October 2019

Competitive Analysis

Protegrity

C Company

Protegrity is an enterprise data security company

which provides cloud data security software for

data-centric encryption and tokenization targeted to

protect sensitive data while maintaining usability.

Its corporate headquarters is in Stamford, CA. with

international offices in the U.K, Sweden and

Singapore.

Protegrity’s primary markets revolve around

businesses that require specific compliances such as

PCI, GDPR, and HIPPA/HITECH. These primary

markets include financial, healthcare, insurance,

retail and telecom industries.

Key Points

• Founded: 1996

• Headquarters: Stamford, CT.

• CEO: Suni Munshani

• Parent Organization : Xcelera Inc.

Summary Overview of Protegrity Products

Protegrity is most ly concerned with big data and prides itse lf by securing

large amounts of data while mainta ining flex ibi l ity and quick interactions

with the data.

• The company has pre -written apps that customers can download and

use without reprogramming their current appl ications , requir ing less

in -depth integration.

• The fact that their software can be downloaded is appeal ing to

customers because it is how most software in the world works

(download a complete appl ication that interfaces with predefined

software packages and serv ices ).

Protegrity states that they are a

“Data-First” Security Solution.

Their services claim to protect sensitive

enterprise data at rest, in motion and data

discovery, as well as de-identification and

governance.

Listing of Products

With respect to their products and serv ices , Protegrity offerings encompass a

number of solutions and serv ices for data storage, encryption, and key

management. The l isting is as fol lows:

Protegr ity Vault less Tokenization (PVT)

Protegrity tokenizes indiv idual pieces of data and incorporates bus iness rules

that a l low the secured data to be handled very quick ly and efficient ly.

• They can encrypt rows of a database, files , t rees , directories , and

appl ication data and these tokens can be used to secure data in “t rans it”

by primari ly focus ing on pars ing files .

• Their definition of data in t rans it a lso refers to the fact that a PVT token,

which is a substitute value for a piece of data, can be passed to another

person or part of the appl ication without reveal ing the real data.

• This token can then be t rans lated back into real data when it is needed to

be used in this new location, much l ike Eclypses ’ private dig ita l vault.

Protegrity states that their offering includes the

fol lowing:

Enterprise Pol icy and key management , Moni-

toring and Auditing. Additional ly , Application,

Database, F i le and Maintenance Protectors.

The company a lso offers four C loud Gateways

and a Data Security Gateway.

Listing of Products - Continued

This technology is used in a multitude of apps that the company offers and

they are l isted below.

Application Protector – Allows app developers to encrypt and decrypt sens itive

data without ever control l ing the encryption keys , crypto a lgorithms, or the

sens itive data itse lf. Offered in C , C++, Java, and .NET programming languages.

Avatar for Hortonworks – Is an application that integrates with Hortonworks

open-source data management software to prov ide highly t ransparent file -

level AES 256 encryption. I t a lso includes a centra l ized data security

administration software which encompasses comprehens ive monitoring ,

auditing, and pol icy and key management. They secure in two ways “Course-

grained” and a l l or nothing approach or “Fine-Grained” which is encrypting or

tokeniz ing at a field/column level.

Big Data Protector – Hadoop security that protects assets and meets

regulatory compliance without compromis ing performance. Bas ica l ly , i t does

the same thing as Avatar but for Hadoop systems.

Database Protector – Utilizes their PVT to protect data within the database.

I t is an appl ication the customer must download and work through to interact

with their DBs. It real istical ly does

much of the same thing as Avatar and

Big Data but for DBs.

Fi le Protector – is an appl ication that

enables encryption for files , t rees , or

directories.

Listing of Products - Continued

Mainframe Protector – An application that is very s imilar to Database

protector but for IBM DB2s . It automatical ly protects and unprotects data that

is inserted or removed into/from a row. I t is configured as a secured row and

the entire row is encrypted. And it combines the DB, Application, and F i le

protectors to secure an entire mainframe.

Gateways – This is Protegrity ’s “data- in trans it” solution. The data is secured

before it is t ransmitted across a network or up to the c loud. For files , Gateways

breaks the data into smaller pieces and encrypts the indiv idual pieces much l ike

Eclypses ’ “data in t rans it ” solution, with one major difference, the MTE

proprietary and patented methodology for key management.

(See Differentiators section below).

Protegrity states that their data protec-

tion platforms offer complete data

protection, from acquis ition to deletion

and every point in between.

Differentiators

Protegrity products compete with Eclypses ’ Certa inSafe and Private Dig ita l

Vault.

• Their Gateway products attempt to, but fa l l short , in competing with

Ec lypses ’ “data in t rans it ” solution regarding the pars ing of large pieces

of data, files , f .eg. , into indiv idual ly secured smaller ones.

