PRESS RELEASE

SAN FRANCISCO, CA—nCircle, the leader in information risk and security performance management, today announced expanded coverage for the SCADA systems and devices that manage and control critical infrastructure. Critical infrastructure is designated by the Department of Homeland Security (DHS) and the North American Reliability Corporation (NERC) as the assets, systems, and networks so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security and public health or safety.

“nCircle’s Vulnerability Exposure and Research Team (VERT) has been working hand-in-hand with leading energy suppliers and critical infrastructure providers in a carefully designed program to deliver safe, accurate detection of SCADA equipment, applications and vulnerabilities on production devices,” said Lamar Bailey, director of security research and development for nCircle. “We understand how important up-time is for critical infrastructure providers and that’s why our program is built on supplier and customer partnerships. Because we develop scanning solutions for production networks, we develop and test our solutions in real, working environments. This precaution ensures our vulnerability detection techniques can be used safely in live production environments.”

nCircle Suite360™ now covers vulnerabilities from the following equipment suppliers:

· Rugged Operating Systems

· GE Industrial Systems

· Arbiter

· GE RTU

· Schweitzer Engineering Laboratories

· Lantronix

"Regular automated vulnerability scanning of SCADA equipment helps operations teams identify known vulnerabilities so they can be prioritized for remediation," said Seth Bromberger, principal, NCI Security." Vendor testing programs like nCircle's can help ensure this scanning has no unintended effects on the correct operation of this critical equipment."

nCircle’s Configuration Compliance Manager™ (CCM), included in nCircle Suite 360, also offers policies that comply with NERC Critical Infrastructure Protection (CIP) standards. These policies help utilities automate time-consuming manual audit tasks, reduce security risk and achieve compliance with the NERC CIP standards. Additionally, CCM supports a unique, non-intrusive, lightweight port scanning mode specifically designed for highly sensitive devices such as SCADA systems.

nCircle continues to set the standard for comprehensive asset discovery, accuracy and vulnerability detection for enterprise-class networks and will be releasing additional coverage for SCADA devices, applications and vulnerabilities over the next few months. nCircle Suite360 now audits for over 60,000 conditions—far more than any other solution. Suite360 ensures comprehensive network visibility by offering the greatest breadth and depth of coverage for the automatic discovery of vulnerabilities, applications and services, auditing configuration compliance and monitoring file integrity across the entire network.

For more information, please visit www.ncircle.com.

About nCircle Suite360 nCircle provides the world's most comprehensive suite of solutions for agentless security and configuration auditing for physical and virtual IT environments. nCircle's solutions combine the broadest discovery of networks and their operating systems, applications, vulnerabilities, and configurations with advanced analytics to help enterprises reduce security risk and achieve compliance. nCircle's solutions include IP360™ for vulnerability management, WebApp360™ for web application vulnerability auditing, Configuration Compliance Manager (CCM)™ for configuration auditing and file integrity monitoring, Certified PCI Scan Service™ for on-demand self-service PCI scanning, and Suite360 Intelligence Hub™ for IT governance, risk and compliance (ITGRC) reporting and analytics.

About nCircle

nCircle is the leading provider of information risk & security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer’s premises, as a cloud-based service, or in combination, for maximum flexibility and value.

nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at http://www.ncircle.com.