PRESS RELEASE

WALTHAM, Mass., May 19 /PRNewswire/ -- Ounce Labs, the industry leader in enterprise static application security testing (SAST), today announced record revenue growth for the first quarter of 2009.

Year-over-year quarterly bookings grew 52 percent following the company's record growth in 2008. Ounce attributes its growth to new customers, expanded engagements with existing customers, momentum for its Assessment-as-a-Service (A3S) offering, its expanding network of worldwide service and technology partners, and increased reach into the government sector.

"Application security has quickly become an executive-level priority as more businesses understand the link between secure software and data protection," said David Mitchell, senior vice president, IT Research, Ovum. "Businesses are feeling the pressure to secure their applications - whether those applications are off-the-shelf, built in-house or by outsourcers - but not all businesses have the same resources, especially when it comes to funding and IT security specialists. Providing solutions that address these shortcomings will be critical for the next generation of application security solutions."

In addition to strong demand for Ounce's A3S service offering, additional Q1 2009 highlights include:

-- An expanded Ounce partner community, with the addition of more than 10 technology and service partners, including The Security Consortium (TSC) and Nexor, and an extended footprint in Europe and the Middle East. -- Ounce positioned in the Leaders Quadrant in Gartner's inaugural "Magic Quadrant for Static Application Security Testing (SAST)" report. -- Ounce named a "Champion" in analyst firm Bloor Research's "Application Security Market Update." -- A completely overhauled Ounce Labs Web site. -- Debut of the Ounce Community Forum for security practitioners around the globe. -- The establishment of Ounce CTO Jack Danahy's Blog, Suitable Security.

"In these challenging economic times, customers have the difficult task of ensuring security and managing risks across their organizations, and must also do more with less," said Gary Jackson, president and CEO, Ounce Labs. "Our continued success is the direct result of maximizing our customers' budget dollars while reducing the risks associated with insecure software by delivering a cost-effective source code analysis tool that hardens their applications to help protect their sensitive data."

Ounce Labs' flagship product, Ounce 6, is the only comprehensive, enterprise static application security testing (SAST) solution that meets the demands of enterprises committed to eliminating business-critical vulnerabilities in software. It scans code quickly and prioritizes risk and offers remediation action advice down to individual lines of vulnerable code across entire enterprise application portfolios. Ounce's innovative pricing model, announced in 2008, which provides the industry's most cost-effective solution for application security, helped strengthen Ounce's strong Q1 2009 results.

About Ounce Labs, Inc.

Ounce Labs' industry-leading Static Application Security Testing (SAST) suite brings enterprise-wide awareness of business critical vulnerabilities. With this ability to identify and prioritize issues, organizations have the information they need to address their greatest risks. Ounce's patented source code analysis delivers the scalability and automation to help organizations such as EDS, IBM, Intel, and Lockheed Martin strengthen application security and protect confidential information. Ounce also helps organizations to verify regulatory and policy compliance, addressing PCI DSS, FISMA, HIPAA and others. For more information, please visit www.ouncelabs.com.

Ounce Labs is a registered trademark of Ounce Labs, Inc. in the United States and other countries. Other product or service na mes mentioned herein are the trademarks of their respective owners.

MEDIA CONTACTS: Jennifer Sullivan Mark Daly Ounce Labs Davies Murphy Group 781.547.7013 781.418.2411 [email protected] [email protected] http://www.ouncelabs.com http://www.daviesmurphy.com