We make your applications and data safe

We combine offensive and defensive security to guide organisations in creating secure software and hardware.

From Research to Action

Quarkslab was founded with a unique posture in the cybersecurity landscape: our journey began as a private infosec Research & Development laboratory in 2011, focused on applied research.

Today and thanks to years of experience, we are able to bring into the real world all the latest research and development findings.

Our mission is to deliver this knowledge to our customers through software and services in response to their security challenges.

Quarkslab is…


Research & Development is our DNA: Quarkslab was founded with the intent to be a haven for security researchers.

The secondary objective is for them to have the opportunity to translate their research into security services and software.

We welcome full time researchers, PhD students, apprentices and interns for a large range of research subjects. 

Nowadays, our research fields are predominantly on cryptology, embedded platforms and secure execution environments.


Consulting Services

We provide consulting security services to organisations around four axis:

– Vulnerability Research: identifying flaws in software from an adversarial posture

– Security Assessment: examining software design, source code and propose a remediation plan

– Trainings: share our expertise with security teams

– CSPN certification


Our consulting and auditing activities have allowed us to witness the troubles our clients face : from theft of intellectual property, to brand damage following a cyber attack or transactional fraud due to a vulnerable software.

In response to these challenges and fuelled by these insights, we have created several software to answer the issues encountered by our customers.

With these products, we intend to protect applications, binaries and documents which are at the center of today’s information systems.

Securing Code, Data and Binaries

(formerly known as Epona)

Quarks AppShield (formerly known as Epona) is our answer to protect software applications  deployed on personal computers, mobile phones and connected objects. Its application shielding, white-box cryptography and digital vault features thwarts potential attackers trying to reverse engineer your applications and steal your intellectual property.

(formerly known as Irma)

Quarks Flow (formerly known as Irma) is a security automation software dedicated to binary and file analysis. With Quarks Flow, security teams benefit from the perfect toolbox and orchestrator to automate analysis, saving time for mission-critical operations.

Our Range of Consulting Services


System vulnerability research is a complex task that calls for a real strategy. Do you have the source code? What external libraries or other dependencies are targeted? What would be the most effective fuzzing approach? Nowadays, codes are everywhere and updates frequent which explains why vulnerability research can be complex?


Vulnerability intelligence involves deeply understanding them in order to build the appropriate defense. In-depth vulnerability analysis informs us on the reality of the threat and help us understand whether a system is vulnerable. We need to replay a one-day exploit or an attack to check the defenses, the context…

Software and Hardware Security

Security by design has nothing to do with chance: it’s a matter of skill and knowledge across multiple fields. Whatever the project, security has to factor in what the system does and what it’s used for. Cryptography, another essential aspect of modern security, calls for different skills and knowledge: from underlying mathematical theory to implementation. A minor error can have major impact on the whole design…


Reverse engineering enables us to understand how a software works without having access to the source code. Today software is everywhere. Most software packages have many dependencies that the buyer is not aware of. So, what does the software contains? What exactly does it do? Does it enhance security, or weaken the defense system?

Come meet the people behind Quarkslab at the QITS!

Each year, we have the pleasure to host our own annual conference called Quarks in the Shell (QITS).

This conference is the perfect opportunity to share our updates in the research field, the latest products features and exchange with our community.


Cybersecurity solutions are many and varied, but not all of them offer the same level of efficiency, robustness and trust. The Security Visas issued by ANSSI (the French National Agency for Security and Information Technology Services) makes it easy to identify the most reliable solutions on the market. ANSSI recognised them only after a thorough evaluation carried out by accredited laboratories.
Quarkslab is part of the list of accredited laboratories. We have been certified by ANSSI to perform security assessments. 
UGAP (Union des groupements d’achat publics) is the only French public central purchasing body. It offers :
– a presentation of the state-owned procurement, 
– advice on the access to the state-owned procurement, 
– an appreciation of the economic model regarding the rules of public sector. 
Quarkslab consulting services and products are available to purchase on the UGAP catalog through a referenced partner.


Sign up to our newsletter

Subscribe to receive Quarkslab latest news (product developments, research and publications, whitepapers…).