Cossack Labs
@cossacklabs
Followers
3K
Following
5K
Media
763
Statuses
2K
Cybersecurity, tailored for your mission
London
Joined January 2015
Case study: A minor update of an analytics library caused a major security incident—user credentials were sent to a third-party backend. Learn how we found and fixed it: https://t.co/raqbBNdzYZ
#AppSecurity
cossacklabs.com
Vulnerabilities in third-party libraries: Exploring a real-world case where an update in an analytics library exposed personal data. We’ll cover the entire journey from discovering the issue to...
0
1
8
We’re pleased to share that today @vixentael is speaking at the @NATO #TIDESprint 43 in Helsinki. Check the Cyberspace track, where Anastasiia shares experience on protecting mission-critical systems and accelerating security decision-making.
0
2
16
Last week, we shared our experience in a cybersecurity workshop for defense tech companies organised by @BRAVE1ua. We covered topics from security fundamentals, like risk management and internal cybersecurity programs, to industry-specific technical challenges and approaches.
0
0
2
React Native is great for cross-platform apps, but their security can be a concern. In her recent article for @owasp, @julepka shares practical tips for assessing these apps, using #OWASP guidelines to identify common security risks. ➤ Read more: https://t.co/rGJNnPPXGm
0
0
4
Meet Anton Shepeta at CocoaTalks meetup! If you are in Kyiv, don't miss Cossack Labs' Security Engineer, Anton Shepeta, discussing iOS reverse engineering tips & tricks at the CocoaTalks meetup on Tuesday, October 29. Thanks @macpaw for hosting! ➤ https://t.co/gY2oiOOett
0
0
2
Let’s focus on the Software Bill of Materials (#SBOM), its security and common problems. Can SBOMs be trusted to enhance supply chain security and vulnerability management? Are there reasons they cannot? ➤ https://t.co/zxM2exeyDp 👈
cossacklabs.com
Despite being a potential approach for enhancing software supply chain security, SBOM’s own flaws and complexities in implementation may be holding back its goal to improve software transparency and...
0
0
3
New release of Acra data security solution for databases and distributed apps. Enhanced MariaDB, MySQL, and PostgreSQL support. Simplified TLS config & optimised key management tools, updated Acra engineering examples. ➤ https://t.co/3jhdNjw11s 👈
cossacklabs.com
New release of Acra — data security solution for databases and distributed apps — focuses on improving user experience and expands compatibility with MySQL, PostgreSQL, MariaDB.
1
1
1
How to protect your #ML models on mobile apps and edge devices against leakage, abuse and reverse engineering? Guidelines and advice from @vixentael and Maksym Khanas: ➤ https://t.co/3nTYuC1Hh4 👈
cossacklabs.com
ML model security is critical when models are run on edge devices or mobile apps. Our guide goes deep into the addressing security risks and threats of ML models.
0
0
4
On Ukraine's Independence Day, we reflect on our ongoing efforts to strengthen Ukraine’s cyber resilience in critical national infrastructure, mission-critical systems, govtech solutions, unmanned robotic systems, and many more. ➤ https://t.co/Xnts4zoRBu 👈
cossacklabs.com
On Ukraine’s Independence Day, we reflect on our ongoing efforts to strengthen Ukraine’s cyber resilience in critical national infrastructure, mission-critical systems, govtech solutions, unmanned...
0
2
9
Introducing CL MSS: Mobile security verification framework for product security, assessments & SSDLC. Thanks to main contributors: @julepka, @vixentael, Anton Shepeta, @G1ggg1L3s
#SSDLC #appsec ➤ https://t.co/89GD4JLFBL 👈
cossacklabs.com
Cossack Labs Mobile Security Score (CL MSS) is an application security framework for mobile applications. It focuses on risk-based requirements, continuous risk management, and measurable progress...
0
3
9
Eugene Pilyankevich will join @aerorozvidka's 10th-anniversary stream and share details about UA DroneID. This technology improves the efficiency and security of deploying UAV and robotic systems during complex operations.
