Penta Security

Penta Security Systems Inc.
펜타시큐리티시스템
Private
Industry IT Security
Founded 1997
Headquarters Seoul, Republic of Korea
Area served
 Australia, China, Indonesia, Japan, Malaysia, Philippine, Rwanda, Singapore, South Korea, Thailand, United States (Alphabetical Order)
Key people
Products
Number of employees
 200+ (2016)
Website www.pentasecurity.com/en/

Penta Security Systems, Inc. (Korean: 펜타시큐리티시스템㈜) is an information technology (IT) security firm headquartered in Seoul, South Korea. Penta Security offers web application security, database security, and single sign-on solutions.[1]

History

Establishment and growth

Founded in 1997 by Seokwoo Lee,[2] and headquartered in Seoul, South Korea, Penta Security Systems Inc. is a provider of web application security products and core technology, with more than 2,200 installed customers in government, large enterprise, small and medium business, education, and finance and medical institutions.

Vision

In 2012, Penta Security announced its slogan as “Trust for an Open Society.” CEO/Founder Seokwoo Lee explained “People can trust each other when they’re protected. With Penta Security’s technology, we want to help people communicate and exchange information with each other without any anxiety.”[3]

Subsidiaries and international expansion

Its Japanese Office, Penta Security Systems K.K., was incorporated in Akasaka, Tokyo, Japan in 2009, and Penta Security System Corporation was found in Texas, the United States in 2014. Together, Penta Security Systems, Inc., Penta Security Systems K.K and Penta Security Corp are focused on the goal of meeting the IT security needs and requirements of organizations from South Korea to Japan (2009), Thailand (2010), Malaysia (2011), Singapore (2010) Taiwan (2011), Australia (2011), Indonesia (2011), Rwanda (2013), the United States (2013)[4]

Security R&D center

Penta Security has its own R&D center, so that researchers can conduct independent technology studies for the company. The R&D center has over 70 research specialists out of a total 150 employees. Penta Security is also fostering future information security officers by hiring employees from vocational high schools and university collaboration programs for its R&D center.[5]

Industry recognition

Key People

Products and Services

Enterprise Solutions

Web Application Firewall (WAF): WAPPLES

WAPPLES, originally launched in 2005, is a web application firewall (Application layer firewall) that operates on a logic analysis based engine.[21] This web application firewall enables users to protect their web applications from the top ten most critical web application security risks of 2010, as outlined by OWASP.[22][23] WAPPLES received a Certificate of Compliance to PCI-DSS ver. 1.2 Requirement 6.6[24] common criteria (CC) certification, and is IPv6 ready.[25] WAPPLES has obtained patents in Korea for ‘Method for Detecting a Web Application Attack’ (Patent No. 10-2010-0064363) and ‘Method for Detecting a Web Attack Based on a Security Rule’ (Patent No. 10-2009-0077410), and Penta Security has submitted applications for comparable patents in the US, China, and Japan. In January 2012, WAPPLES was granted a Japanese patent for its algorithm-based, application-layer attack detection engine (Patent No. 2012-014667).[26] Other WAPPLES family products include WAPPLES MS, a centralized management system allowing integrated management of groups of WAPPLES units, and WAPPLES V-Series, a virtual, cloud computing-based equivalent to WAPPLES.[27] Penta Security publishes Intelligent Customer Support (ICS) Report, a web attack trend analysis report based on statistical information gathered from the logs detected by installed WAPPLES customers. The report is issued every quarter through Penta Security website (www.pentasecurity.com). The report includes statistical information corresponding to the WAPPLES rules, top 10 OWASP vulnerabilities, source countries of web attacks, attack purposes etc.

Data Encryption: D’Amo

First released in 2004, D’Amo is data encryption software that enables database security via encryption, access control and audit. D’Amo enables high-speed encryption by column, and allows for the separation of database management from security management through two-tiered access control. Penta Security has patented D’Amo’s ‘Index Column Encryption Method.’[28] Additionally, this product has received the GS (Good Software) Certification from the Telecommunications Technology Association of Korea,[29] as well as several awards from the South Korean government.[30] D’Amo holds three patents, two in Korea and one in the United States. The patents held in Korea are Patent No. 10-0698834, ‘Index Column Encryption Method’ and Patent No. 10-0859162, ‘Query processing system and method for database with encrypted columns by query encryption transformation.’ D’Amo holds a patent for the latter in the US as well, under Patent No.2009/0100033.[31] In August 2011, D’Amo version 2.3 received certification for integration with SAP NetWeaver.[32][33]

Japanese patent for D'Amo. Obtained in April, 2012

Total user authentication solution : ISign+

ISign+ is a sensible SSO/WAM solution with fast implementation (up to 10 systems in one week) at an economic cost. One-step user authorization make possible for various applications such as groupware, multiple server environments, public web services and so on. And utilizes multiple authentication methods, including public-key infrastructure, biometrics, and mobile OTP. ISign+ are equipped with all the functions of hardware type then building period and the cost is low. In addition, ISign+ products holds Good Software certification from the Telecommunications Technology Association of Korea. With its token-method authentication system, ISign+ addresses the authentication and session management problem, which is the second biggest threat factor among the “Top 10 Web Application Vulnerabilities,” released by OWASP in 2013.

