Penta Security
Private | |
Industry | IT Security |
Founded | 1997 |
Headquarters | Seoul, Republic of Korea |
Area served | Australia, China, Indonesia, Japan, Malaysia, Philippine, Rwanda, Singapore, South Korea, Thailand, United States (Alphabetical Order) |
Key people |
|
Products |
|
Number of employees | 200+ (2016) |
Website |
www |
Penta Security Systems, Inc. (Korean: 펜타시큐리티시스템㈜) is an information technology (IT) security firm headquartered in Seoul, South Korea. Penta Security offers web application security, database security, and single sign-on solutions.[1]
History
Establishment and growth
Founded in 1997 by Seokwoo Lee,[2] and headquartered in Seoul, South Korea, Penta Security Systems Inc. is a provider of web application security products and core technology, with more than 2,200 installed customers in government, large enterprise, small and medium business, education, and finance and medical institutions.
Vision
In 2012, Penta Security announced its slogan as “Trust for an Open Society.” CEO/Founder Seokwoo Lee explained “People can trust each other when they’re protected. With Penta Security’s technology, we want to help people communicate and exchange information with each other without any anxiety.”[3]
Subsidiaries and international expansion
Its Japanese Office, Penta Security Systems K.K., was incorporated in Akasaka, Tokyo, Japan in 2009, and Penta Security System Corporation was found in Texas, the United States in 2014. Together, Penta Security Systems, Inc., Penta Security Systems K.K and Penta Security Corp are focused on the goal of meeting the IT security needs and requirements of organizations from South Korea to Japan (2009), Thailand (2010), Malaysia (2011), Singapore (2010) Taiwan (2011), Australia (2011), Indonesia (2011), Rwanda (2013), the United States (2013)[4]
Security R&D center
Penta Security has its own R&D center, so that researchers can conduct independent technology studies for the company. The R&D center has over 70 research specialists out of a total 150 employees. Penta Security is also fostering future information security officers by hiring employees from vocational high schools and university collaboration programs for its R&D center.[5]
Industry recognition
- In 2003, Penta Security was awarded by the South Korean government for completing the e-Government project
- In 2006, D’Amo received the GS (Good Software) Certification from the Telecommunications Technology Association of Korea[6]
- In 2007, WAPPLES received the GS (Good Software) Certification from the Telecommunications Technology Association of Korea[7][8]
- In 2008, WAPPLES received CC (Common Criteria) Certification
- In 2008, WAPPLES received Security Compatibility Certification from the South Korean National Intelligence Service
- In 2008, WAPPLES received the Intelligent Product Award from South Korea’s Intelligent Information System Society[9]
- In 2009, WAPPLES received the Grand Prize in New Software Product from the South Korean Ministry of Knowledge and Economy[10]
- In 2009, WAPPLES acquired a Certificate of Compliance to PCI-DSS ver. 1.2 Requirement 6.6'[11]
- In 2009, Penta Security received the "Prime Minister’s Award" in the New Technology Commercialization category from the Korean Ministry of Knowledge and Economy[12]
- In 2010, WAPPLES received the Grand Prize at the 9th Korea Software Competitiveness Awards[13]
- In 2010, Seokwoo Lee was honored in the Senior Information Security Professional category at the International Information System Security Certification Consortium (ISC)² Fourth Asia-Pacific Information Security Leadership Achievements Program.[14]
- In 2010, WAPPLES earned the IPv6 Ready Silver Logo (IPv6)[15]
- In 2011, Penta Security became a member of the Open Web Application Security Project (OWASP)[16]
- Penta Security's database security solution, D’Amo 2.3, received SAP certification[17][18]
- In 2012, WAPPLES V-Series became certified as a VMware Ready product.
- In 2012, WAPPLES received international Common Criteria (CC) certification.
- In 2012, Penta Security received the Venture-Startup 2012 Contributor Award.
