PRESS RELEASE

ATLANTA – June 1, 2011 – Stonesoft today announced the debut of the world’s first anti-evasion readiness test service. This service tests how well an organization’s critical digital assets are being protected against advanced evasion techniques (AETs). The service will be provided by selected, independent IT service organizations around the world.

Stonesoft’s anti-evasion readiness test service leverages the StoneGate evasion testing software developed by Stonesoft Labs to test, assess and report security devices’ capabilities to protect against advanced evasion techniques (AETs). AETs are a means to disguise and/or to modify network attacks to avoid detection and blocking by the network security systems. In practice, evasions enable advanced cyber criminals to deliver any malicious content, exploits or attacks to a vulnerable system without leaving a trace. Based on latest knowledge and research, AETs can bypass the majority of the existing security devices. Stonesoft’s anti-evasion readiness test service has been developed to meet the needs of organizations relying on network security devices like next generation firewalls, intrusion detection and intrusion prevention systems with deep packet inspection. These devices protect mission critical computer networks, sensitive data assets, critical systems such as CRM and ERP, and SCADA networks. These systems are attractive targets for cyber criminals and AETs offer an effective way of executing successful attacks. For many organizations, securing these areas is crucial for meeting compliance and audit requirements. “The recent security breaches highlight the growing importance of network security. The first step to mitigating risks is to improve your understanding and awareness about the level of existing network security. The worst thing is to have a false perception of being safe or being dependent on vendor claims only. An anti-evasion readiness test service allows organizations to get an independent, realistic and definitive answer to the question of whether or how well their network security devices protect against advanced evasion techniques,” said Klaus Majewski, director of business development at Stonesoft Corporation. The anti-evasion readiness test service is offered by vendor independent and qualified IT service providers around the world. Stonesoft is currently negotiating with several leading IT providers around the world and the availability of the test service is expected to spread fast as major providers take it as part of their service offering. “Understanding how effective or ineffective an organization’s security devices are against AETs is an important part of IT risk management. The service is a valuable component of security audits, the product evaluation process or the re-configuration of current devices to add AET protection. The test service will help organizations optimize their security strategy,” adds Majewski. Stonesoft’s anti-evasion readiness test service is the most comprehensive evasion testing software on the market today, including also the most recent evasion techniques discovered by Stonesoft and reported to the vendor community through the CERT coordination process. What distinguishes the service from the existing lab and vendor device testing methods is that the tests are conducted using the organizations’ own security devices and configurations as they are running in production and by using real exploits disguised by real evasion techniques. As an end result of the service, end customers will get a comprehensive test report about evasion detection and block rates on different protocol levels. The test report also includes practical recommendations and risk mitigation advice. This does not require in house expertise or investments for the testing tools. For information on the anti-evasion readiness test service, please visit www.antievasion.com or www.stonesoft.com.

Contact:

About Stonesoft Stonesoft Corporation (NASDAQ OMX: SFT1V) delivers proven, innovative solutions that simplify network security management for even the most complex network environments. The StoneGate Platform unifies management of entire networks—including StoneGate and third-party devices—blending integrated threat management, end-to-end high availability and network optimization into a centrally controlled system. As a result, Stonesoft provides the highest levels of proactive control, always-on connectivity and compliance at the lowest total cost of ownership (TCO) on the market today. Founded in 1990, the company is an established leader in network security innovation with corporate headquarters in Helsinki, Finland and Americas headquarters in Atlanta, Georgia. For more information, visit www.stonesoft.com, www.antievasion.com and the corporate blog http://stoneblog.stonesoft.com.