Розповідаємо про останній блок стріму - ROBOTIC SYSTEMS: 📍Чому ми вважаємо, що роботи��овані системи - асиметрична відповідь ворогу 📍Проєкти напряму: DroneID, Група прототипування. 📍Майбутнє використання роботизованих систем: проблематика, перспективи, запит до спільноти
0
0
4
Cossack Labs is delighted to celebrate the 10th anniversary of our friend and ally @aerorozvidka, and to take part in the stream! Don't miss @vixentael talk on building security in mission-critical systems at
youtube.com
Air reconnaissance is a volunteer project to help the Ukrainian army. We aim to provide units of the State Border Guard Service of Ukraine and the Armed Forces of Ukraine operating in the anti-terr...
��ьогодні розповімо про блок C2IS: Що таке бойові інформаційні системи і чому це важливо? Які були передумови та виклики розробки системи ситуаційної обізнаності Дельта? Які виклики постали з початком повномасштабного вторгнення? Кібербезпека бойових інформаційних систем.
0
1
7
Hey! 👋 The 221st issue is out! https://t.co/I8yB5MPXDx Congrats @jarbon, @semels, @GergelyOrosz, @MarkAHerschberg, @gil_zilberfeld, @joshin4colours, @ardjorganxhiu, @shivjirwankar, @cossacklabs, @GreenReportBlog, @dhh, @isabeliita90, @therunninglight and @Nikolay_A00!
3
8
14
Meet @vixentael at #DOU Day 2024! Don't miss Cossack Labs’ Head of Security Engineering @vixentaelʼs talk on building resilient mission-critical systems at DOU Day on May 18th.
Спільното, раді нарешті анонсувати для вас теми спікерів на DOU Day. І почнемо з @vixentael, Head of Security Engineering, Security software engineer в Cossack Labs😎
0
2
13
Using security autotests for measurable and stable software security processes: Check our pre-built templates and learn how to implement them into the CI/CD pipeline. ➤ https://t.co/SPyhpxZ4nD👈
cossacklabs.com
Security automation contributes to measurable improvements: stable security processes and efficient assessments that save time and effort. Security-focused pre-built templates covering prevalent...
0
2
5
Cossack Labs is proud to collaborate with @mintsyfra, @DefenceU & @aerorozvidka to develop UA DroneID: This innovative technology enables the protection of mission-critical assets and increases the efficiency of UAVs and unmanned robotic systems usage.
0
3
18
We are proud of our Lead Security Engineer, @julepka who is a director at @wwcodekyiv, for fostering professional development of the women's community in IT and co-organising the "Inspire & Connect" conference.
0
1
8
Deal with #OAuth2? Get savvy on OAuth2 mechanics, PKCE implementation, CSRF protection, and auto security checks to avoid common pitfalls. A detailed guide to OAuth2 security is here: ➤ https://t.co/mWVoY46JXG 👈
cossacklabs.com
How to implement OAuth in the context of mobile applications while avoiding security pitfalls? Practical steps on fortifying OAuth flow with PKCE, state parameter, managing secure redirections, and...
0
2
3
Our Head of Security Engineering @vixentael shared unique expertise on building security for mission-critical apps and critical infrastructure at #NATO #TIDESprint 2024, Data Centric Security and Cybersecurity tracks.
0
1
6
Opportunity to meet @vixentael at #NATO #TideSprint 2024 event held by @NATO_ACT. Don't miss Head of Security Engineering @vixentaelʼs talk about building secure architecture for mission-critical applications within the Data Centric Security track.
#TIDESprint'24: Advancing Interoperability! @NATO’s leading think-tank arena aims at fostering advancements & innovations that rapidly evolve concepts and specifications to design more interoperable partnership between #NATO & Partner Nations. 📌 https://t.co/jtc0dnSPaL
#WeAreNATO
0
1
11