SecureInfo and SANS Institute Join Forces to Develop Security Compliance Course for Department of Defense

SAN ANTONIO, TEXAS – March 31, 2004, SecureInfo Corporation, a recognized leader in delivering enterprise information security solutions, today announced it has signed an agreement with The SANS Institute whereby SANS will offer a DITSCAP (Defense Information Technology Security Certification and Accreditation Process) course, which is based on the content from SecureInfo’s RMSTM (Risk Management System) product. The DITSCAP course will be specifically designed for Information System Security Officers, Information System Security Managers, Designated Approval Authorities and all security personnel who maintain the Certification and Accreditation (C&A) of systems within the United States Army, Navy, Air Force and Marines.

Established in 1989, SANS is the largest and most trusted source for information security training and certification in the world. Its educational programs span across several continents to reach more than 165,000 security industry professionals, while its renowned research programs, including the Internet’s early warning system – Internet Storm Center, successfully assist these professionals in solving the daily challenges associated with keeping their organizations safe and secure.

“SANS is by far the recognized leader in Information Security training programs across the globe,” stated Steve Kiser, President and CEO of SecureInfo. “This partnership will solidify the leadership position of both organizations as security compliance subject matter experts in our respective fields.”

SecureInfo played a major role in the development of the original C&A process, and over the past decade, the Company has trained thousands of contractors and government security personnel on meeting the complex requirements involved in complying with mandated security compliance regulations. Its founders authored the first Air Force C&A standard (Air Force Systems Security Instruction 5024 Volumes 1-4) and co-authored the Department of Defense Information Technology 211 N. Loop 1604 E. Suite 200 San Antonio, Texas 78232 P:210.403.5600 F:210.403.5702 www.secureinfo.com

Security Certification & Accreditation Process (DITSCAP). This experience has been the foundation for the Company’s market-leading automated security compliance product solution, RMS, targeted at both the Federal Government and Commercial markets.

“SecureInfo brings a wealth of security knowledge and expertise in dealing with the challenges of complying with mandated standards and regulations,” said Stephen Northcutt, Director of Training and Certification for The SANS Institute. “We are excited about this partnership and the opportunity to better serve the Government information security market,” he added. SecureInfo will be exhibiting at the upcoming SANS 2004 Annual Security Conference (booth #116) in Orlando, Florida, from April 3-4.

About The SANS Institute
The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals, auditors, system administrators, network administrators, chief information security officers, and CIOs who share the lessons they are learning and jointly find solutions to the challenges they face. At the heart of SANS are the many security practitioners in government agencies, corporations, and universities around the world who invest hundreds of hours each year in research and teaching to help the entire information security community. Additional information is available at www.sans.org.

About SecureInfo Corporation
Securing the largest networks in the world since 1992, SecureInfo delivers solutions that simplify and automate security compliance, vulnerability management and enterprise security operations. SecureInfo currently supports over 750,000 users across the globe and continues to innovate its solutions suite by providing a framework that integrates compliance, vulnerability and policy management with enterprise cyber security operations. This allows our clients to merge existing technologies across a single management platform. SecureInfo, an Inc. 500 Corporation, is recognized as one of the top 10 providers of Information Security Solutions to the Federal Government. Additional information is available at www.secureinfo.com.