Alphabetical List of Database Security Products

Timberline Technologies Logo
HOME SECURITY PRODUCT LINKS SECURITY RESOURCES

SECURITY WORKSHOPS SECURITY ADVISORY LINKS CONTACT INFORMATION

CONSULTING SERVICES SECURITY NEWS LINKS SITE MAP

New from Timberline Technologies:

Online Cryptography Course

with Lab Exercises

Tell me more ...

Alphabetical List of Database Security Products

Disclaimer:

These links are provided as a free service to those seeking commercial information security products or shareware tools. The fact that a product is listed here is not an indication that Timberline Technologies LLC has evaluated it nor that we recommend it. The descriptive text is generally taken from the vendor's own product literature. The buyer has the ultimate responsibility to ensure that the information security product is suitable for its intended use. Please follow the links to the vendor pages to obtain more detailed information on a particular product. Additional guidance on product selection can be found in the On-Site Security Workshops.

Vendors Please Note: If your product does not appear in this index or if you feel that it has been incorrectly categorized please contact webmaster@timberlinetechnologies.com and the error will be corrected.

Important Note to Surfers: Timberline Technologies takes strict precautions to provide "safe" links. We will not knowingly provide a link to a site with dangerous active content or questionable privacy policies. Nevertheless, we can not guarantee the safety of all links provided. Those who are concerned about browsing securely are advised to use the facilities of BeHidden, safeWeb, Anonymizer or similar service.

Product Name Description

CoreGuard (Vormetric) Encryption of data at rest provides a means of enforcing access control functionality by defeating attempts to access cleartext data that bypass authorized access channels, including the acquisition of information by physical theft of storage media or hardware. The file system-aware CoreGuard encryption engine extends this capability, separating the encryption of file content from the file system metadata, which is kept in the clear. By leaving the metadata in the clear, data management applications can perform their functions without the need to expose the file content in the clear for management operations and without the need for decryption and subsequent re-encryption. This technology, known as MetaClear™ encryption, enables the separation of access to file data from the ability to view such data. By decoupling access to data from the viewing of data, MetaClear enables the enforcement of 'least privilege' security policies by permitting data management without data viewing, resolving the conflict between the need to secure data at rest and the need to manage that data.

DbEncrypt (Application Security) Easy-to-use, affordable, and effective security solution for encrypting column data within the database. DbEncrypt™ is a database encryption solution that includes a complete list of encryption algorithms to choose from, templates, and an intuitive point-and-click management interface.

Encryptionizer (NetLib) Encryptionizer encryption software delivers server-side data encryption for Microsoft SQL Server databases and columns. It provides an additional layer of security on top of Windows security and SQL Server security, in case perimeter defenses are breached. It can secure data on servers as well as on backup media. Combined with Encryptionizer for MSDE it can secure distributed databases all the way to the workstation or laptop. It supports SQL Server 2000 and SQL Server 7 Enterprise and Standard Editions.

Encryption Wizard for Oracle (Relational Database Consultants) The Encryption Wizard for Oracle is a database encryption tool designed exclusively for the Oracle RDBMS. The Encryption Wizard allows you to physically encrypt the data that resides within your database through an easy-to-use Java interface. The Encryption Wizard for Oracle is the only database encryption software in existence that allows you to specify the encryption of data at the schema, table, or column levels. Along with database encryption features, the Encryption Wizard ships with advanced security and auditing functions built on the foundation of dependable encryption techniques - an intuitive interface to Oracle's own certified and tested DBMS_Crypto and DBMS_Obfuscation_Tookit packages.

Enzo(Pyn Logic) Enzo 2005 provides a four-dimentional database access control solution that allows administrators to define unprecedented granular database access rules. The four dimensions are: User Id, Location, Time and Application (who, where, when and what). All four dimensions have to be valid for a database connection to be granted.

Ingrian Data Secure Platforms (Ingrian) Ingrian DataSecure Platforms provide an intelligent, cost-effective way to encrypt critical data in applications and databases. As a result, organizations can better ensure that they are compliant with legislative and policy mandates for security, and mitigate the risks of data thefts.

SecureDB (nCipher) SecureDB is a database security solution that delivers column level encryption to data at rest. It provides a simple and cost-effective deployment option, requiring minimal integration at the application level, while delivering granular access control. Through column level encryption selected data records can be protected, not only from external attack, but also from authorized database users without correct permissions. This ensures separation of duty between administration and security functions.

RC/Secure (Computer Associates) Manages database security privileges in DB2 for OS/390. It augments DB2's own security, giving administrators more flexibility, efficiency, ease-of-use, and control in protecting information resources.