Small & medium business packages

Database security solution for MySQL : MyDiamo

MyDiamo was launched as a database security solution for MySQL in 2013. MyDiamo now also supports MariaDB with its DB encryption and comprehensive security features. The product applies world-class technology, including international standard algorithms such as AES, one-way encryption for password security, partial encryption for DB indexing, masking for credit cards, and more. MyDiamo’s engine-level encryption provides both a high level of security and performance. Drawing upon the technology and experience from Penta’ Security’s encryption solution D’Amo, MyDiamo has been developed as a software for open source databases, first supporting MySQL and then MariaDB. MyDiamo can be downloaded and installed from its website: www.mydiamo.com. The software is free for non-profit personal use. These MyDiamo features include:

Global cloud WAF: Cloudbric

Launched in November 2014, Cloudbric currently protects about 1,200 customers worldwide as a cloud-based WAF service. Cloudbric delivers the similar functionalities to WAPPLES, an appliance type WAF, providing web hacking protection, personal info leakage prevention, DDoS prevention and more. Cloudbric is very easy to use, so that anyone providing web services can use Penta Security’s high-performance WAF service with a simple sign-up and online payments. The service is charged based on the amount of traffic used, so that start-ups and small/medium-sized business, who don’t have enough budget for expensive web application firewall appliances, can use WAF services without substantial enterprise-level costs. Also, people who are inexperienced with web security can install and apply the service by following the step-by-step instruction. The web administrators can monitor web security status intuitively with a graphic user interface that is available 24/365, so that they can respond to any threat in a timely manner.

Milestones

1997

1998

1999

2001

2002

2004

2005

2006

2008

2009

2010

2011

2012

2013

2014

2015

Marketing and corporate culture

Active marketing communication

Unlike other B2B companies, Penta Security conducts active marketing communication efforts. Penta Security hires college marketers and holds networking parties for college students. The marketing communications aren’t simply to improving Penta Security’s brand recognition. Their bigger goal is to lead the popularization of information security. Also, Penta Security updates its company blog regularly, so that individuals who are not familiar with information security can gain meaningful insights for their own organizations.

Corporate culture

Penta Security emphasizes a kind of horizontal organizational culture that is rare even in the IT industry. It is also well known for great clubs and programs for its employees. The company has been selected as one of the “company that people want to work for” from 2012 to 2013 in South Korea. Penta Security practices social conscientiousness by holding an annual charity auction, and donating all the profit from the auction to “Ae Ran Won,” a single mothers’ shelter