- In 2012, Penta Security won the "Minister of Knowledge and Economy's Award" for contribution to the information security industries.
- In 2012, Penta Security received ISO 9001:2008, ISO 14001:2004 from ISO
- In 2013, ISign+ received the GS (Good Software) Certification from the Telecommunications Technology Association of Korea
- In 2013, WAPPLES received ‘Web Application Firewall of the Year’ from Frost & Sullivan
- In 2013, Penta Security won the “Ministry of Science, ICT and Future Planning’ Award” in IT Innovation Award
- In 2014, WAPPLES received the “Web Application Firewall of the Year” from Frost & Sullivan for the second year in a row[19]
- In 2014, WAPPLES received recognition from the Telecommunication Technology Association
- In 2015, WAPPLES received ICSA Labs WAF Certification[20]
Key People
- Seokwoo Greg Lee (CEO/Founder)
- Duk Soo Kim (Executive Director)
- Gi Seung Kim (CFO)
- Jaeson Yoo (SVP of Business Development)
Products and Services
Enterprise Solutions
Web Application Firewall (WAF): WAPPLES
WAPPLES, originally launched in 2005, is a web application firewall (Application layer firewall) that operates on a logic analysis based engine.[21] This web application firewall enables users to protect their web applications from the top ten most critical web application security risks of 2010, as outlined by OWASP.[22][23] WAPPLES received a Certificate of Compliance to PCI-DSS ver. 1.2 Requirement 6.6[24] common criteria (CC) certification, and is IPv6 ready.[25] WAPPLES has obtained patents in Korea for ‘Method for Detecting a Web Application Attack’ (Patent No. 10-2010-0064363) and ‘Method for Detecting a Web Attack Based on a Security Rule’ (Patent No. 10-2009-0077410), and Penta Security has submitted applications for comparable patents in the US, China, and Japan. In January 2012, WAPPLES was granted a Japanese patent for its algorithm-based, application-layer attack detection engine (Patent No. 2012-014667).[26] Other WAPPLES family products include WAPPLES MS, a centralized management system allowing integrated management of groups of WAPPLES units, and WAPPLES V-Series, a virtual, cloud computing-based equivalent to WAPPLES.[27] Penta Security publishes Intelligent Customer Support (ICS) Report, a web attack trend analysis report based on statistical information gathered from the logs detected by installed WAPPLES customers. The report is issued every quarter through Penta Security website (www.pentasecurity.com). The report includes statistical information corresponding to the WAPPLES rules, top 10 OWASP vulnerabilities, source countries of web attacks, attack purposes etc.
Data Encryption: D’Amo
First released in 2004, D’Amo is data encryption software that enables database security via encryption, access control and audit. D’Amo enables high-speed encryption by column, and allows for the separation of database management from security management through two-tiered access control. Penta Security has patented D’Amo’s ‘Index Column Encryption Method.’[28] Additionally, this product has received the GS (Good Software) Certification from the Telecommunications Technology Association of Korea,[29] as well as several awards from the South Korean government.[30] D’Amo holds three patents, two in Korea and one in the United States. The patents held in Korea are Patent No. 10-0698834, ‘Index Column Encryption Method’ and Patent No. 10-0859162, ‘Query processing system and method for database with encrypted columns by query encryption transformation.’ D’Amo holds a patent for the latter in the US as well, under Patent No.2009/0100033.[31] In August 2011, D’Amo version 2.3 received certification for integration with SAP NetWeaver.[32][33]
Total user authentication solution : ISign+
ISign+ is a sensible SSO/WAM solution with fast implementation (up to 10 systems in one week) at an economic cost. One-step user authorization make possible for various applications such as groupware, multiple server environments, public web services and so on. And utilizes multiple authentication methods, including public-key infrastructure, biometrics, and mobile OTP. ISign+ are equipped with all the functions of hardware type then building period and the cost is low. In addition, ISign+ products holds Good Software certification from the Telecommunications Technology Association of Korea. With its token-method authentication system, ISign+ addresses the authentication and session management problem, which is the second biggest threat factor among the “Top 10 Web Application Vulnerabilities,” released by OWASP in 2013.