Secure.Manager (Protegrity) Secure.Manager is the central point of control for the administration and management of corporate security policies and procedures. It defines user settings, roles, privileges, sensitive data, encryption algorithms and keys, and security parameters.

Designed to meet the security needs of large distributed enterprises, Secure.Manager can deploy the security policy database on one or more servers that may be centrally located or globally dispersed. It is so flexible that you can perform global updates of privileges or capabilities without having to modify the authorizations of every individual user.

Secure.Server (Protegrity) Secure.Server is the run-time component of Secure.Data, enforcing security policies created in Secure.Manager. Residing inside the database, Secure.Data provides a layer of protection between end users and the data itself. Secure.Server plugs into the database as a security middleware component, implementing full access control to database tables. With our patented technology, Secure.Server guards all Read, Update, Insert, and Delete rights down to column and row levels for specific users. When enforcing security policy, Secure.Server checks user authorization according to identity, role, or organization before granting access rights. By physically encrypting the data sitting inside the tables, the data is kept off limits to unauthorized users.

SQL AuditGuard (Guardium) An integrated part of our SQL Guard Security Suite, SQL AuditGuard automates otherwise cumbersome auditing procedures and compliance reporting. Using SQL AuditGuard, your organization can continuously monitor, track, report, and follow on database access activities and exceptions with ease.

SQL Guard (Guardium) The SQL Guard secured platform is a self-contained, family of network-based servers. When placed on the network, SQL Guard can be used to efficiently monitor, report, and manage database access activities.

Agent-based and other log mining technologies require significant system integration and can bring with them multiple risks when deployed to monitor critical databases. SQL Guard eliminates these complexities and hazards. The SQL Guard server easily attaches to network interfaces in passive or database firewall mode to deliver non-intrusive data access monitoring and controls.

SQL HealthGuard (Guardium) As part of our SQL Guard Security Suite, SQL HealthGuard offers a clear view of database security activities without impacting your environment. The solution contains two applications: the Security Health Assessment and Client Server Access Map.

The Security Health Assessment provides a current evaluation of database security health, with real time and historical measurements compared against preconfigured metrics. The application also generates a security health report card, which offers easily understood measurements and charts regarding database security conditions.

SQL PolicyGuard (Guardium) An integral element of our SQL Guard Security Suite, SQL PolicyGuard monitors and controls database access through policies you create based on corporate and regulatory needs.

The information garnered by the SQL Guard server is used by SQL PolicyGuard to automatically define a policy baseline. This baseline enables a real world understanding of database access activities. The baseline becomes the foundation on which you can build additional enforceable rules, as well as utilize the automatically generated rules suggested by SQL PolicyGuard. You can then create real time alerts to allow you to take swift action when necessary to keep your databases safe.

HOME	SECURITY PRODUCT LINKS	SECURITY RESOURCES
SECURITY WORKSHOPS	SECURITY ADVISORY LINKS	CONTACT INFORMATION
CONSULTING SERVICES	SECURITY NEWS LINKS	SITE MAP

