Sitemap | Cossack Labs

🇺🇦 We stand with Ukraine, and we stand for Ukraine. We offer free assessment and mitigation services to improve Ukrainian companies security resilience.


Welcome to the Cossack Labs website navigation!

This is the map of the Cossack Labs website. Here you can find a short description for every important page.

  • Cossack Labs #

    The main page of the site. Obvious.

    • All products #

      Description and features of all the available Cossack Labs products in one place. Makes it easy to select the right product for you.

      • Themis #

        Themis provides easy-to-use and hard-to-misuse encryption API for securing data at rest and in transit, and is available across multiple platforms.

      • Acra #

        Acra provides application level encryption, masking, tokenisation, access control, database leakage prevention, and intrusion detection for modern data-processing apps.

      • Hermes #

        Hermes is an end-to-end secure data storage, processing, and sharing framework with zero trust to storage/exchange infrastructure.

      • Toughbase #

        Toughbase is a data management application platform built around Hermes, which provides end-to-end encrypted storage and sharing layer on top of traditional server infrastructure, which provides out-of-the-box tools to integrate Hermes with modern databases and distributed applications.

      • Cossack Labs Documentation Server #

        Product documentation, tutorials, and guides, and a large collection of ready-to-try examples of Cossack Labs' products.

    • All services & capabilities #

      Some of the most exciting customers don’t have a problem we’re already familiar with, but are looking for certain skills to invent new things.

      Solutions by org challenge: #

      • Product security & SSDLC #

        The most cost-efficient way to secure the software is to make security an integral part of the ongoing development process – we lead engineers to pragmatic security and “shifting security left”.

      • Security strategy & advisory #

        Cossack Labs team assists you with understanding business and technical risks, compliance requirements, security architecture, and software assurance maturity.

      • Security engineering & architecture #

        Our engineers fill your team skill gaps wherever necessary — in designing, planning, implementing, or verifying security components of your solution ensuring its sufficient performance, usability, and reliability.

      • Cryptography engineering #

        Cryptography has been historically considered one of the hardest-to-get-right, yet most robust defenses against data leakage, tampering and misuse.

      • Data security & privacy compliance #

        We translate the language of compliance requirements to your business and technological stack. We guide you towards the right balance between security, cost, and operational trade-offs.

      Solutions by use case: #

      • Data security #

        Since 2014 we have been building data security tools and custom solutions from greenfield to “just add an encryption layer”.

      • Cloud security #

        Data security in a cloud is based on a risk sharing approach: cloud providers cover some security concerns, but the application owner is still responsible for the data security inside the application and some of the infrastructure security settings.

      • Auditable systems #

        Building trust is as crucial as protecting the data – we’ve built “transparent” aka cryptographically provable audit log systems that enable auditors or 3rd parties to validate systems behavior.

      • AI & ML security #

        We assist innovative ML-based startups to protect sensitive parts of their TensorFlow models and ML pipelines.

      • Mobile apps security #

        Mobile app security means building end-to-end encrypted and privacy-respectful apps by mitigating specific risks & threats, and aligning mobile security measured with security of web / backend infrastructure.

      Solutions by tech challenge: #

      • IoT security #

        IoT security for smart devices: secure communications, cryptography for IoT, protecting IP, Linux hardening, physical tamper resistance, and many more.

      • End-to-end encryption #

        End-to-end encryption, zero knowledge protocols and architectures, zero trust access control all address one root problem: building systems with elevated security requirements.

      • Database encryption solutions #

        Database encryption aims to protect sensitive data from attackers, comply with industry regulations and secure data processing requirements. Modern approaches to database encryption go beyond simply ticking a checkbox “data at rest encryption” but using column level encryption or field level encryption.

      • Application level encryption solutions #

        Many security risks cannot be mitigated with encryption at-rest or TLS, and require encrypting the data inside the applications. Application level encryption (ALE) is relevant for software products that store or process sensitive data. ALE makes implementing regulatory compliance requirements easier, as sensitive data is processed as an encrypted blob until used.

      Solutions by industry: #

      • Fintech data security #

        Data security tools and solutions for traditional banking and modern fintech ranging from credit card data safety to secure account numbers, PII handling, behavioural analytics, OLTP workload and beyond.

      • Healthcare data security #

        Cybersecurity solutions for the digital side of healthcare. Patients’ data protection, better HIPAA and GDPR compliance, handling of “vendor-locked” solutions and unified data formats.

      • CNI security #

        Data security tools and solutions for critical infrastructure and power grids: SCADA network security, IoT security, telemetry data protection.

      • Blockchain security #

        Combining novel cryptography with traditional data, application and product security skills for crypto-currencies and blockchain-based software.

      • SaaS security #

        Data protection layer for the data stored and exchanged in Software-as-a-Service’s zone of responsibility based on selective or end-to-end encryption, intrusion detection, and monitoring.

      • Consumer apps security #

        B2C app security is a mix of protecting users data against prying eyes, and at the same time protecting the product against users actions.

    • Blog #

      Frequently updated technical blog with engineering articles written by Cossack Labs team and release notes for each release of our products.

    • Whitepapers & research #

      This section hosts cryptographic research and whitepapers authored by Cossack Labs team.

    • Conferences & events #

      This section hosts presentations and public appearance recaps by Cossack Labs team.

    • FAQ #

      Frequently asked questions and short information statements.

    • Partners #

      Engineering partners, enterprise/industrial systems' integrators, strategic and security consulting partners of Cossack Labs.

    • For press #

      Please use this link for our electronic press kit and mass media contact info.

    • Jobs #

      Join Cossack Labs forces to work on cryptographic tools and custom solutions for data protection.

    • Internship program #

      Cossack Labs mentors and trains STEM students to provide them an opportunity to join the security industry with high-class professionals.

    • About us #

      At Cossack Labs, we build data security solutions to help companies spend less time on building security and focus on growing their business instead. Talk to us :)

    • Customer stories #

      We tell stories to show what security difficulties our customers face, and how we help to solve them.

    • Sitemap #

      This page.

Contact us

Get whitepaper

Apply for the position

Our team will review your resume and provide feedback
within 5 business days

Thank you!
We’ve received your request and will respond soon.
Your resume has been sent!
Our team will review your resume and provide feedback
within 5 business days