WareValley

Structure

WareValley’s head office is located in Seoul, South Korea. It also operates a branch office in Tokyo, Japan, which opened in the end of 2012. WareValley has market share as No.1 in Korea, Japan, Taiwan and so on based on database security.

WareValley has clients in the telecommunications, financial services, manufacturing and utilities sectors in South Korea, Japan, Taiwan and Malaysia include Samsung, Korea Telecom, Toyota, Sony, KDDI, NTT, Prudential, Chungwha Telecom, etc. WareValley has 250,000 users from 2,700 companies around the world.

Chakra

Chakra protects database and enterprise properties which are stored in database through database access control. Recently, DBMS(s) have already offered some security function so there are a lot of database infringement cases such as log integrity and information leakage abusing data access privilege by internal users rather than external users like hackers. Therefore, Chakra controls user’s database access per privilege level and then a user is able to access only the part of database according to the policy of minimum privilege or Chakra offers a function which parts of data are masked. Especially, data masking reduces burden of the performance and cost for database encryption which is the top security issue recently. Chakra locates between client which requests query to database and network stream of database and it is monitoring in/out data flow in real time. Also, it saves as audit data. Chakra guarantees log integrity for saved audit data and Chakra policy management history and it protects those safely. Also, it helps administrators to manage audit data safely by backing up those as encryption algorithm. An administrator is able to search the audit data per condition later or handle organization security audit by printing multiple documents above 14 types like *.pdf, *.doc, *.hwp, *.csv, *.xls and so on. Currently, Chakra supports 14 DBs like Oracle, IBM DB2, MS SQL, Sybase IQ, Sybase ASE, Teradata, Altibase, Tibero, Cubrid, Informix, Netezza, Mysql, PostgreSQL and Mainframe DB2.

Chakra Max

Chakra Max protects database and enterprise properties which are stored in database. The basic security method of Chakra Max is to control users’ database accesses per privilege level. It sets up access privilege for application servers or DB users causing in/out data flow in databases and then it allows reasonable transactions and blocks unreasonable transactions. It processes a work approval to the SQL execution privilege according to the organizational policy and gives limitation to only read data by providing masking data for key data like privacy information to users. Plus, it provides a function to be able to simulate before and after data in case SQL is executed to modify database. Of course, it is monitored for all traffic information and user identification information occurred in hear in real time by an administrator and saves those as auditing data. It guarantees integrity for the saved auditing data and the history of Chakra Max policy management and protects those safely. Also, it helps an administrator to manage auditing data safely by backing up those as encryption algorithm. An administrator is able to search the auditing data per condition later or handle organization security audit outputting various document forms of more than 14 types like *.pdf, *.doc, *.hwp, *.csv, *.xls and so on. As it gained the CC(Common Criteria) validation of EAL4 rating for international criteria in January 2012, it is accepted as a secure and stable solution deleted of the latest all vulnerabilities. Currently, Chakra Max supports 14 DBs like Oracle, IBM DB2, MS SQL, Sybase IQ, Sybase ASE, Teradata, Altibase, Tibero, Cubrid, Informix, Netezza, MySQL, PostgreSQL and Mainframe DB2.

Orange (Database Development and Management Solution)

As a database-client software, Orange is the tool to more exactly and quickly manage and develop database for database administrators and developers. It is easy to use for database administrators as well as developers and provides the reason and information of issues in time offering light and intuitional GUI interface. Also, it is possible to execute Orange processes of more than 16. It is designed to be minimized for resource spending without server load and you can use DB from Oracle to Altibase without any difficulty. Furthermore, it supports Instant Client, Data Pump and AWR Report of Oracle. Orange is the only solution supporting all DBMS such as Oracle, DB2, MS-SQL, SYBASE IQ, SYBASE ASE, Altibase, Tibero and Telcobase. It has been upgraded for 12 years consistently since it released 1.0 version in 2001. Now V. 5.0 is released and commercialized. It proves that it is the optimized solution for the enterprises operating database through the users over 200,000. Orange provides the suitable tool as the best class to operate databases to environment, developers and DBAs operating multi databases of various systems.

Galea (Database Encryption Solution)

Galea is a database security solution protecting properties by encrypting the enterprise key data. It minimizes to be affected to database performance due to data encryption and provides the system operation with non-stop. Also, it has the encryption module verified by a government agency and maintains availability, confidentiality and integrity of enterprise database and database encryption system based on strict security operation like as FIPS 140-2 Level. Due to introduction of Galea, there is no need to change an application connecting the existing database to enterprises and it is possible to service encryption/decryption for multiple databases concurrently. Enterprises manage customers’ data securely from intruders through Galea and they can improve their reliability preventing illegal information leakage accidents by internal users and outsourcing development companies. Also, they can cope with various local information protection laws including the privacy data protection law. Currently, Galea supports Oracle only.

Cyclone (Database Vulnerability Assessment Solution)

Cyclone inspects items which should be concerned for operating database and inherent vulnerabilities in database exactly from various angles so security administrators and database administrators can remove inherent security holes in the system. Furthermore, it suggests the best alternative which can improve the whole security level. As a database vulnerability assessment solution, Cyclone helps to understand multiple vulnerabilities in database and provide improvement of the whole security level for database through Information Gathering, Penetration Test and Security Auditing: Information Gathering is a step to figure out information property which is existing in the network range. Penetration Test and Security Auditing are steps to inspect the database security. Cyclone has key functions such as Fix Scripts removing detected vulnerabilities, suggesting improvement measures and reporting. Currently, Cyclone supports Oracle, Microsoft SQL Server, IBM DB2, Sybase ASE and MySQL as target DB for vulnerability assessmnet.