Database encryption offers an extra layer of security that protects sensitive data from unwanted intruders by converting it into ciphertext using a cryptographic algorithm such as AES with a key length determining the strength of the encryption, and two types of encryption methods including symmetric and asymmetric encryption. Database encryption at rest refers to encrypting data when it's stored on disk, while database encryption in transit refers to encrypting data while it is in motion between the database and applications accessing the data, both requiring secure communication channels or protocols like TLS/SSL to ensure confidentiality.