Small & medium business packages
Database security solution for MySQL : MyDiamo
MyDiamo was launched as a database security solution for MySQL in 2013. MyDiamo now also supports MariaDB with its DB encryption and comprehensive security features. The product applies world-class technology, including international standard algorithms such as AES, one-way encryption for password security, partial encryption for DB indexing, masking for credit cards, and more. MyDiamo’s engine-level encryption provides both a high level of security and performance. Drawing upon the technology and experience from Penta’ Security’s encryption solution D’Amo, MyDiamo has been developed as a software for open source databases, first supporting MySQL and then MariaDB. MyDiamo can be downloaded and installed from its website: www.mydiamo.com. The software is free for non-profit personal use. These MyDiamo features include:
- International standard encryption algorithms (AES, Triple DES, etc.)
- Authority access controls
- Column-level encryption privilege controls
- Auditing functionality
Global cloud WAF: Cloudbric
Launched in November 2014, Cloudbric currently protects about 1,200 customers worldwide as a cloud-based WAF service. Cloudbric delivers the similar functionalities to WAPPLES, an appliance type WAF, providing web hacking protection, personal info leakage prevention, DDoS prevention and more. Cloudbric is very easy to use, so that anyone providing web services can use Penta Security’s high-performance WAF service with a simple sign-up and online payments. The service is charged based on the amount of traffic used, so that start-ups and small/medium-sized business, who don’t have enough budget for expensive web application firewall appliances, can use WAF services without substantial enterprise-level costs. Also, people who are inexperienced with web security can install and apply the service by following the step-by-step instruction. The web administrators can monitor web security status intuitively with a graphic user interface that is available 24/365, so that they can respond to any threat in a timely manner.
Milestones
1997
- Penta Security Systems was founded
1998
- ISSAC, Penta Security’s data encryption solution, was introduced[34]
- Siren, an intrusion detection system, was introduced
- Penta Security Lab was founded
1999
- Penta Security launched the first database security business in South Korea
2001
- Penta Security introduced their ISign EAM solution[35]
2002
2004
- D’Amo, Penta Security’s database security solution, was introduced[37]
- Penta Security extended sales of D’Amo to Japan
2005
- WAPPLES, Penta Security’s web application firewall (web application security) product, was introduced
2006
- Penta Security established a local office in Akasaka, Tokyo, Japan
- D’Amo for SQL servers was introduced[38]
2008
- D’Amo for DB2 was introduced[39]
2009
- The official Japanese subsidiary branch, Penta Security Systems K.K., was incorporated[40]
2010
- WAPPLES v. 3.0 received Common Criteria certification[41]
2011
- WAPPLES V-Series, Penta Security’s cloud computing-based web application firewall (web application security), was introduced[42]
- PKI solution, ISign+, was introduced in June 2011
- Penta Security's database security solution, D’Amo 2.3, received SAP certification[43][44]
2012
- Penta Security releases MyDiamo, an advanced encryption suite for open source database, MySQL.
- Penta Security celebrated its 15th anniversary
- WAPPLES was granted a Japanese patent for its algorithm-based, application-layer attack detection engine.[45]
2013
- MyDiamo, engine–level encryption solutions, launched for MySQL and MariaDB
- Real-time web application firewall inspection service WMP (WAPPLES Management Portal) start
- Japan’s cloud-type web application firewall service WCSP (WAPPLES Cloud Service Platform) launch
2014
- Korea’s first vehicle communication security technology acquisition (Full implementation of IEEE 1609.2 standard and apply the test best)
- The official United States subsidiary, Penta Security Systems Corporation was incorporated.
