The chances are high that you have met our work — without seeing it.Our solutions, products and recommendations protect popular SaaS services and award-winning mobile apps, financial institutions and state-wide power grid operators. Security work has certain restrictions, so we can't share each story, but here are a few that we can.
Building security for M&A solutions: 5-years of SSDLC
Long-term cooperation with the [REDACTED] company resulted in refined security practices that matched the evolution of their B2B platform. We enabled transition from reactive "firefighting" to a proactive security posture, while simplifying security processes and building security defences.
FSA / Fintech
Product security for one of the biggest African banks
When a bank launches an entirely new banking application, it necessitates a thorough mobile security assessment, diligent efforts to ensure financial transaction security and tailored fraud prevention measures.
Xumm wallet security assurance and improvements
Conducting a comprehensive security assessment of the Xumm app to ensure the robust protection of key materials, maintain cryptographic soundness, enhance application security.
Industrial IoT security
Securing an ecosystem of edge ML devices
Designing and implementing security of specialised IIoT devices that run ML. Data protection, ML models protection, secure communication, fleet management, and anti-reverse engineering.
Protecting telemetry data of power grids
Protecting data signals transmitted over the air between power distribution stations and central dispatch system.
GovTech security solution
FSA / Fintech
Quick migration to field level encryption of governmental data
Integrating encryption and data masking for sensitive data stored in MySQL cluster. A combination of transparent SQL encryption via AcraServer and encryption API via AcraTranslator makes Acra fit for complex solutions.
Mass consumer service
Telco & Adtech
Building a secure data vault for PII protection
Building a cryptographically secure vault for storing and processing PII that prevents developers from getting access to the plaintext data fields, shares anonymised data with BI teams, and provides sufficient performance for OLAP queries.
Building ironclad data security for VDR SaaS
Building state-of-the-art security for Virtual Data Room — online document storage and collaboration platform. Integrating mobile-specific security measures seamlessly into mobile apps and aligning security with backend infrastructure.
Crypto wallet security assessment for Temple Wallet
Armoring the non-custodial wallet for the Tezos blockchain: improving cryptography, adding platform-specific security controls, preventing mnemonics leakage, decreasing abuse risks.
Smart contracts security and consistency
Analysing, verifying, and improving Allbridge's cross-chain bridge: smart contracts security audit, transaction flow analysis, gas consumption optimisation, mitigating risks of abuse and misuse.
ML & TensorFlow
Cryptographic IP protection for AI/ML product
Protecting unique IP (ML models) against leakage and misuse using multi-layered encryption on ephemeral keys.
End-to-end encryption and multi-device synchronisation for 6M users
Encrypting data for Bear — the Apple Design Award-winning application while focusing on performance and usability.
End-to-end encryption for remote debugging tool
Data encryption and isolation in AppSpector for securing mobile development and helping digital nomads around the world.
Encrypting patients' data across hospital networks
Building balanced security system around cryptographic core for distributed EHR exchange and make hospital patients' life better.
What our customers say:
"Engaging with Cossack Labs has been a transformative experience for our team and our platform. Establishing secure development practices with design and code review was just one facet of our engagement, they also helped us immensely in developing processes, education, evaluating third-party vendors, managing security researchers, and many more. A highly competent team, I fully recommend working with Cossack Labs."
Austin Feight, Engineering Lead at Crossmint
"We improved our applications, deepened our knowledge of application security, and gained a better understanding of mobile platform security. Your team’s knowledge and friendliness made the entire process easy and enjoyable. We are excited about future collaborations."
Konstantinos Natsios, lead mobile engineer at TradingCom
"We asked Cossack Labs engineers to review the security and cryptography in our products. What we’ve got was beyond expectations: a highly detailed analysis and lots of practical advice on how to fix current issues and implement long-term enhancements, all of them in line with our security and business goals."
Korney, CTO and Co-founder at MadFish.Solutions
"Thank you very much for all you did so far & the thoroughness, skill & knowledge you invested into this, all of you!"
Founder of a blockchain software company after our cryptographic review
"I have definitely learned A LOT since we started working together with Cossack Labs. I have learned to be a better engineer because of their knowledge in mobile security."
Ronald, Software Engineering Manager at M&A SaaS provider
"Cossack Labs shares myGaru’s mission to put individuals in the center of digital processes and give control on personal data back to users. Cossack Labs team is building secure data processing components and the privacy layer of myGaru solution."
Vitalii Morozenko, Founder and CEO at myGaru
"We were thrilled work with Cossack Labs, leveraging their 15+ years of experience, to secure Bear user`s notes. It enabled us to elevate our core user experience with the security and privacy our users demand."
Shiny Frog team, creators of Bear app
"Cossack Labs covered our back in data security, helping us to serve our customers better and target not only private hospitals, but also governmental healthcare companies."
Andrei Popa, CTO at GoClinic
"End-to-end encryption engine based on Themis and Acra allows us to scale our product and attract new customers while being sure that their data is available only to them."
Sergey Zenchenko, CEO at AppSpector
Some of our customers and open-source adopters
Join the leaders, build the future!