Reinforcing trust by auditable and verifiable systems
Often your users and your partners require efforts beyond regular "just make it secure". They demand transparency and secure audit logging that provides sufficient confidence in your system. PCI DSS audit trails are one side of the coin; settlement logs and system transparency for marketplaces and intermediaries is another.
Modern cryptography offers a whole set of protocols and approaches to back your claims and provide ways to prove your system's behaviour.
Transparent, auditable systems are hard
Audit logging is hard to blend
Trusted multi-party logs are crucial
Provable logs are hard
Modern crypto enables transparency
Coverage and transparency design
Security and compliance
// Relevant products
A DATABASE SECURITY SUITE
To be announced
// Custom solutions and consulting
Verifiable audit logging modules
Relevant customer story
Telco & Adtech
Building a secure data vault for PII protection
Building a cryptographically secure vault for storing and processing PII that prevents developers from getting access to the plaintext data fields, shares anonymised data with BI teams, and provides sufficient performance for OLAP queries.
Have a question? Get a human to answer it!
How we make a difference
Fit to real-world risks
Cryptographers and data security experts
For innovators, by innovators
We've started Cossack Labs to develop new tools and methods for protecting the data and enabling novel solutions to emerging problems — so that at the edge of your innovation, you’ve already got fitting tools handy.
There are many ways we can help: with our products, bespoke solutions, and engineering services. Leave your contact information to connect with our team:
Crypto wallets security as seen by security engineers
Read about building secure crypto wallets and issues we found when doing crypto wallet security audits. Hot non-custodial wallets store private keys, sign crypto transactions, and claim to be secure. But are they?
Audit logs security: cryptographically signed tamper-proof logs
Why crypto signed audit logs are essential for security software and how we’ve built-in secure audit logging in Acra for defense in-depth.
RepoMetaScore: evaluating supply chain risks of open-source repositories
Releasing RepoMetaScore: a dependency checking tool that analyzes metadata of open-source project, including commit history and contributors’ background. RepoMetaScore calculates risk rating, makes supply chain risks visible and prevents weaponizing OSS.