Reduce Application-Layer Encryption Complexity and Costs

Streamlines the process of adding encryption into existing applications, delivering standards-based APIs that power high-performance cryptographic and key management operations

Vormetric Application Encryption

With Vormetric Application Encryption, you can encrypt specific files or columns in databases, big data nodes, and platform-as-a-service (PaaS) environments. The application encryption solution features a set of documented, standards-based APIs that can be used to perform cryptographic and key management operations. Vormetric Application Encryption eliminates the time, complexity, and risk of developing and implementing an in-house encryption and key management solution.

Vormetric Application Encryption
Streamline Encryption Implementations

The application encryption solution simplifies the process of adding encryption to applications. Developers use Java, .NET, or C libraries to facilitate communication between applications and encryption agents

Secure Cloud and Big Data Environments

With the application encryption solution, you can encrypt specific fields at the application layer, securing sensitive data before it is stored in database, big data, or cloud environments.

Establish Strong Controls

Gain controls you need to stop malicious DBAs, cloud administrators, hackers, and authorities with subpoenas from gaining unauthorized access to valuable data.

Centralized Key and Policy Management

Vormetric Application Encryption enables centralized control of application-layer encryption and file system encryption. With the application encryption solution, all policy and key management is done through the Vormetric Data Security Manager. As a result, the solution simplifies the data security operations environment, reducing the number of management consoles that administrators have to learn and maintain.

Flexible Implementation Options

The application encryption solution enables developers to use NIST standard solutions for both Advanced Encryption Standard (AES) and format preserving encryption (FPE), which enables organizations to implement encryption without changing the database schema. Vormetric Application Encryption features a library that implements a subset of the PKCS#11 APIs.

Scalable Batch Data Transformation Utility

Vormetric Application Encryption customers can also order the Batch Data Transformation utility from Thales e-Security. By leveraging Batch Data Transformation, your organization can encrypt large data sets without lengthy maintenance windows and downtime—and without changing applications, networking configurations, or storage architectures.

Supported environments

Microsoft .NET 2.0 and higher, Java 7 and 8, C

Integration standard



AES, Format Preserving Encryption (FF1)

Operating systems

Linux, Windows 2008 and 2012


400,000 credit card size encryption transactions per second (e.g. single thread, 32 core, 16GB, C)

Policy and key administration

Vormetric Data Security Manager

Character support

ASCII, Unicode


FIPS 140-2 Level 1—in progress

White Paper : Vormetric Application Encryption Architecture

Vormetric Application Encryption is typically employed when compliance or regulatory mandates require encryption of specific data or database fields at the application, before data is stored. Vormetric Application Encryption reduces the complexity and costs associated with meeting this requirement, simplifying the process of adding encryption capabilities to existing applications. Developers can use libraries for Java, .NET, Python, and C to facilitate communication between applications and the Vormetric Application Encryption library. This library encrypts data as either NIST approved AES-CBC or Format Preserving Encryption (FPE) and returns the resulting cipher text to the application. All policy and key management is done through the Data Security Manager (DSM). This architecture paper goes into detail of the security model, best practices, APIs, and offers a sample application encryption library.


White Paper : Aberdeen Group Demystifies Data-at-Rest Encryption

By Derek E.Brink, CISSP, Vice President and Research Fellow, IT Security and IT GRC This report will provide you with explanations and actionable information that will help you secure your most crucial asset, your data.


Video : Introduction to Vormetric Application Encryption

This video is a tutorial on the Vormetric Data Security Platform with a detailed look into the use cases for application-layer encryption and an overview of the Vormetric Application Encryption product.

Mire nuestra demostración interactiva Explorar
Programe una demostración en vivo Programar
Comuníquese con un especialista Contacto