Newsroom
Hi! Want to write about Cossack Labs? Our newsroom will help you with the task. Also, feel free to contact us on cryptography and data security related issues, we’ll be happy to share our story and discuss the latest technologies.
About us
Cossack Labs is a team of highly experienced cryptographers and software engineers. Our mission is to make strong security methodologies and approaches convenient within modern infrastructures and business. We provide large and small companies with data security tools and bespoke solutions helping to protect their sensitive data against data leakages, external attackers, insiders, mis-configurations and to be compliant with regulations. We're a British company, headquartered in London, with our R&D office in Kyiv, Ukraine.
Our products. Acra, Themis, and Hermes combine both high level of security and usability. They care of encryption, key management, access control, intrusion detection, accountable logging under the hood, enabling our customers to focus on doing their own business, building their products with confidence that data security has been properly taken care of.
Our history. Cossack Labs started in 2014 as data security R&D, published many research results as whitepapers, open-source tools, and contributions to community standards. We were united by the idea to bring cryptography and data security technologies into open-source security solutions. Today, our data security solutions work for large enterprises, startups, and tech-savvy SMEs from healthcare, embedded financing, traditional and unbundled banking, modern and traditional fintech, critical infrastructures, and other industries.
Who we are. We are risk-driven, not hype-driven, follow British business culture and traditions. We innovate in applied cryptography, and solve customers’ real-life problems, cutting through complexity.
Read more about company history
Cossack Labs is a team of highly experienced cryptographers and software engineers. Our mission is to make strong security methodologies and approaches convenient within modern infrastructures and business. We provide large and small companies with data security tools and bespoke solutions helping to protect their sensitive data against data leakages, external attackers, insiders, mis-configurations and to be compliant with regulations. We're a British company, headquartered in London, with our R&D office in Kyiv, Ukraine.
Our products. Acra, Themis, and Hermes combine both high level of security and usability. They care of encryption, key management, access control, intrusion detection, accountable logging under the hood, enabling our customers to focus on doing their own business, building their products with confidence that data security has been properly taken care of.
Our history. Cossack Labs started in 2014 as data security R&D, published many research results as whitepapers, open-source tools, and contributions to community standards. We were united by the idea to bring cryptography and data security technologies into open-source security solutions. Today, our data security solutions work for large enterprises, startups, and tech-savvy SMEs from healthcare, embedded financing, traditional and unbundled banking, modern and traditional fintech, critical infrastructures, and other industries.
Who we are. We are risk-driven, not hype-driven, follow British business culture and traditions. We innovate in applied cryptography, and solve customers’ real-life problems, cutting through complexity.
Julian Swallow
Julian has founded, built, managed, and led multiple software companies over four decades. Having previously raised tens of millions of dollars of equity finance, he managed three successful disposals, two to publicly-quoted companies, yielding above-average returns to shareholders. His operational focus is on finance, financial strategy, and legal.
Eugene Pilyankevich
Eugene has managed software development with high security and performance demands for over 15 years. His extensive experience and research enable him to focus on the challenges that large and small companies experience when seeking to make data security central to their operations, especially in the face of external pressures and uncertainties.
Chris Hennings
Chris originally trained as an economist but has coded, designed, and invested in a diverse range of software systems and companies for over 40 years. Elegant, appropriate, and useful code continues to delight. Chris sees effort spent to make world-class data security available to all as central to advancing the common good both now and into the future.
Anastasiia Voitova
Anastasiia is a software engineer and manager with a wide technological background spanning mobile app development to security engineering. Her current focus is cryptography and applied security, helping companies to build secure yet usable systems. Anastasiia is a frequent contributor to international conferences and co-organiser of cyber-security events.
Products and product sheets
Acra, a database security suite
Acra provides 9 security controls in one suite, pluggable as proxy, API or SDK in your architecture. Features include transparent field-level encryption, searchable encryption, data masking and firewalling.
Themis, a cross-platform crypto library
Themis provides cryptosystems for securing data at rest and data in transit. Solves 90% use cases for protecting data in mobile, web and server-side apps.
Hermes, end-to-end secure data storage
End-to-end secure data storage, processing, and sharing framework with zero trust to storage/exchange infrastructure.
Facts & dates
-
Themis
- Themis is a cryptographic library, perfect for solving data security use cases in the most applications.
- Themis supports 14 languages and platforms and provides 100% compatible API across them.
- Themis is recommended by OWASP as a cryptographic library for mobile apps.
- Themis hides cryptographic details, preventing developers from making security mistakes.
- Themis provides strong modern industry-proven cryptography.
- Themis is open source and can be used for free.
Acra
- Acra database security suite protects sensitive data in databases and distributed applications.
- Acra is one tool that covers 9 data security controls.
- Acra works with SQL and NoSQL databases, on-prem or in any cloud environment.
- Acra gives field-level encryption for sensitive data and supports BYOK/HYOK.
- Acra easily integrates into modern applications, protecting sensitive data on the every step of its lifecycle.
- Acra Community Edition is open source and can be used for free.
- Acra Enterprise Edition is tailored for businesses with multiple apps or databases.
Hermes
- Hermes is a security framework for enabling multi-user end-to-end encrypted data storage.
- Hermes provides the essential building blocks for building zero-knowledge and zero trust architectures.
- Hermes prevents data leakage or misuse even if the server infrastructure is compromised.
- Hermes core engine is open source.