• Eclypses MTE Commander is a point to point technology that takes over

a l l the “key management” between endpoints that wish to send and

receive information. While each indiv idual ized piece of data, in most

cases , is sti l l parsed into small chunks or s l ices , each piece requires its

own disparate decryption key in order to be ful ly decrypted and

reassembled. With the deployment of MTE, the “real keys” are NEVER

sent , therefore cannot be intercepted.

• The MTE process , in short , is that the sending endpoint sends over an

MTE MicroToken packet , which contains a secret one -time use command,

that instructs the receiv ing endpoint on how to bui ld a decryption key , on

the fly and just in time. Once the indiv idual key is bui lt , i t is consumed

and becomes instant ly obsolete, thereby worthless. Within mil l iseconds ,

the keys no longer ex is t , mitigating any chance unauthorized use or

reuse. Eclypses believes this is a dynamic and s ignificantly d ifferent

capability than anything Protegr ity can provide.

.

Eclypses serv ices prov ide a new, higher

level of data security while mainta ining

flexibi l ity , adaptabil ity , and access ibi l ity

through use of our own MicroToken

Exchange (MTE) proprietary patented

MicroEncryption ® and MicroTokenization ®

solutions .

Differentiators - Continued

• Portions of the Protegrity solutions util ize open source technology.

• Eclypses DOES NOT use open source in any of their source code l ibraries ,

mainta ining control thus minimiz ing vulnerabi l ity. Paraphras ing cyber

security programmer and author, Jarrod Overson , the open-source system

is eas i ly exploited and adds a certa in level of vulnerabi l ity. He states ,

“Some open source products can have its coding a ltered so that those who

wish to exp lo it others can do so. Th is may inc lude identity theft, v irus

t ransfers, and other activities that irr itate open source software users. ”2

• An additional differentiator between the two is that Protegrity is focused on

bui lding and se l l ing appl ications that l ink to other software bus inesses use.

Ec lypses focuses on making their security solution fit into any s ituation ,

running a longs ide ex isting applications . As a result of this focus on build ing

applications, Protegr ity ’s secur ity does not seem as robust as Eclypses’ ,

inc luding the fact that they pr imar i ly use AES 256 encryption .

.

“With the method of key generation, even if the attacker intercepts the initial key/pin, they would

need to brute force their way to the discovery of the algorithm, with that being said, it would take

nation state actors to even attempt to break the encryption process without having access to the

source code . . . . In other words, very improbable.”1 – H2L Solutions

(Military Penetration Testing Facility)

Strengths of Eclypses

As compared to Eclypses MTE, the fol lowing l ist i l lustrates where Protegrity fa l ls

short.

• Eclypses can fit into many more architectures because they do not have

their own apps that re ly on interfacing with other specific software.

• Eclypses can a lso secure command and controls and l ive streams of data

which Protegrity can not do.

• Eclypses software is a lso much more customizable and flex ible , a l lowing

customers to maintain their current UI and/or create a custom one that fits

their specific needs.

• Eclypses bel ieves strong ly that Eclypses ’ Certa inSafe GUI is much better

v isual ly and functionally than Protegrity ’s.

References .

H2L Solutions , Mil itary Penetration Testing Faci l ity , 2018

Overson, Jarrod, “Exploiting Developer Infrastructure is Ridiculous ly Easy ”.

Medium, Nov 26,2018

Eclypses provides services that solve successful data breaches and miti-

gate vulnerabilities for data at rest and in transit.

Governments, military, individuals and business enterprises continue to

face the daily challenge of securing their intellectual property, data, and

systems. MicroToken Exchange (MTE) solves the problem by providing

simpler, yet, more secure solution, that is rapidly deployable &

adaptable.

About Eclypses

Eclypses ’ industry leading dis ruptive cybersecurity

software replaces user data with MicroTokens us ing

Micro Encryption to prov ide the highest level of data

pr ivacy avai lable. With the company ’s patent proven

MicroToken Exchange (MTE) technology , rea l data is never

exposed when t ransmitted or whi le stored on servers and

remote dev ices .

Applications range from secure command and control needs , inc luding Internet

of Things (IoT) , to secure storage and retr ieval of sens itive data, such

as credit card information and healthcare records .

Today, Ec lypses ’ MicroToken Exchange technology is helping enterprises and

government agencies protect their most sens itive and private information from

cybercriminals and cyber terroris ts as wel l as fac i l itate their abi l i ty to become

GDPR compliant .

2005 Aero plaza Dr. Colorado Springs, CO. 80916

www.eclypses.com Info@eclypses.com