Product Name	Description
CoreGuard (Vormetric)	Encryption of data at rest provides a means of enforcing access control functionality by defeating attempts to access cleartext data that bypass authorized access channels, including the acquisition of information by physical theft of storage media or hardware. The file system-aware CoreGuard encryption engine extends this capability, separating the encryption of file content from the file system metadata, which is kept in the clear. By leaving the metadata in the clear, data management applications can perform their functions without the need to expose the file content in the clear for management operations and without the need for decryption and subsequent re-encryption. This technology, known as MetaClear™ encryption, enables the separation of access to file data from the ability to view such data. By decoupling access to data from the viewing of data, MetaClear enables the enforcement of 'least privilege' security policies by permitting data management without data viewing, resolving the conflict between the need to secure data at rest and the need to manage that data.
DbEncrypt (Application Security)	Easy-to-use, affordable, and effective security solution for encrypting column data within the database. DbEncrypt™ is a database encryption solution that includes a complete list of encryption algorithms to choose from, templates, and an intuitive point-and-click management interface.
Encryptionizer (NetLib)	Encryptionizer encryption software delivers server-side data encryption for Microsoft SQL Server databases and columns. It provides an additional layer of security on top of Windows security and SQL Server security, in case perimeter defenses are breached. It can secure data on servers as well as on backup media. Combined with Encryptionizer for MSDE it can secure distributed databases all the way to the workstation or laptop. It supports SQL Server 2000 and SQL Server 7 Enterprise and Standard Editions.
Encryption Wizard for Oracle (Relational Database Consultants)	The Encryption Wizard for Oracle is a database encryption tool designed exclusively for the Oracle RDBMS. The Encryption Wizard allows you to physically encrypt the data that resides within your database through an easy-to-use Java interface. The Encryption Wizard for Oracle is the only database encryption software in existence that allows you to specify the encryption of data at the schema, table, or column levels. Along with database encryption features, the Encryption Wizard ships with advanced security and auditing functions built on the foundation of dependable encryption techniques - an intuitive interface to Oracle's own certified and tested DBMS_Crypto and DBMS_Obfuscation_Tookit packages.
Enzo(Pyn Logic)	Enzo 2005 provides a four-dimentional database access control solution that allows administrators to define unprecedented granular database access rules. The four dimensions are: User Id, Location, Time and Application (who, where, when and what). All four dimensions have to be valid for a database connection to be granted.
Ingrian Data Secure Platforms (Ingrian)	Ingrian DataSecure Platforms provide an intelligent, cost-effective way to encrypt critical data in applications and databases. As a result, organizations can better ensure that they are compliant with legislative and policy mandates for security, and mitigate the risks of data thefts.
SecureDB (nCipher)	SecureDB is a database security solution that delivers column level encryption to data at rest. It provides a simple and cost-effective deployment option, requiring minimal integration at the application level, while delivering granular access control. Through column level encryption selected data records can be protected, not only from external attack, but also from authorized database users without correct permissions. This ensures separation of duty between administration and security functions.
RC/Secure (Computer Associates)	Manages database security privileges in DB2 for OS/390. It augments DB2's own security, giving administrators more flexibility, efficiency, ease-of-use, and control in protecting information resources.
Secure.Manager (Protegrity)	Secure.Manager is the central point of control for the administration and management of corporate security policies and procedures. It defines user settings, roles, privileges, sensitive data, encryption algorithms and keys, and security parameters. Designed to meet the security needs of large distributed enterprises, Secure.Manager can deploy the security policy database on one or more servers that may be centrally located or globally dispersed. It is so flexible that you can perform global updates of privileges or capabilities without having to modify the authorizations of every individual user.
Secure.Server (Protegrity)	Secure.Server is the run-time component of Secure.Data, enforcing security policies created in Secure.Manager. Residing inside the database, Secure.Data provides a layer of protection between end users and the data itself. Secure.Server plugs into the database as a security middleware component, implementing full access control to database tables. With our patented technology, Secure.Server guards all Read, Update, Insert, and Delete rights down to column and row levels for specific users. When enforcing security policy, Secure.Server checks user authorization according to identity, role, or organization before granting access rights. By physically encrypting the data sitting inside the tables, the data is kept off limits to unauthorized users.
SQL AuditGuard (Guardium)	An integrated part of our SQL Guard Security Suite, SQL AuditGuard automates otherwise cumbersome auditing procedures and compliance reporting. Using SQL AuditGuard, your organization can continuously monitor, track, report, and follow on database access activities and exceptions with ease.
SQL Guard (Guardium)	The SQL Guard secured platform is a self-contained, family of network-based servers. When placed on the network, SQL Guard can be used to efficiently monitor, report, and manage database access activities. Agent-based and other log mining technologies require significant system integration and can bring with them multiple risks when deployed to monitor critical databases. SQL Guard eliminates these complexities and hazards. The SQL Guard server easily attaches to network interfaces in passive or database firewall mode to deliver non-intrusive data access monitoring and controls.
SQL HealthGuard (Guardium)	As part of our SQL Guard Security Suite, SQL HealthGuard offers a clear view of database security activities without impacting your environment. The solution contains two applications: the Security Health Assessment and Client Server Access Map. The Security Health Assessment provides a current evaluation of database security health, with real time and historical measurements compared against preconfigured metrics. The application also generates a security health report card, which offers easily understood measurements and charts regarding database security conditions.
SQL PolicyGuard (Guardium)	An integral element of our SQL Guard Security Suite, SQL PolicyGuard monitors and controls database access through policies you create based on corporate and regulatory needs. The information garnered by the SQL Guard server is used by SQL PolicyGuard to automatically define a policy baseline. This baseline enables a real world understanding of database access activities. The baseline becomes the foundation on which you can build additional enforceable rules, as well as utilize the automatically generated rules suggested by SQL PolicyGuard. You can then create real time alerts to allow you to take swift action when necessary to keep your databases safe.