Looking to help users protect corporate assets from theft, fraud and other abuse, database-security software vendor IPLocks this week announced a new version of its database monitoring, assessment and analysis tool.

The IPLocks software, which runs on a 32-bit Linux or Windows server inside the network to check each corporate database, now supports IBM's DB2 and Microsoft SQL 7 databases. The company already supported Oracle, Sybase and other databases.

The IPLocks database-security tool only scans for vulnerabilities and checks that user permission and accounts are configured properly. It reports on whether data corruption affected a particular transaction or if user behavior violated security policy.

In addition to supporting a wider range of databases, IPLocks 4.2 provides a way to do customized procedural-language-based scans written in PL/SQL and Transact/SQL scripts, says Adrian Lane, CTO at IPLocks.

Western Corporate Federal Credit Union (WesCorp), which has $25 billion in assets and provides back-office management services to about 1,000 credit unions, uses IPLocks to monitor user behavior and perform vulnerability checks for several databases, such as SQL Server, DB2 and Oracle.

"It gives us a good understanding of who is accessing data, and why and when, and that also could be a machine and software process as well," says Chris Hoff, chief information security officer at WesCorp in San Dimas, Calif. Hoff says IPLocks can notify him by e-mail about anything that appears to fall outside of set policy.

Guardium, Lumigent, Internet Security Systems and Application Security offer competing database scanners and audit tools.

IPLocks costs $3,000 per database.