Acra, a database security daemon

Acra is database security suite for modern web apps. It protects sensitive data against leaks and many typical threats through strong selective encryption, and intrusion detection capabilities. Acra is engineered with modern development practices in mind, can be integrated into existing infrastructures easily, and is designed for a quick launch with minimal integration friction. It is open source, under the Apache 2 licence.

Acra provides:

Modern database encryption suite
  1. 1 Encryption/intrusion detection daemon
  2. 2 Easy integration with modern application
  3. 3 No alteration to database behavior
Full granular control, easily:
Choose which records you classify as sensitive. Read and write them where you need them, the way you want, with a minimised attack surface.
Convenient infrastructure:
Built with modern devops in mind. Easy to deploy, easy to control. Detailed documentation to get you going quickly.
Strong security:
The security scheme limits the attack surface for your sensitive record to just one secure container in a compartmented, dedicated VM.
Development comfort:
Encrypt sensitive data where it fits. Deploy in infrastructure, the way you want it. Spend time making decisions, not fixing bugs.

Why Acra?


Selective db encryption proxy

Acra acts as a database proxy that provides selective transparent encryption and only protects data that needs protection, specified by you. Acra encrypts the data as it is written to a database and decrypts it when you request it back.

Intrusion detection

Acra analyses all the traffic passing through it to monitor for suspicious requests from the app the database. Any reaction script up to shutting down the database can be triggered upon detection of a suspicious activity.

Low maintenance

Acra is fast to install (built to get going in 30 min), easy to maintain, and simple to migrate. Most of its features were specifically tailored for convenient configuration and/or automatisation from a configuration automation environment.

Get going with Acra, fast!

Flat fee

In-depth one-time assistance.

Handled with care

Security by security professionals.

Dev from Devs

Security tools from their authors.

About DGAP

DataGuardian Assistance Program is a comprehensive assisted security solution. Our experts will help you understand and avert practical data security risks your application is facing.

Request more info:

DGAP official document

To provide you with official information on DataGuardian Assistance Program by Cossack Labs, we created the following PDF document, which you can download here.

Acra Live Demo

Request an invitation to the free Acra Live Demo — the live interactive simulator that demonstrates the basic workflow of the database protection suite Acra.

Available for:

Postgresql Linux python Go Ruby

Related blog posts

Copyright © 2014-2018 Cossack Labs Limited
Cossack Labs is a privately-held British company with a team of data security experts based in Kyiv, Ukraine.