2015
- WAPPLES continues to lead in the Asia Pacific market for third consecutive year[46]
- WAPPLES received ICSA Labs WAF Certification[20]
Marketing and corporate culture
Active marketing communication
Unlike other B2B companies, Penta Security conducts active marketing communication efforts. Penta Security hires college marketers and holds networking parties for college students. The marketing communications aren’t simply to improving Penta Security’s brand recognition. Their bigger goal is to lead the popularization of information security. Also, Penta Security updates its company blog regularly, so that individuals who are not familiar with information security can gain meaningful insights for their own organizations.
Corporate culture
Penta Security emphasizes a kind of horizontal organizational culture that is rare even in the IT industry. It is also well known for great clubs and programs for its employees. The company has been selected as one of the “company that people want to work for” from 2012 to 2013 in South Korea. Penta Security practices social conscientiousness by holding an annual charity auction, and donating all the profit from the auction to “Ae Ran Won,” a single mothers’ shelter
See also
- IT Security
- Computer security
- Network security
- Economy of South Korea
- List of Korean companies
- List of Korea-related topics
History |
---|
Business culture |
Industries |
Regional |
Related topics |
References
- ↑ Bloomberg Businessweek. "Penta Security Systems, Inc. Snapshot" Retrieved on 7 November 2011.
- ↑ Bloomberg Businessweek. "Penta Security Systems Inc. Executive Profile: Seokwoo Lee" Retrieved on 7 November 2011
- ↑ "Penta Security Systems, Inc." Retrieved on 7 November 2011
- ↑ "Penta Security Systems, Inc." Retrieved on 07 November 2011
- ↑ Retrieved on 17 June 2014
- ↑ TTA인증제품목록 "인증기업 및 제품 상세보기: D'Amo" Retrieved on 7 November 2011
- ↑ TTA인증제품목록 "인증기업 및 제품 상세보기: WAPPLES" Retrieved on 7 November 2011
- ↑ Korean Information Security Industry Portal "Penta Security, Web fire Wall WAPPLES received the GS certificate" Retrieved on 16 November 2011
- ↑ Korea Intelligent Information System Society "학술논문상" Retrieved on 7 November 2011
- ↑ etnews.com "신SW 상품대상 3월·4월 수상작 일반 및 임베디드 SW 부문" 30 April 2009, Retrieved 22 November 2011
- ↑ JCN Newswire, "Penta Security’s Web Application Firewall, WAPPLES, Awarded PCI DSS Certification in Japan" Published 15 December 2009, Retrieved on 7 November 2011.
- ↑ boannews.com "펜타시큐리티, 2009 신기술실용화 국무총리 표창 수상" by Jeongwon Kim, 7 November 2009, Retrieved 22 November 2011
- ↑ etnews.com "대한민국 SW기업 경쟁력 대상 SW의 금메달리스트들, 세계 향해 날차기" by Insoon Kim, 24 February 2010, Retrieved 22 November 2011
- ↑ (ISC)² "News for Immediate Release" by Kitty Chung, 15 July 2010, retrieved on 15 November 2011.
- ↑ IPv6Ready.org "Details of Logo 01-000553" Retrieved on 23 November 2011.
- ↑ OWASP The Open Web Application Security Project, "Membership", Retrieved on 17 November 2011
- ↑ Digital Times "ERP DB암호화 펜타시큐리티시스템 디아모" 24 October 2011, Retrieved 22 November 2011
- ↑ SAP "Partner Information Solution Details" 8 Aug 2011, Retrieved 5 December 2011
- ↑ boannews.com "펜타시큐리티,'2014 올해의 웹방화벽'부문 수상 by 김태형, 2014년 6월 23일
- 1 2 "WAPPLES | ICSA Labs". www.icsalabs.com. Retrieved 2016-03-31.
- ↑ "Penta Security Systems, Inc.: WAPPLES" Retrieved on 7 November 2011.
- ↑ OWASP The Open Web Application Security Project, "OWASP Top 10 for 2010" Last updated on 17 July 2011, retrieved on 15 November 2011.