See also

References

  1. Bloomberg Businessweek. "Penta Security Systems, Inc. Snapshot" Retrieved on 7 November 2011.
  2. Bloomberg Businessweek. "Penta Security Systems Inc. Executive Profile: Seokwoo Lee" Retrieved on 7 November 2011
  3. "Penta Security Systems, Inc." Retrieved on 7 November 2011
  4. "Penta Security Systems, Inc." Retrieved on 07 November 2011
  5. Retrieved on 17 June 2014
  6. TTA인증제품목록 "인증기업 및 제품 상세보기: D'Amo" Retrieved on 7 November 2011
  7. TTA인증제품목록 "인증기업 및 제품 상세보기: WAPPLES" Retrieved on 7 November 2011
  8. Korean Information Security Industry Portal "Penta Security, Web fire Wall WAPPLES received the GS certificate" Retrieved on 16 November 2011
  9. Korea Intelligent Information System Society "학술논문상" Retrieved on 7 November 2011
  10. etnews.com "신SW 상품대상 3월·4월 수상작 일반 및 임베디드 SW 부문" 30 April 2009, Retrieved 22 November 2011
  11. JCN Newswire, "Penta Security’s Web Application Firewall, WAPPLES, Awarded PCI DSS Certification in Japan" Published 15 December 2009, Retrieved on 7 November 2011.
  12. boannews.com "펜타시큐리티, 2009 신기술실용화 국무총리 표창 수상" by Jeongwon Kim, 7 November 2009, Retrieved 22 November 2011
  13. etnews.com "대한민국 SW기업 경쟁력 대상 SW의 금메달리스트들, 세계 향해 날차기" by Insoon Kim, 24 February 2010, Retrieved 22 November 2011
  14. (ISC)² "News for Immediate Release" by Kitty Chung, 15 July 2010, retrieved on 15 November 2011.
  15. IPv6Ready.org "Details of Logo 01-000553" Retrieved on 23 November 2011.
  16. OWASP The Open Web Application Security Project, "Membership", Retrieved on 17 November 2011
  17. Digital Times "ERP DB암호화 펜타시큐리티시스템 디아모" 24 October 2011, Retrieved 22 November 2011
  18. SAP "Partner Information Solution Details" 8 Aug 2011, Retrieved 5 December 2011
  19. boannews.com "펜타시큐리티,'2014 올해의 웹방화벽'부문 수상 by 김태형, 2014년 6월 23일
  20. 1 2 "WAPPLES | ICSA Labs". www.icsalabs.com. Retrieved 2016-03-31.
  21. "Penta Security Systems, Inc.: WAPPLES" Retrieved on 7 November 2011.
  22. OWASP The Open Web Application Security Project, "OWASP Top 10 for 2010" Last updated on 17 July 2011, retrieved on 15 November 2011.
  23. OWASP The Open Web Application Security Project, "Web Application Firewall" Last modified on 8 November 2011, retrieved on 15 November 2011.
  24. JCN Newswire, "Penta Security’s Web Application Firewall, WAPPLES, Awarded PCI DSS Certification in Japan" Published 15 December 2009, Retrieved on 7 November 2011.
  25. IPv6Ready.org "Details of Logo 01-000553" Retrieved on 23 November 2011.
  26. Asta Muse World Knowledge Agent "ウェブアプリケーション攻撃の検知方法" Retrieved 22 February 2012
  27. Quantiq International "Penta Security Launches WAPPLES V-Series, a virtual version of its market-leading Web Application Firewall for Cloud Computing" Published 31 October 2011, Retrieved 7 November 2011.
  28. Y.P. Lee, Mock & Partners, Patents, Trademarks, Copyrights Since 1985. "Patent over index column encoding granted" Published 23 April 2007, Retrieved on 7 November 2011.
  29. TTA인증제품목록 "인증기업 및 제품 상세보기: D’Amo " Retrieved on 15 November 2011.
  30. "Penta Security Awards and Certifications" retrieved on 15 November 2011
  31. D'Amo Patent photograph taken 5 December 2011, Retrieved 6 December 2011
  32. SAP "Partner Information Solution Details" 8 Aug 2011, Retrieved 5 December 2011
  33. Boan News "펜타시큐리티, SAP DB보안 시장진출 본격 시동" by TaeHyeong Kim, 30 Aug 2011, Retrieved 5 December 2011
  34. Korea Information Security Industry Portal "Penta Security Systems, Inc. Company Info" Retrieved on 15 November 2011.
  35. Naver News "로그인 한번으로 수십개 전산시스템 접속..'싱글사이온' 선봬" by T.W. Kim, 23 May 2001, Retrieved 22 Nov 2011
  36. Naver News "펜타시큐리티, 공무원 인증서 발급용 최상위 인증기관 (GPKI RootCA) 구축" by Hyeona Kim, 9 September 2002, Retrieved 22 November 2011
  37. Naver News "펜타시큐리티시스템, DB 보안솔루션 출시" by Dongjun Jang, 29 March 2004, Retrieved 22 November 2011
  38. Digital Daily "펜타시큐리티, SQL서버 DB정보 보안 솔루션 출시" by Yuji Lee, 30 October 2006, Retrieved 22 November 2011
  39. Digital Times "펜타시큐리티, HW 일체형 DB보안 솔루션 출시" by Hongseok Lee, 9 June 2008, Retrieved 22 November 2011
  40. Digital Times "펜타시큐리티, 일 지사 설립" by Jingyu Kang, 9 February 2009, Retrieved 22 November 2011
  41. boannews.com "펜타시큐리티, 웹방화벽 ‘와플’ 4개 모델 CC인증 획득" by Jeongwon Kim, 21 June 2010, Retrieved 22 November 2011
  42. Quantiq International "Penta Security Launches WAPPLES V-Series, a virtual version of its market-leading Web Application Firewall (web application security) for Cloud Computing" Published 31 October 2011, Retrieved 15 November 2011.
  43. Digital Times "ERP DB암호화 펜타시큐리티시스템 디아모" 24 October 2011, Retrieved 22 November 2011
  44. SAP "Partner Information Solution Details" 8 Aug 2011, Retrieved 5 December 2011
  45. Asta Muse World Knowledge Agent "ウェブアプリケーション攻撃の検知方法" Retrieved 22 February 2012
  46. "Frost & Sullivan: Penta Security, Imperva, F5 Networks and NSFOCUS identified as champions in the Asia Pacific Web Application Firewall Frost IQ matrix". Frost & Sullivan. Retrieved 2016-03-31.
This article is issued from Wikipedia - version of the Thursday, March 31, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.