Blog

11 Jul 2017

Replacing OpenSSL with BoringSSL in a Complex Multi-Platform Layout

To provide better multi-platform support in Themis, we've built multi-donor support abstraction layer for cryptographic primitives, called Soter. This is the first article in a series of three that will cover our experiments with different sources of crypto primitives, this time - BoringSSL.

8 Mar 2017

Presenting Acra

Today we're revealing Acra: a database security suite, built to provide selective encryption and intrusion prevention for modern microservice-rich products and web apps.

products releases Acra

6 Mar 2017

Importing with ctypes in Python: fighting overflows

Best cases of boring technical debt are understood when reflected properly. This post addresses a simple one: inelegant flags in core C library ended up breaking Python tests. This is no small case to us: tests breaking sometimes might end up in things seeming to work, but not really working. Not something you can afford yourself when you're doing cryptography, do you?

Themis development Python

28 Feb 2017

Plugging leaks in Go memory management

Investigating memory leaks can be fun, sometimes. Sometimes it might even teach you a few lessons in how the language you know and like actually works.

development Go Acra

30 Dec 2016

2016 at Cossack Labs

Bright and full of new 2016 year insensibly came to an end. Sharing the summary of our work!

21 Dec 2016

Themis database modules

In an ongoing effort to make Themis functions available anywhere we (and potential users) might need them, we're starting to release Themis wrappers for popular databases. This post outlines the first two - for Redis and PostgreSQL databases.

Themis redis postgresql database security releases

13 Dec 2016

12 and 1 ideas on how to enhance backend data security

Previously, we’ve talked about classic design patterns in backend data security and about key management goals and techniques. In this article, we'll discuss how modern approaches differ and shed light on our solutions. Updated in 2019

applied security backend security series database security

23 Nov 2016

Themis 0.9.4 release

Glad to announce Themis 0.9.4! Minor changes for stable new version.

Themis products Python iOS Ruby Android releases PHP Go

26 Oct 2016

Why making Internet safe is everyone’s responsibility

... not the security vendors, nor government or big corporations can solely fix the current state of things. It's everybody's duty and the earlier we understand it - the better.

applied security Web

21 Sep 2016

Backend data security: Key management 101

Second article in series, Key Management 101 will talk about basic key management concepts, goals and methods to achieve them.

backend security series applied security howto cryptography database security