Julian has founded, built, managed, and led multiple software companies over four decades. Having previously raised tens of millions of dollars of equity finance, he managed three successful disposals, two to publicly-quoted companies, yielding above-average returns to shareholders. His operational focus is on finance, financial strategy, and legal.
Eugene has managed software development with high security and performance demands for over 15 years. His extensive experience and research enable him to focus on the challenges that large and small companies experience when seeking to make data security central to their operations, especially in the face of external pressures and uncertainties.
Chris originally trained as an economist but has coded, designed, and invested in a diverse range of software systems and companies for over 40 years. Elegant, appropriate, and useful code continues to delight. Chris sees effort spent to make world-class data security available to all as central to advancing the common good both now and into the future.
Anastasiia is a software engineer and manager with a wide technological background spanning mobile app development to security engineering. Her current focus is cryptography and applied security, helping companies to build secure yet usable systems. Anastasiia is a frequent contributor to international conferences and co-organiser of cyber-security events.
We help the leaders to build secure systems at scale
Products and product sheets
Acra, a database security suite
Acra provides 9 security controls in one suite, pluggable as proxy, API or SDK in your architecture. Features include transparent field-level encryption, searchable encryption, data masking and firewalling.
Themis, a cross-platform crypto library
Themis provides cryptosystems for securing data at rest and data in transit. Solves 90% use cases for protecting data in mobile, web and server-side apps.
Facts & dates
- Themis is a cryptographic library, perfect for solving data security use cases in the most applications.
- Themis supports 14 languages and platforms and provides 100% compatible API across them.
- Themis is recommended by OWASP as a cryptographic library for mobile apps.
- Themis hides cryptographic details, preventing developers from making security mistakes.
- Themis provides strong modern industry-proven cryptography.
- Themis is open source and can be used for free.
- Acra database security suite protects sensitive data in databases and distributed applications.
- Acra is one tool that covers 9 data security controls.
- Acra works with SQL and NoSQL databases, on-prem or in any cloud environment.
- Acra gives field-level encryption for sensitive data and supports BYOK/HYOK.
- Acra easily integrates into modern applications, protecting sensitive data on the every step of its lifecycle.
- Acra Community Edition is open source and can be used for free.
- Acra Enterprise Edition is tailored for businesses with multiple apps or databases.
- Hermes is a security framework for enabling multi-user end-to-end encrypted data storage.
- Hermes provides the essential building blocks for building zero-knowledge and zero trust architectures.
- Hermes prevents data leakage or misuse even if the server infrastructure is compromised.
- Hermes core engine is open source.
Cossack Labs team
- Cossack Labs team includes experts with formal backgrounds and PhDs in cryptography, OWASP contributors, CISSP-certified security engineers, security software developers, and security engineers with decades of industry experience.
- Cossack Labs team members gave more than 60 conference talks in 6 years. You can meet us at the international security and development conferences as QCon, DefCon, UA.SC, BlackAlps, NSSpain, FrenchKit, Devops Stage, OSDN, muCon, iOSCon, Highload fwdays, OWASP meetups and OWASP Appsec global events, NoNameCon, and others.
- November, 2021 – Acra 0.90.0 is released, making fundamental security controls previously available in proprietary versions accessible to a wider audience.
- October 20, 2020 – Acra won Best Open Source Project in the Hackernoon Noonies contest.
- July 9, 2020 – With version 0.13.0 released, Themis officially supports 14 languages and platforms.
- September 5, 2019 – Cossack Labs implemented end-to-end encryption into popular Apple Design Award app Bear.
- April 16, 2019 – Acra encryption suite became available on DigitalOcean Marketplace.
- March 15, 2019 – More flexible configuration for AcraCensor and server-side encryption mode for AcraServer are introduced.
- November 9, 2018 – With version 0.84.0 New Horizons, Acra grew from a database encryption proxy to a full-fledged data encryption suite.
- December 13, 2017 – A proof of concept version of Hermes introduced.
- March 8, 2017 – First Acra open-source release (0.75) revealed.
- June 3, 2015 – Themis is released into the public.
- May 18, 2015 – Launch of Themis high-level cryptographic services library.
- June 19, 2014 – Launch of Cossack Labs private limited company in United Kingdom.
RepoMetaScore: evaluating supply chain risks of open-source repositories
Releasing RepoMetaScore: a dependency checking tool that analyzes metadata of open-source project, including commit history and contributors’ background. RepoMetaScore calculates risk rating, makes supply chain risks visible and prevents weaponizing OSS.
Cossack Labs stands on guard for security of Ukrainian companies
Cossack Labs stands with Ukraine and offers free security assessment and engineering services for Ukrainian companies to improve country protection and resilience.
Security of React Native libraries: the bad, the worse and the ugly
How to select a secure React Native library for your app. Sort out improper platform usage, easy to misuse API, deprecated and abandoned libraries – check our research of the React Native ecosystem security.
The secret life of Android apps
Artur Hil @ OWASP Zhytomyr 2021 Meetup
Keynote: Data is a new security boundary
Anastasiia Voitova @ OWASP Global AppSec US 2021 Conference
The art of secure architecture
Julia Potapenko @ Craft
Designing secure architectures the modern way, regardless of stack
Eugene Pilyankevich @ QCon London 2020
Maintaining cryptographic library for 12 languages
Anastasiia Voitova @ BlackAlps
Search over encrypted records: from academic dreams to production-ready tool
Artem Storozhuk @ NoNameCon
In the media
Encryption in the Ukrainian War
Anastasiia Voitova: WTF is Cloud Native Data Security?
Eugene Pilyankevich's interview: Cutting-edge cryptography & data protection solutions at your fingertips
Eugene Pilyankevich: Empowering developers to easily build secure applications that treat sensitive data responsibly
Acra: Open-source database protection with field-level encryption and intrusion detection
WWDC21’s principal security and privacy announcements
Bear: Einblick in die außergewöhnliche Notizen-App mit Apple Design Award!
Application level encryption for software architects
Security Logs: cryptographically signed audit logging for data protection
Computers Are Hard: security and cryptography with Anastasiia Voitova
iOS 14’s Best Privacy Feature? Catching Data-Grabbing Apps
WWDC20’s major security and privacy announcements
Secure development is dead, long live secure development
Keynote: Data is a new security boundary — Anastasiia Voitova
Never store secrets in the resources of your app! (feat. Anastasiia Voitova)
Cryptographic protection of ML models — Anastasiia Voitova
Why can't developers make it secure? — Julia Potapenko
End-to-end encrypted doesn't mean secure — Anastasiia Voitova
Maintaining cryptographic library for 12 languages — Anastasiia Voitova
Use cryptography, don’t learn it — Anastasiia Voitova
Building reliable mobile app security
Secure Authentication. Are you sure you do it right? — Julia Potapenko
Designing secure architectures the modern way, regardless of stack — Eugene Pilyankevich
Anastasiia Voitova—Encryption is easy, key management is hard
Mobile App security: a money game with Anastasiia Voitova
Security for developers
Anastasiia Voitova: security software engineer journey
Build secure mobile applications with Anastasiia Voitova
Anastasiia Voitova—Use cryptography; don’t learn it
Discussing Apple’s new privacy-related features with Anastasiia Voitova
Developer interview: Anastasiia Voitova on WWDC expectations from a security and privacy perspective
Talking with the server it’s supposed to, with special guests Anastasiia Voitova and Marcin Krzyzanowski
We’ll be happy to share our story and discuss all the fancy words like cryptography and security with you.
HQ, United Kingdom
190 Clarence Gate Gardens
London NW1 6AD
Media related questions here: