Tool and Usage
|License||Apache License 2.0|
|Programming languages||Golang, Node.js, Objective-C, PHP, Python, Ruby|
|Latest release||0.85.0 |
Why this tool?
Acra is a database encryption proxy that provides encryption and data leakage prevention to applications. It provides selective encryption, access control, database and data leak prevention, and even intrusion detection capabilities. It is focused on developers and supports most popular programming languages such as Go, PHP, Python, Ruby.
How it works
Acra provides the tools to encrypt data by using cryptographic containers and decrypt in a compartmented area such as a virtual machine or container. Even if a secret key or password leaks, it won't be enough to decrypt the protected data chunks.
Acra uses a client and server component. AcraWriter is the client and uses the AcraStruct format to store encrypted data chunks.
During the review, PostgreSQL and MySQL were the supported database engines.
Usage and audience
Acra is commonly used for data encryption, data leak prevention, data security, or vulnerability mitigation. Target users for this tool are security professionals and system administrators.
- Has bindings for multiple programming languages
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + Commercial support available
- + The source code of this software is available
Supported operating systems
Acra is known to work on Linux.
Similar tools to Acra:
jSQL Injection is a security tool to test web applications. It can be used to discover if an application is vulnerable to SQL injection attacks.
NoSQLMap is a security tool to perform database enumeration and determine available exploits. It can audit or attack a given database instance.
GRR is a security tool for live forensics on remote systems. It uses a client-server model to obtain information from the systems and store them centrally.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
- Data Leakage
- Data leakage is unauthorized exposure of information like data files. Typically it is caused by the failure of protecting sensitive and confidential data. This owner of this data could be the company itself, its customer, or even the public. Data leakage can end in data loss or data theft.