Cossack Labs team
- Cossack Labs team includes experts with formal backgrounds and PhDs in cryptography, OWASP contributors, CISSP-certified security engineers, security software developers, and security engineers with decades of industry experience.
- Cossack Labs team members gave more than 60 conference talks in 6 years. You can meet us at the international security and development conferences as QCon, DefCon, UA.SC, BlackAlps, NSSpain, FrenchKit, Devops Stage, OSDN, muCon, iOSCon, Highload fwdays, OWASP meetups and OWASP Appsec global events, NoNameCon, and others.
-
- August 20, 2022 – Launch of Shift Security Left newsletter for security-aware developers. Later, it became a Hackernoon Noonies'22 Best General Technology Newsletter runner-up in emerging tech.
- May, 2022 – Acra 0.93.0 introduces the type awareness feature, enabling fully transparent encryption, decrypting and decoding binary data back to the original type.
- November, 2021 – Acra 0.90.0 is released, making fundamental security controls previously available in proprietary versions accessible to a wider audience.
- October 20, 2020 – Acra won Best Open Source Project in the Hackernoon Noonies contest.
- July 9, 2020 – With version 0.13.0 released, Themis officially supports 14 languages and platforms.
- September 5, 2019 – Cossack Labs implemented end-to-end encryption into popular Apple Design Award app Bear.
- April 16, 2019 – Acra encryption suite became available on DigitalOcean Marketplace.
- March 15, 2019 – More flexible configuration for AcraCensor and server-side encryption mode for AcraServer are introduced.
- November 9, 2018 – With version 0.84.0 New Horizons, Acra grew from a database encryption proxy to a full-fledged data encryption suite.
- December 13, 2017 – A proof of concept version of Hermes introduced.
- March 8, 2017 – First Acra open-source release (0.75) revealed.
- June 3, 2015 – Themis is released into the public.
- May 18, 2015 – Launch of Themis high-level cryptographic services library.
- June 19, 2014 – Launch of Cossack Labs private limited company in United Kingdom.
What’s new
Exploring security vulnerabilities in NFC digital wallets
NFC-based devices, such as mobile digital wallets, contactless smart cards, and security keys (hardware authentication devices), are exposing users to NFC vulnerabilities in encryption, ...
Smart contract security audit: tips & tricks
Smart contract security audit is very different from traditional application security audit. Smart contracts are immutable, they interact with each other and transfer user funds between ...
Transparent data encryption for SQL databases with Acra 0.93
Fully transparent encryption of sensitive fields is possible with open source Acra 0.93 release. Acra works on SQL protocol level, hiding details from developers and reducing encryption ...
Past events
Demystifying myths about women in IT
Julia Potapenko @ What's wrong with IT, charitable live stream
Keynote: Data is a new security boundary
Anastasiia Voitova @ OWASP Global AppSec US 2021 Conference
Designing secure architectures the modern way, regardless of stack
Eugene Pilyankevich @ QCon London 2020
Media coverage
In the media
Cybersecurity in wartime: how Ukraine's infosec community is coping
Volunteers patrol Ukraine's cyber front during war
Encryption in the Ukrainian War
Anastasiia Voitova: WTF is Cloud Native Data Security?
Eugene Pilyankevich's interview: Cutting-edge cryptography & data protection solutions at your fingertips
Eugene Pilyankevich: Empowering developers to easily build secure applications that treat sensitive data responsibly
Acra: Open-source database protection with field-level encryption and intrusion detection
WWDC21’s principal security and privacy announcements
Bear: Einblick in die außergewöhnliche Notizen-App mit Apple Design Award!
Application level encryption for software architects
Security Logs: cryptographically signed audit logging for data protection
Computers Are Hard: security and cryptography with Anastasiia Voitova
iOS 14’s Best Privacy Feature? Catching Data-Grabbing Apps
WWDC20’s major security and privacy announcements
Secure development is dead, long live secure development
Video
Keynote: Data is a new security boundary — Anastasiia Voitova
Never store secrets in the resources of your app! (feat. Anastasiia Voitova)
Cryptographic protection of ML models — Anastasiia Voitova
Why can't developers make it secure? — Julia Potapenko
End-to-end encrypted doesn't mean secure — Anastasiia Voitova
Maintaining cryptographic library for 12 languages — Anastasiia Voitova
Use cryptography, don’t learn it — Anastasiia Voitova
Building reliable mobile app security
Secure Authentication. Are you sure you do it right? — Julia Potapenko
Designing secure architectures the modern way, regardless of stack — Eugene Pilyankevich
Podcasts
Security in Java, what do we need to know and how to keep our applications secure
Anastasiia Voitova—Encryption is easy, key management is hard
Mobile App security: a money game with Anastasiia Voitova
Security for developers
Anastasiia Voitova: security software engineer journey
Build secure mobile applications with Anastasiia Voitova
Anastasiia Voitova—Use cryptography; don’t learn it
Discussing Apple’s new privacy-related features with Anastasiia Voitova
Developer interview: Anastasiia Voitova on WWDC expectations from a security and privacy perspective
Talking with the server it’s supposed to, with special guests Anastasiia Voitova and Marcin Krzyzanowski
Assets
Please don't modify these logos or use them in a way that confuses Cossack Labs with another brand.
Browse press kit on Google Drive.
Contact us
We’ll be happy to share our story and discuss all the fancy words like cryptography and security with you.
HQ, United Kingdom
190 Clarence Gate Gardens
Glentworth Street
London NW1 6AD
United Kingdom
Any thoughts?
Media related questions here: