Cossack Labs
@cossacklabs
Followers
3K
Following
5K
Media
763
Statuses
2K
Cybersecurity, tailored for your mission
London
Joined January 2015
Case study: A minor update of an analytics library caused a major security incident—user credentials were sent to a third-party backend. Learn how we found and fixed it: #AppSecurity.
cossacklabs.com
Vulnerabilities in third-party libraries: Exploring a real-world case where an update in an analytics library exposed personal data. We’ll cover the entire journey from discovering the issue to...
0
1
8
We’re pleased to share that today @vixentael is speaking at the @NATO #TIDESprint 43 in Helsinki. Check the Cyberspace track, where Anastasiia shares experience on protecting mission-critical systems and accelerating security decision-making.
0
2
16
Last week, we shared our experience in a cybersecurity workshop for defense tech companies organised by @BRAVE1ua. We covered topics from security fundamentals, like risk management and internal cybersecurity programs, to industry-specific technical challenges and approaches.
0
0
2
Meet Anton Shepeta at CocoaTalks meetup!. If you are in Kyiv, don't miss Cossack Labs' Security Engineer, Anton Shepeta, discussing iOS reverse engineering tips & tricks at the CocoaTalks meetup on Tuesday, October 29. Thanks @macpaw for hosting!. ➤
0
0
2
Let’s focus on the Software Bill of Materials (#SBOM), its security and common problems. Can SBOMs be trusted to enhance supply chain security and vulnerability management? Are there reasons they cannot?. ➤👈.
cossacklabs.com
Despite being a potential approach for enhancing software supply chain security, SBOM’s own flaws and complexities in implementation may be holding back its goal to improve software transparency and...
0
0
3
New release of Acra data security solution for databases and distributed apps. Enhanced MariaDB, MySQL, and PostgreSQL support. Simplified TLS config & optimised key management tools, updated Acra engineering examples. ➤ 👈.
cossacklabs.com
New release of Acra — data security solution for databases and distributed apps — focuses on improving user experience and expands compatibility with MySQL, PostgreSQL, MariaDB.
1
1
1
How to protect your #ML models on mobile apps and edge devices against leakage, abuse and reverse engineering? .Guidelines and advice from @vixentael and Maksym Khanas:.➤ 👈.
cossacklabs.com
ML model security is critical when models are run on edge devices or mobile apps. Our guide goes deep into the addressing security risks and threats of ML models.
0
0
4
On Ukraine's Independence Day, we reflect on our ongoing efforts to strengthen Ukraine’s cyber resilience in critical national infrastructure, mission-critical systems, govtech solutions, unmanned robotic systems, and many more. ➤ 👈.
cossacklabs.com
On Ukraine’s Independence Day, we reflect on our ongoing efforts to strengthen Ukraine’s cyber resilience in critical national infrastructure, mission-critical systems, govtech solutions, unmanned...
0
2
9
Introducing CL MSS: Mobile security verification framework for product security, assessments & SSDLC. Thanks to main contributors: @julepka, @vixentael, Anton Shepeta, @G1ggg1L3s.#SSDLC #appsec.➤ 👈.
cossacklabs.com
Cossack Labs Mobile Security Score (CL MSS) is an application security framework for mobile applications. It focuses on risk-based requirements, continuous risk management, and measurable progress...
0
3
9
Eugene Pilyankevich will join @aerorozvidka's 10th-anniversary stream and share details about UA DroneID. This technology improves the efficiency and security of deploying UAV and robotic systems during complex operations.
Розповідаємо про останній блок стріму - ROBOTIC SYSTEMS:. 📍Чому ми вважаємо, що роботизовані системи - асиметрична відповідь ворогу.📍Проєкти напряму: DroneID, Група прототипування. 📍Майбутнє використання роботизованих систем: проблематика, перспективи, запит до спільноти
0
0
4
Cossack Labs is delighted to celebrate the 10th anniversary of our friend and ally @aerorozvidka, and to take part in the stream! Don't miss @vixentael talk on building security in mission-critical systems at
youtube.com
Air reconnaissance is a volunteer project to help the Ukrainian army. We aim to provide units of the State Border Guard Service of Ukraine and the Armed Forces of Ukraine operating in the anti-terr...
Сьогодні розповімо про блок C2IS:. Що таке бойові інформаційні системи і чому це важливо?.Які були передумови та виклики розробки системи ситуаційної обізнаності Дельта?.Які виклики постали з початком повномасштабного вторгнення? .Кібербезпека бойових інформаційних систем.
0
1
7
RT @QANewsletter: Hey! 👋 . The 221st issue is out!. Congrats @jarbon, @semels, @GergelyOrosz, @MarkAHerschberg, @gi….
0
8
0
Meet @vixentael at #DOU Day 2024!. Don't miss Cossack Labs’ Head of Security Engineering @vixentaelʼs talk on building resilient mission-critical systems at DOU Day on May 18th.
Спільното, раді нарешті анонсувати для вас теми спікерів на DOU Day. І почнемо з @vixentael, Head of Security Engineering, Security software engineer в Cossack Labs😎
0
2
13
Using security autotests for measurable and stable software security processes: Check our pre-built templates and learn how to implement them into the CI/CD pipeline. ➤ �.
cossacklabs.com
Security automation contributes to measurable improvements: stable security processes and efficient assessments that save time and effort. Security-focused pre-built templates covering prevalent...
0
2
5
Cossack Labs is proud to collaborate with @mintsyfra, @DefenceU & @aerorozvidka to develop UA DroneID: This innovative technology enables the protection of mission-critical assets and increases the efficiency of UAVs and unmanned robotic systems usage.
0
3
18
We are proud of our Lead Security Engineer, @julepka who is a director at @wwcodekyiv, for fostering professional development of the women's community in IT and co-organising the "Inspire & Connect" conference.
0
1
8
Deal with #OAuth2? Get savvy on OAuth2 mechanics, PKCE implementation, CSRF protection, and auto security checks to avoid common pitfalls. A detailed guide to OAuth2 security is here:.➤ 👈.
cossacklabs.com
How to implement OAuth in the context of mobile applications while avoiding security pitfalls? Practical steps on fortifying OAuth flow with PKCE, state parameter, managing secure redirections, and...
0
2
3
Our Head of Security Engineering @vixentael shared unique expertise on building security for mission-critical apps and critical infrastructure at #NATO #TIDESprint 2024, Data Centric Security and Cybersecurity tracks.
0
1
6
Opportunity to meet @vixentael at #NATO #TideSprint 2024 event held by @NATO_ACT. Don't miss Head of Security Engineering @vixentaelʼs talk about building secure architecture for mission-critical applications within the Data Centric Security track.
#TIDESprint'24: Advancing Interoperability!.@NATO’s leading think-tank arena aims at fostering advancements & innovations that rapidly evolve concepts and specifications to design more interoperable partnership between #NATO & Partner Nations. 📌#WeAreNATO
0
1
11