-platform crypto library

    Themis provides an easy-to-use and hard-to-misuse encryption API for securing data at rest and in transit. Solves 90% of use cases for protecting data in mobile, web and server-side apps. Helps to integrate application level encryption fast and easy.

    Read more
    Hermes, <span class="font-normal">end-to-end secure data storage</span>

    Hermes, end-to-end secure data storage

    A security framework for end-to-end encrypted data flow. Hermes provides cryptographically protected data processing and data collaborating without the need to re-encrypt an excessive amount of data.

    Read more
    Custom data security solutions

    Custom data security solutions

    One size doesn't fit all: we build customised data security solutions that may or may not utilize our IP: from greenfield to "just add application level encryption".

    Read more
  • Mobile & web application security

    Mobile & web application security

    We design, implement and verify end-to-end encryption & key management flows for applications. According to needs, the solution may also include typical security measures, reverse engineering protection and security layers for complex use cases.

    Read more
    End-to-end encryption solutions

    End-to-end encryption solutions

    We design and implement end-to-end encrypted layers: endpoint cryptography, operations on encrypted data, integration of key management processes and ensuring consistent product experience.

    Read more
    Transparent, auditable systems

    Transparent, auditable systems

    Building trust is as crucial as protecting the data. We've built a number of custom cryptographically provable audit log systems that enable qualified auditors or empowered 3rd parties to validate system's behaviour.

    Read more
    Hermes, <span class="font-normal">end-to-end secure data storage</span>

    Hermes, end-to-end secure data storage

    A security framework for end-to-end encrypted data flow. Hermes provides cryptographically protected data processing and data collaborating without the need to re-encrypt an excessive amount of data.

    Read more
  • Product security & SSDLC

    Product security & SSDLC

    The most sustainable way to ensure software security is to make it an integral part of the ongoing development process. We lead engineers to pragmatic security and "shifting security left".

    Read more
    Security engineering & architecture

    Security engineering & architecture

    Our engineers fill your team skill gaps wherever necessary — in designing, planning, implementing, or verifying security components of your solution, ensuring its good performance, usability, and reliability.

    Read more
    Applied cryptography engineering

    Applied cryptography engineering

    Rolling your own crypto is a sin unless you're a cryptographer. Luckly, we are :) Our core competence is designing and implementing cryptography-based components, protocols, and systems.

    Read more
    Mobile application security

    Mobile application security

    Mobile app security means building protections that don't ruin UX, but mitigate platform-specific risks & threats, and align app security with backend security. Making React Native app secure or building end-to-end encryption flow? Bring 'em on!

    Read more
  • Defining security strategy

    Defining security strategy

    It's tricky to correlate security matters to your product growth plan when you're aspiring for a product business. We can cover this gap, ensuring that whatever you're building is resilient against the risks you're facing.

    Read more
    Security advisory and risk management

    Security advisory and risk management

    We assist C-level managers in defining cybersecurity goals and choosing efficient strategies for achieving them. We provide risk assessment, strategic and tactical advice in line with pragmatic security and compliance demands.

    Read more
    Security engineering oversight

    Security engineering oversight

    If you are building a security-critical system, we can act as your product security team. We provide constant oversight over features, match them to risks, and assist your engineers with implementing security-related features.

    Read more
    Privacy compliance

    Privacy compliance

    We translate the language of compliance requirements to your business and technological stack. We guide you towards the right balance between security, cost, and operational trade-offs.

    Read more
  • AI/ML security

    AI/ML security

    We assist innovative AI/ML-driven startups in protecting sensitive parts of their TensorFlow models and ML pipelines.

    Read more
    Differential privacy

    Differential privacy

    We assist adtech networks to build cryptographically-proven public accountability systems (differential privacy) based on anonymisation with protection against inference attacks.

    Read more
    zk-SNARKs and transactions privacy

    zk-SNARKs and transactions privacy

    We assist mature high-assurance blockchain companies who deal with identity management with research work and applied cryptography engineering.

    Read more
    Custom solutions

    Custom solutions

    Many of the projects we're most excited about are targeting particular needs that don't fit into any typical description. We love unique challenges. If you have something that is outside of this capability navigator, we're eager to talk.

    Read more

Proudly supporting innovators in their journeys #

    About Cossack Labs

    At Cossack Labs, we build security solutions to protect sensitive data in customers' products and infrastructures. We help ambitious companies innovate securely: innovate while preserving user privacy, innovate in peace of mind that their innovation is protected.

    Contact us

    There are many ways we can help: with our products, bespoke solutions, and engineering services. Leave your contact information to connect with our team:

    Contact us

    Get whitepaper

    Thank you!
    We’ve received your request and will respond soon.