Application Security Enhances DbProtect Analytics

PRESS RELEASE

NEW YORK, October 5, 2009 Application Security, Inc., the leading provider of database security, risk and compliance (SRC) solutions, today introduced the DISA STIG (Defense Information Systems Agency " Security Technical Implementation Guide) Compliance Pack for DbProtect Analytics. The DISA STIG Compliance Pack is designed to provide organizations with a comprehensive, streamlined approach to database risk assessment through a process of continuous compliance with its market-leading DbProtect enterprise-class platform.

Through the DISA STIG Compliance Pack, DbProtect Analytics incorporates the working guidelines of the DISA STIG into Department of Defense (DoD) application-specific reporting formats. Application Security, Inc.'s agentless database SRC platform helps properly safeguard databases that contain sensitive information, enabling DoD security and compliance teams to scale their technology risk solution and meet compliance mandates.

The DISA STIG Compliance Pack incorporates the DoD's Information Assurance (IA) controls outlined in DISA STIG V8R1 for the database, across all database platforms. By supporting DoD Directive 8500.1, against which all IA and IA-enabled IT products incorporated into DoD information systems require compliance, the DISA STIG Compliance Pack helps DoD personnel and contractors cut down the time to compliance with multiple federal regulations.

"It has been reported that the DoD is experiencing over three million unauthorized probes on its infrastructure daily," said Josh Shaul, vice president, product management, Application Security, Inc. "The powerful reporting of our new DISA STIG Compliance Pack enables the DoD and DoD contractors to demonstrate evidentiary compliance with DoD guidelines for database security, risk and compliance.

"Application Security, Inc. has a strong product set with strong support for every database regulation outlined by the DISA STIGs," said Jon Oltsik, Senior Analyst, Enterprise Strategy Group. "DoD organizations need enterprise-class capabilities that will to scale and integrate with other vulnerability management systems. DbProtect's Compliance Pack for DISA STIG eliminates manual processes to enable a quicker, more efficient, end-to-end audit process."

For more information regarding the AppSec Federal Compliance Pack, please visit www.appsecinc.com/solutions.

About Application Security, Inc. Application Security, Inc. is the leading provider of agentless database security, risk and compliance (SRC) solutions for the enterprise. Application Security, Inc.'s agentless approach - AppDetectivePro for auditors and IT advisors, and DbProtect for the enterprise - delivers the industry's most scalable database SRC solution, and is in use by over 1,700 customers around the world - in the most demanding environments. The company was named to Inc. Magazine's 2007 (Inc. 500) and 2008 list of America's Fastest Growing Private Companies, and was also named to the 2008 Deloitte Technology Fast 50 by Deloitte & Touche.

For more information, please visit www.appsecinc.com.