Cossack Labs
Cossack Labs
Solutions for SaaS Providers
Providing the business value as Software-as-a-Service means putting extra stress on scalability, maintainability, and operational management. Customers' demands, GDPR-related risks, and constant data breaches clearly signal that just checking a few checkboxes in AWS configurator would barely be enough to do the job.
We have built a data-protection layer for SaaS providers. Our solutions help to secure the data that is stored and exchanged in SaaS' zone of responsibility, through either selective or end-to-end encryption.
Current industry challenges
Numerous data privacy regulations make the SaaS provider who handles sensitive customer data responsible for it, not a cloud provider.
Enterprise customers require specific data security policies to protect their data. Such policies extend way beyond "we've turned on all the AWS security features".
Integrating security controls into an actively growing product is hard due to the need to balance out the performance, scalability, and maintainability of the system.
Modern solutions
Selective or end-to-end encryption combined with pseudonymisation or anonymisation of data across the system.
Resources' and keys' compartmentalisation: sufficient separation between protection of individual users without jeopardising the integrity of company's infrastructure.
Scalability and transparency: security controls should scale via processes and replicas horizontally, and provide SIEM-compatible log stream of their behaviour.
Data-centric security engineering for applications in combination with security audits.
What we offer
Service providers are responsible for sensitive data of all of their clients. Cloud security measures should meet specific demands, i.e. portability, scalability, and transparency.
We cater to your special use cases. Our solutions are suitable for cloud deployment and accommodate most of the 12 factors of scalable cloud components for SaaS applications where they don’t contradict security requirements.
Acra
Data protection system with searchable encryption, intrusion detection, and leakage prevention. Acra is managed by one declarative configuration and key layout.
Hermes
Themis
Security frameworks for integrating encryption into distributed apps and building end-to-end encrypted data exchange. Easy to add to your existing apps.
Security engineering and consulting
Building a secure system from scratch or adding security controls to existing products is a non-trivial task. Enrich your team’s competences with our security engineering skills.
Secure software development training
Being good at software development does not equal having good cybersecurity skills. Train your team to build highly secure systems and avoid typical mistakes.
Have a question? Get a human to answer it!
How we make a difference
Our solutions are built to scale with your business, not to constrain it.
Security & observability: store and transmit only the encrypted data, gather logs, metrics, and monitoring signals to get a transparent view of the system's behaviour.
We help you achieve more while paying less – our solutions attack risks at the very core, instead of patching up the holes.
We're no strangers to SaaS business, some of us had operated large-scale SaaS infrastructures, so we know their nature and context.
Our mission is simple.
We help you focus on serving your customers better, while relieving your team from security engineering pains and making your users confident that their data is safe with you.
Interested in our solutions? Let’s talk.
