Unlocking data commercial potential, securely

ML & AI are essential for modern businesses. These include analysing customer behaviour & data or using modern data processing methods to deliver new value to customers. Novel technologies bring novel threats or exacerbate existing ones, and since they’re data-related and math-heavy, we’re often asked by our customers to help tackle them.

We design cryptography-based protections for AI/ML-driven businesses.

Typical challenges for AI/ML-driven products

Hard to balance

Data engineers want more real-world data to train their models, to run analytics. While security team wants to use minimum production data.

Protecting ML models

When a unique competitive advantage is condensed in the ML model or any sophisticated data processing contraption, it becomes a sensitive security asset which requires protection.

Customer privacy rights

ML-driven products often deal with sensitive consumer data and trigger privacy concerns that require tweaking ML architecture to get it right.

Data security concerns

ML needing to operate on sensitive data under complex security constraints requires building security inside ML infrastructure and around it.

Modern solutions

Model DRM

DRM-like security schemes for ML models to run only on authorized applications without risks of leakage.

Differential privacy

Applying various privacy models (differential privacy, K-anonymity) to practical goals requires careful planning, implementation and validation.

Inference/statistical security

Understanding statistical security consequences and other indirect security risks and building data processing that mitigates those risks.

To be announced

There's a product that we're preparing to address ML models security – Please stay tuned for further announcements.

Themis

A cross-platform cryptographic library for mobile, web, and server platforms, which solves 90% of typical data protection use cases that are common for most apps. Themis helps to integrate application level encryption fast and easy.

DRM-like ML-models protection

We’ve designed, implemented and co-maintained encryption-based protection with backend authorization for ML models that run on mobile applications, using CoreML, pytorch, TensorFlow.

Differential privacy systems

We’ve designed differential privacy and statistical security-based data protection systems that respect individual GDPR rights while performing data processing.

Protection against statistical attacks

We assist building anonymous de-identification schemes that enable statistical security against traditional and ML classification efforts with huge datasets.

Pragmatic security

Oftentimes, tools and methods are well-known, but having enough security experience to choose appropriate controls is what sets good ML security from "we've tried something".

Have a question? Get a human to answer it!

How we make a difference

Vast experience and expertise

As a cryptographic R&D team, we've built custom data security controls in different contexts, and have vast expertise in understanding practical threat models and failure scenarios, and designing sound security controls against them.

Relevant experience in ML

We’ve done security for award-winning ML products that are used by tens of millions of users, sophisticated industrial data-mining solutions and planet-wide services.

Built to last

Our approach is based on backwards compatibility, maintainability and support. You never lose encrypted data because some npm package became outdated.

For innovators, by innovators

We've started Cossack Labs to develop new tools and methods for protecting the data and enabling novel solutions to emerging problems — so that at the edge of your innovation, you’ve already got fitting tools handy.

Contact us

There are many ways we can help: with our products, bespoke solutions, and engineering services. Leave your contact information to connect with our team:

Relevant resources

TLS validation: implement OCSP and CRL verifiers in Go

Most applications use TLS for data-in-transit encryption and every programming language has a TLS support in its ecosystem. TLS was introduced in 1999 based on SSL 3.0. It's quite an old...

Crypto wallets security as seen by security engineers

What can go wrong when you develop a “secure” crypto wallet? How to eliminate typical security mistakes and build a secure app with multilayered data protection against mnemonics leakage...

Acra 0.90.0: application level encryption and searchable encryption for any SQL and NoSQL databases

Following our mission to empower developers to build secure products, we chose to make all fundamental security controls previously available in proprietary versions accessible to a wide...

All products

Themis, a cross-platform crypto library

Acra, a database security suite

Hermes, end-to-end secure data storage

Know how to know!

By org challenge

By use case

By industry

Blog

Documentation

Conferences & events

Whitepapers & research

TLS validation: implement OCSP and CRL verifiers in Go

About

Customer stories

Partners

Jobs & internship

Join us! We have crypto-cookies.

Unlocking data commercial potential, securely

We design cryptography-based protections for AI/ML-driven businesses.

Typical challenges for AI/ML-driven products

Hard to balance

Data engineers want more real-world data to train their models, to run analytics. While security team wants to use minimum production data.

Protecting ML models

When a unique competitive advantage is condensed in the ML model or any sophisticated data processing contraption, it becomes a sensitive security asset which requires protection.

Customer privacy rights

ML-driven products often deal with sensitive consumer data and trigger privacy concerns that require tweaking ML architecture to get it right.

Data security concerns

ML needing to operate on sensitive data under complex security constraints requires building security inside ML infrastructure and around it.

Modern solutions

Model DRM

DRM-like security schemes for ML models to run only on authorized applications without risks of leakage.

Differential privacy

Applying various privacy models (differential privacy, K-anonymity) to practical goals requires careful planning, implementation and validation.

Inference/statistical security

Understanding statistical security consequences and other indirect security risks and building data processing that mitigates those risks.

What we offer

To be announced

There's a product that we're preparing to address ML models security – Please stay tuned for further announcements.

Themis

A cross-platform cryptographic library for mobile, web, and server platforms, which solves 90% of typical data protection use cases that are common for most apps. Themis helps to integrate application level encryption fast and easy.

DRM-like ML-models protection

We’ve designed, implemented and co-maintained encryption-based protection with backend authorization for ML models that run on mobile applications, using CoreML, pytorch, TensorFlow.

Differential privacy systems

We’ve designed differential privacy and statistical security-based data protection systems that respect individual GDPR rights while performing data processing.

Protection against statistical attacks

We assist building anonymous de-identification schemes that enable statistical security against traditional and ML classification efforts with huge datasets.

Pragmatic security

Oftentimes, tools and methods are well-known, but having enough security experience to choose appropriate controls is what sets good ML security from "we've tried something".

Have a question? Get a human to answer it!

How we make a difference

Vast experience and expertise

As a cryptographic R&D team, we've built custom data security controls in different contexts, and have vast expertise in understanding practical threat models and failure scenarios, and designing sound security controls against them.

Relevant experience in ML

We’ve done security for award-winning ML products that are used by tens of millions of users, sophisticated industrial data-mining solutions and planet-wide services.

Built to last

Our approach is based on backwards compatibility, maintainability and support. You never lose encrypted data because some npm package became outdated.

For innovators, by innovators

We've started Cossack Labs to develop new tools and methods for protecting the data and enabling novel solutions to emerging problems — so that at the edge of your innovation, you’ve already got fitting tools handy.

Contact us

There are many ways we can help: with our products, bespoke solutions, and engineering services. Leave your contact information to connect with our team:

Relevant resources

TLS validation: implement OCSP and CRL verifiers in Go

Most applications use TLS for data-in-transit encryption and every programming language has a TLS support in its ecosystem. TLS was introduced in 1999 based on SSL 3.0. It's quite an old...

Crypto wallets security as seen by security engineers

What can go wrong when you develop a “secure” crypto wallet? How to eliminate typical security mistakes and build a secure app with multilayered data protection against mnemonics leakage...

Acra 0.90.0: application level encryption and searchable encryption for any SQL and NoSQL databases

Following our mission to empower developers to build secure products, we chose to make all fundamental security controls previously available in proprietary versions accessible to a wide...

Contact us

Join us!
We have crypto-cookies.