News
Discover Cossack Labs the latest news, conference talks, podcasts, media presence, facts and information about new product launches, product updates, new partnerships.
Use cryptography, don’t learn it
Anastasiia Voitova on cryptography, "boring crypto", cryptographic libraries misuse, and the best ways to protect data.
Maintaining cryptographic library for 12 languages
Anastasiia Voitova about the challenges of maintaining a cryptographic library, the benefits of multi-platform cryptographic library Themis, and how to avoid common cryptography pitfalls.
Themis 0.12.0
Releasing Themis 0.12.0 # The new version is out – please meet our encryption library Themis 0.12.0. Coincidentally, it supports 12 languages/platforms now. In this release, we’re added WasmThemis that allows using Themis in WebAssembly apps , introduced a way to install Themis on Windows (still an experimental feature), improved packaging and platform compatibility (welcome Go Modules !), and added extra safety checks and a few tricky bug fixes.
Developer interview: Anastasiia Voitova on WWDC expectations from a security and privacy perspective
Anastasiia Voitova talks on the growing importance of security and privacy for app developers.
New Themis 0.11.1
New Themis is greatly improved and sparkly with additions. We are proud to introduce Rust-Themis – full support of Themis for Rust. Rust-Themis works with all four crypto-systems: Secure Cell for storing data securely, Secure Message for encrypting and signing envelopes, Secure Session for encrypting session communications and Secure Comparator for zero-knowledge authentication. All Rust-Themis components can be installed from crates.io . Jump to the Rust How-To guide to learn more.
ACRA 0.85.0 LOOKING GLASS
New Acra 0.85.0 brings the expanded functionality we’ve announced during the release of Acra 0.84.0. We’ve added server-side encryption mode which allows integrating Acra without altering the client application code. It’s called AcraServer’s Transparent proxy mode and allows you to configure AcraServer to parse SQL queries and to encrypt values designated for specific database columns. Transparent encryption mode is useful for large distributed applications where updating the source code of each client app separately would be complicated.
Looking Back at 2018 — A Year in Retrospect
2018 was as exciting as it was busy — 7 new versions of Acra Open Source accompanied by Acra Live Demo and Acra Engineering Demo, launch of DGAP security consulting and security training services, over a dozen articles in the blog and Medium, a whole new Documentation Server, talks at conferences all over the world, and many more interesting events. Stats According to our GitHub statistics, 2018 resulted in:
Secure development is dead, long live secure development
Keynote about data security and cryptography challenges and importance of supporting security controls by Anastasiia Voitova.
ACRA 0.84.0 NEW HORIZONS
The main new features of Acra 0.84.0 are based around the DevOps’ needs – they eliminate the need to have a deep knowledge of secure development and cryptography to protect your data using Acra. Logs, metrics, and full-scale tracing will help during the deployment and usage of Acra. You can export them to your favourite tools (i.e. ELK, Prometheus, Jaeger) and monitor Acra’s load, performance, and behaviour, in real-time. Great things are planned for the next few releases.
ACRA 0.83.0 RELEASE
As the days were getting shorter, our pull requests were getting longer, and here we are now, proud to present Acra 0.83.0. Its distinctive new feature is the AcraRotate utility, which allows you easily rotate the storage keys on a regular basis or perform an emergency key rotation if you’ve detected (or suspect) a compromise of the client app. SQL filtering got more flexible — the new 6 patterns (including SUBQUERY and LIST_OF_VALUES) allow deep customisation for configuring the accepted queries and blocking malicious requests.