About Cossack Labs
Cossack Labs was founded in 2014 by a team of security and cryptography experts to enable modern tech businesses to mitigate rising cybersecurity risks without compromising on usability and flexibility of their solutions.
Cossack Labs builds security tools that prevent sensitive data leakages, protect customer data, and enable businesses to comply with data security regulations.
Our innovations stem from one belief: the modern security approach can provide a much higher impact on cybersecurity risks by adapting fundamental techniques to practical use cases they are protecting. This allows customers to spend less time, money, and efforts on their security and more — on their own innovation and growth.
Areas of focus
Fundamental security tools
A failure of one security control is a question of time, but a failure of a security system is a question of design. We provide consistent proactive security controls, which prevent whole classes of vulnerabilities, addressing their root cause, instead of "band-aid" security tools.
Sensitive data flow
A chain is only as strong as its weakest link. Our tools cover significant data flow of sensitive data within your applications, mitigating whole classes of risk even in partially compromised systems.
Defense in depth
Defenders think in lists, attackers think in graphs. Our tools and solutions provide several layers of defense around your most sensitive assets, ensuring that even a combination of vulnerabilities won't make the whole system vulnerable.
Many of us originate from security roles inside critical industries — banking, government, secure communications. Our team combines experienced security auditors, academic cryptographers, software and security engineers — all united around one goal — take the industry-proven cryptographic security techniques and make them solve the practical problems and risks in modern infrastructures conveniently.
Many of us have been building, maintaining, and auditing sophisticated security systems in the past. In the specs, they looked immaculate, but time and time again we saw typical flaws arise due to the security industry developers’ disregard for real-world environments and actual usage patterns of the provided tools. We joined forces with talented infrastructure and database management engineers and platform application experts to build data protection layer for modern apps that is both secure, convenient to use, and solves problems as they arise in the real world.