Helping innovators. Protecting innovations.
Cossack Labs helps companies to efficiently and conveniently protect sensitive data in their products by providing developer tools, bespoke solutions and security consulting services.
Do not shackle your innovation with security challenges ever again.
Helping Ukraine. Protecting Ukrainians.
Cossack Labs stands with Ukraine and applies security engineering skills to protect the country. We assist Ukrainian companies in quickly understanding and correcting their security posture, especially if the company posture affects state or citizen security.
Solving security challenges
at scale that is right for you
#
From dev tools to bespoke solutions, from security control design to product security team for hire, we offer a wide gamut of ways to help you tackle security risks.
-
Acra, a database security suite
Acra provides 9 security controls in one suite, pluggable as SQL proxy, API service or SDK in your architecture. Features include transparent field level encryption, searchable encryption, data masking, authentication, firewalling and many more.
Read more
Themis, a cross-platform crypto library
Themis provides an easy-to-use and hard-to-misuse encryption API for securing data at rest and in transit. Solves 90% of use cases for protecting data in mobile, web and server-side apps. Helps to integrate application level encryption fast and easy.
Read more
Hermes, end-to-end secure data storage
A security framework for end-to-end encrypted data flow. Hermes provides cryptographically protected data processing and data collaborating without the need to re-encrypt an excessive amount of data.
Read more
Custom data security solutions
One size doesn't fit all: we build customised data security solutions that may or may not utilize our IP: from greenfield to "just add application level encryption".
Read more -
Mobile & web application security
We design, implement and verify end-to-end encryption & key management flows for applications. According to needs, the solution may also include typical security measures, reverse engineering protection and security layers for complex use cases.
Read more
End-to-end encryption solutions
We design and implement end-to-end encrypted layers: endpoint cryptography, operations on encrypted data, integration of key management processes and ensuring consistent product experience.
Read more
Transparent, auditable systems
Building trust is as crucial as protecting the data. We've built a number of custom cryptographically provable audit log systems that enable qualified auditors or empowered 3rd parties to validate system's behaviour.
Read more
Hermes, end-to-end secure data storage
A security framework for end-to-end encrypted data flow. Hermes provides cryptographically protected data processing and data collaborating without the need to re-encrypt an excessive amount of data.
Read more -
Product security & SSDLC
The most sustainable way to ensure software security is to make it an integral part of the ongoing development process. We lead engineers to pragmatic security and "shifting security left".
Read more
Security engineering & architecture
Our engineers fill your team skill gaps wherever necessary — in designing, planning, implementing, or verifying security components of your solution, ensuring its good performance, usability, and reliability.
Read more
Applied cryptography engineering
Rolling your own crypto is a sin unless you're a cryptographer. Luckly, we are :) Our core competence is designing and implementing cryptography-based components, protocols, and systems.
Read more
Mobile application security
Mobile app security means building protections that don't ruin UX, but mitigate platform-specific risks & threats, and align app security with backend security. Making React Native app secure or building end-to-end encryption flow? Bring 'em on!
Read more -
Defining security strategy
It's tricky to correlate security matters to your product growth plan when you're aspiring for a product business. We can cover this gap, ensuring that whatever you're building is resilient against the risks you're facing.
Read more
Security advisory and risk management
We assist C-level managers in defining cybersecurity goals and choosing efficient strategies for achieving them. We provide risk assessment, strategic and tactical advice in line with pragmatic security and compliance demands.
Read more
Security engineering oversight
If you are building a security-critical system, we can act as your product security team. We provide constant oversight over features, match them to risks, and assist your engineers with implementing security-related features.
Read more
Privacy compliance
We translate the language of compliance requirements to your business and technological stack. We guide you towards the right balance between security, cost, and operational trade-offs.
Read more -
AI/ML security
We assist innovative AI/ML-driven startups in protecting sensitive parts of their TensorFlow models and ML pipelines.
Read more
Differential privacy
We assist adtech networks to build cryptographically-proven public accountability systems (differential privacy) based on anonymisation with protection against inference attacks.
Read more
zk-SNARKs and transactions privacy
We assist mature high-assurance blockchain companies who deal with identity management with research work and applied cryptography engineering.
Read more
Custom solutions
Many of the projects we're most excited about are targeting particular needs that don't fit into any typical description. We love unique challenges. If you have something that is outside of this capability navigator, we're eager to talk.
Read more
Helping across industries #
Typically we work with fintech, power grids, payment processors, healthcare companies, popular applications, AI/ML solutions. Whatever is the industry, we help those where data security is a hard requirement.
Fintech
Healthcare
Industrial / CNI
Blockchain
SaaS
Consumer apps
Proudly supporting innovators in their journeys #
-
Smart contracts security and consistency
Analysing, verifying, and improving Allbridge's cross-chain bridge: smart contracts security audit, transaction flow analysis, gas consumption optimisation, mitigating risks of abuse and misuse.
-
Securing an ecosystem of edge ML devices
Designing and implementing security of specialised IIoT devices that run ML. Data protection, ML models protection, secure communication, fleet management, and anti-reverse engineering.
-
Crypto wallet security assessment for Temple Wallet
Armoring the non-custodial wallet for the Tezos blockchain: improving cryptography, adding platform-specific security controls, preventing mnemonics leakage, decreasing abuse risks.
-
Quick migration to field level encryption of governmental data
Integrating encryption and data masking for sensitive data stored in MySQL cluster. A combination of transparent SQL encryption via AcraServer and encryption API via AcraTranslator makes Acra fit for complex solutions.
-
Building a secure data vault for PII protection
Building a cryptographically secure vault for storing and processing PII that prevents developers from getting access to the plaintext data fields, shares anonymised data with BI teams, and provides sufficient performance for OLAP queries.
-
Building ironclad data security for VDR SaaS
Building state-of-the-art security for Virtual Data Room — online document storage and collaboration platform. Integrating mobile-specific security measures seamlessly into mobile apps and aligning security with backend infrastructure.
About Cossack Labs
At Cossack Labs, we build security solutions to protect sensitive data in customers'
products and infrastructures. We help ambitious companies innovate securely: innovate
while preserving user privacy, innovate in peace of mind that their innovation is protected.
Contact us
There are many ways we can help: with our products, bespoke solutions, and engineering services. Leave your contact information to connect with our team:
Latest blogposts
Exploring security vulnerabilities in NFC digital wallets
NFC-based devices, such as mobile digital wallets, contactless smart cards, and security keys (hardware authentication devices), are exposing users to NFC vulnerabilities in encryption, ...
Smart contract security audit: tips & tricks
Smart contract security audit is very different from traditional application security audit. Smart contracts are immutable, they interact with each other and transfer user funds between ...
Transparent data encryption for SQL databases with Acra 0.93
Fully transparent encryption of sensitive fields is possible with open source Acra 0.93 release. Acra works on SQL protocol level, hiding details from developers and reducing encryption ...