SANS, TippingPoint Technologies, and Qualys Deliver Consensus Security Alert Digest to Over 200,000 Network Security Professionals

AUSTIN, Texas – Dec. 3, 2003 -TippingPoint Technologies, Inc. (Nasdaq: TPTI), the leader in high-speed intrusion prevention, today announced that it has partnered with SANS, the trusted leader in information security research, and Qualys?¤, Inc., the market leader of on-demand Network Security Audits and Vulnerability Management, to deliver a weekly security newsletter to network security professionals. Coordinated by the SANS Institute, the @RISK email newsletter contains the latest information on new and existing network security vulnerabilities and has a subscriber base of nearly 200,000 network security professionals worldwide.

Delivered every Thursday, the SANS @RISK newsletter summarizes newly discovered vulnerabilities, details their impact, and informs of actions large organizations have taken to protect their users. The SANS @RISK newsletter is available for free at: http://www.sans.org/newsletters/risk/.

“Coming out of the massive downsizings of the past two years, most organizations have barely enough people to keep their computers running smoothly. Every new security vulnerability can be a show-stopper. The twelve members of the @RISK council, together with Qualys and TippingPoint, have given the community a consensus of authoritative information on which they can base immediate decisions. @RISK tells them which vulnerabilities demand immediate attention and which can be handled through the normally scheduled upgrade cycle,” says Alan Paller, SANS Director of Research.

The @RISK email newsletter includes two parts. Part I provides analysis and remediation information about newly discovered critical vulnerabilities that require immediate action. This section is compiled by the security team at TippingPoint as a by-product of its continuous and comprehensive effort to update its intrusion prevention products with the latest vulnerability-based security filters known as Virtual Software Patches. It is enhanced by the industry’s only user consensus of actions large companies and government agencies have taken to protect their own systems.

Part II of @RISK is compiled by Qualys and provides a comprehensive list of all newly discovered vulnerabilities. This data is derived from Qualys’ ongoing effort to ensure the QualysGuard vulnerability management Web service tests for latest security weaknesses.

About SANS
SANS is the trusted leader in information security research, certification and education. Every year, more than 12,500 security professionals spend a week or more in SANS in-depth, immersion training programs. The SANS (SysAdmin, Audit, Network, Security) Institute enables more than 156,000 security professionals, auditors, system administrators, and network administrators to share the lessons they are learning and find solutions to the challenges they face. At the heart of SANS are the many security practitioners in government agencies, corporations, and universities around the world who invest hundreds of hours each year in research and teaching to help the entire information security community.

About Qualys
Qualys is the market-leading Web Service Provider offering on-demand Network Security Audits and Vulnerability Management. Qualys enables large and small organizations to manage security from an attacker’s perspective and fix real-world weaknesses before they are exploited. Qualys’ web services are used simultaneously by executives and technicians to measure security effectiveness, enforce security policy, and comply with regulations. More than 1,300 customers rely on Qualys, including Hershey Foods, Hewlett Packard, and the Thomson Corporation. Qualys is headquartered in Redwood Shores, California, with global offices in France, Germany and the U.K. For more information about Qualys, please visit: www.qualys.com .

About TippingPoint Technologies
TippingPoint Technologies is the leading provider of network-based intrusion prevention systems that deliver in-depth protection and attack eradication for corporate enterprises, government agencies, service providers, and academic institutions. This innovative approach offers customers an effective network-based security solution with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas and can be contacted through its Web site at www.tippingpoint.com or by telephone at 1-88UNITYONE.