PRESS RELEASE

Santa Clara, Calif. " Feb. 9, 2009 -- Cenzic Inc., the leading provider of Web application security assessment and risk management solutions, announced its new release for its SaaS offering Cenzic ClickToSecure' 5.8 which includes an integration with Imperva', the leader in application data security. The offering combines Cenzic's Web application vulnerability assessment technology with Imperva's SecureSphere Web Application Firewall. With this solution, customers can take advantage of the benefits of Cenzic's technology through a remote assessment format from Cenzic's security experts, enhanced with SecureSphere's activity monitoring, real-time protection and risk management capabilities.

"The combination of Imperva's market-leading Web application firewall with Web application vulnerability information from Cenzic ClickToSecure ARC creates a powerful combination for securing critical web-based applications," said Rohit Gupta, VP business development at Imperva. "Our mutual customers will be able to manage a closed loop process for finding & mitigating security issues in their online applications." The joint solution combines Cenzic ClickToSecure, the company's managed service (SaaS), offering the only solution using a Stateful Assessment approach that emulates a hacker, with Imperva SecureSphere Web Application Firewall, an offering that enables businesses to efficiently maintain control over critical data, while providing secure and transparent protection for Web applications. In addition, this release includes many other enhancements like even more powerful spidering capabilities, significantly quicker results, and improved customer interface for SaaS customers who can see all their results remotely through an intelligent and dynamic dashboard.

"The Cenzic ClickToSecure and Imperva SecureSphere integration is another example of continuously advancing all of our solutions in the most effective way possible," said John Weinschenk, CEO of Cenzic. "Our SaaS solution with remote assessment is a great option for enterprises that don't necessarily have a complete security team in-house. This integrated offering ensures that customers can configure their Imperva SecureSphere with the vulnerabilities found by Cenzic to protect themselves from hackers until these defects are fixed in the code itself."

"We're seeing an increased need for Web application vulnerability assessment products across the industry," said Nick Selby, vice president and research director, Enterprise Security Practice at industry analyst firm, The 451 Group. "Recent drivers such as the updating of PCI requirements have made organizations more aware of Web application security, the need for it and how it can benefit them in the long run. However, organizations must continually test Web applications, as vulnerabilities can be discovered even after an initial screening test in pre-deployment. We like Cenzic's partnership approach with Imperva, as it allows web application firewalls to protect against actual vulnerabilities in an application's code. This provides a more comprehensive SaaS offering."

Cenzic solutions include assessing, analyzing, and resolving security vulnerabilities throughout the software development lifecycle (SDLC), and assists in compliance with regulatory standards. Cenzic's pre-crafted SmartAttack library enables enterprises to run tests out-of-the-box to find vulnerabilities in all Web applications, as well as enforce internal policies. The company's integration with virtualization solutions, Q.A. tools, source code scanners, application firewalls, and other security solutions gives enterprises the ability to easily address security issues as an integrated process. In addition, through its lab, CIA (Cenzic Intelligent Analysis) Research, Cenzic provides companies with ongoing and frequent updates to its SmartAttack library for the latest vulnerabilities and threats to stay ahead of the curve.

About Imperva Imperva, the leader in application data security, delivers activity monitoring, real-time protection, and risk management solutions for business applications and data. Imperva's practical solutions provide full visibility into sensitive data, database and application access, enabling granular control and maintenance of critical data. Over 4500 of the world's leading enterprises and government organizations in over 35 countries rely on Imperva's automated, scalable and business-relevant solutions to prevent data theft, data abuse and ensure data integrity. For more information, visit www.imperva.com.

About Cenzic Cenzic is the next-generation Web application security assessment and risk management solutions leader. The Cenzic suite of application security solutions fits the need of any company from remote, Software as a Service (ClickToSecure'), for testing one or more applications, to a full enterprise-wide solution (Cenzic Hailstorm' Enterprise ARC) for effectively managing application security risks across an enterprise. Always an innovator, Cenzic Hailstorm enables the testing of production Web applications through integration with VMware for virtualization, making Cenzic the only company in the industry with a complete solution for assessing Web applications in all stages from development to production. In addition, Cenzic solutions, targeted at financial services, e-retail, high-tech, energy, healthcare and government sectors, are the most accurate, comprehensive and extensible in the industry empowering organizations to stay on top of unrelenting application security threats.