- ↑ OWASP The Open Web Application Security Project, "Web Application Firewall" Last modified on 8 November 2011, retrieved on 15 November 2011.
- ↑ JCN Newswire, "Penta Security’s Web Application Firewall, WAPPLES, Awarded PCI DSS Certification in Japan" Published 15 December 2009, Retrieved on 7 November 2011.
- ↑ IPv6Ready.org "Details of Logo 01-000553" Retrieved on 23 November 2011.
- ↑ Asta Muse World Knowledge Agent "ウェブアプリケーション攻撃の検知方法" Retrieved 22 February 2012
- ↑ Quantiq International "Penta Security Launches WAPPLES V-Series, a virtual version of its market-leading Web Application Firewall for Cloud Computing" Published 31 October 2011, Retrieved 7 November 2011.
- ↑ Y.P. Lee, Mock & Partners, Patents, Trademarks, Copyrights Since 1985. "Patent over index column encoding granted" Published 23 April 2007, Retrieved on 7 November 2011.
- ↑ TTA인증제품목록 "인증기업 및 제품 상세보기: D’Amo " Retrieved on 15 November 2011.
- ↑ "Penta Security Awards and Certifications" retrieved on 15 November 2011
- ↑ D'Amo Patent photograph taken 5 December 2011, Retrieved 6 December 2011
- ↑ SAP "Partner Information Solution Details" 8 Aug 2011, Retrieved 5 December 2011
- ↑ Boan News "펜타시큐리티, SAP DB보안 시장진출 본격 시동" by TaeHyeong Kim, 30 Aug 2011, Retrieved 5 December 2011
- ↑ Korea Information Security Industry Portal "Penta Security Systems, Inc. Company Info" Retrieved on 15 November 2011.
- ↑ Naver News "로그인 한번으로 수십개 전산시스템 접속..'싱글사이온' 선봬" by T.W. Kim, 23 May 2001, Retrieved 22 Nov 2011
- ↑ Naver News "펜타시큐리티, 공무원 인증서 발급용 최상위 인증기관 (GPKI RootCA) 구축" by Hyeona Kim, 9 September 2002, Retrieved 22 November 2011
- ↑ Naver News "펜타시큐리티시스템, DB 보안솔루션 출시" by Dongjun Jang, 29 March 2004, Retrieved 22 November 2011
- ↑ Digital Daily "펜타시큐리티, SQL서버 DB정보 보안 솔루션 출시" by Yuji Lee, 30 October 2006, Retrieved 22 November 2011
- ↑ Digital Times "펜타시큐리티, HW 일체형 DB보안 솔루션 출시" by Hongseok Lee, 9 June 2008, Retrieved 22 November 2011
- ↑ Digital Times "펜타시큐리티, 일 지사 설립" by Jingyu Kang, 9 February 2009, Retrieved 22 November 2011
- ↑ boannews.com "펜타시큐리티, 웹방화벽 ‘와플’ 4개 모델 CC인증 획득" by Jeongwon Kim, 21 June 2010, Retrieved 22 November 2011
- ↑ Quantiq International "Penta Security Launches WAPPLES V-Series, a virtual version of its market-leading Web Application Firewall (web application security) for Cloud Computing" Published 31 October 2011, Retrieved 15 November 2011.
- ↑ Digital Times "ERP DB암호화 펜타시큐리티시스템 디아모" 24 October 2011, Retrieved 22 November 2011
- ↑ SAP "Partner Information Solution Details" 8 Aug 2011, Retrieved 5 December 2011
- ↑ Asta Muse World Knowledge Agent "ウェブアプリケーション攻撃の検知方法" Retrieved 22 February 2012
- ↑ "Frost & Sullivan: Penta Security, Imperva, F5 Networks and NSFOCUS identified as champions in the Asia Pacific Web Application Firewall Frost IQ matrix". Frost & Sullivan. Retrieved 2016-03-31.