Sanctum Hits Record Numbers in Q1 2004, Extending Lead in Application Security Market with 95 Percent Revenue Growth

SANTA CLARA, CALIF.-April 12, 2004-Sanctum, Inc., the established leader in automated Web application security firewall and testing software, today announced its best quarter since pioneering the Web application security market in 1997. Sanctum company revenue for the first quarter of 2004 grew 95 percent over figures for Q1 2003. For three consecutive quarters, Sanctum product sales have grown and exceeded quarterly revenue plans. In Q1 2004, Sanctum’s AppScan? product grew 90 percent, and AppShield? grew 65 percent over the same period in 2003. Highlighting the record revenues for the quarter, Sanctum also passed a major company milestone in signing its 500th customer, solidifying an already dominant lead over the competition.

?The past three months started 2004 as a banner quarter for Sanctum. We signed more than 80 customers, introduced major technology advances across our product line and received validation from some of the most prestigious independent media and reviewers in the industry,? said Peggy Weigle, CEO of Sanctum. ?We’re eager to build upon our Q1 momentum by further increasing our customer base, expanding our partnerships and continuing to strengthen our position as the undisputed leader in the Web application security marketplace.?

New Products
Sanctum has never rested in its position as the industry leader, but continues to advance the marketplace with new technological innovation. Sanctum is leading the charge to make software more secure, offering award-winning products to help customers secure applications during the development lifecycle, uniquely addressing Developer, Quality Assurance and Audit groups, as well as Operations. Sanctum provides built-in, customized templates for compliance validation and reporting, delivering an easy-to-use tool for large enterprises to meet internal best practices and external regulations. In Q1 2004, Sanctum unveiled significant upgrades to its product line:
§ AppScan 4.5 QA and Audit Editions, the first and only security testing tools to deliver standardized Web application security testing across the entire enterprise.
AppScan’s multi-staged testing of an application throughout its lifecycle is helping hundreds of enterprise customers to make secure coding and quality software a reality.
§ AppShield 4.5, the next generation of Sanctum’s patented application security firewall, offers bulletproof defense for large application deployments. The most advanced application firewall available in the market, AppShield meets the enterprise-class requirements of deploying comprehensive application security, while reducing corporate risk and aiding regulatory compliance.

Customer Momentum
Customer response has been overwhelming, as proven by record new sales and continued increases in existing customer upgrades. Sanctum’s installed customer base recognizes the important and successful role AppScan and AppShield play in completing their security infrastructure. Despite a difficult economy, Sanctum customers have been quick to upgrade to the new versions of AppScan and AppShield, ensuring the latest technology from Sanctum is a top-priority budget item in their 2004 security spending.

The increased penetration of enterprise customers has been another source of growth for Sanctum, making the average customer deployment significantly larger. Enterprise adoption has spread well beyond the security, network and Web teams. Sanctum’s customization of its products to address critical business problems faced by customers has driven further adoption of AppScan. Enterprise customers have extended licensing to add new seats for development, QA, audit and other departments, totaling more than 2,500 users for AppScan worldwide.

Awards and Achievements
The first quarter of 2004 brought unprecedented recognition to Sanctum across the board, honoring management achievements and vision, as well as technology innovation. In Q1, Sanctum awards and achievements included:
§ Management and Vision: Sanctum received numerous awards, highlighted by CTO Steve Orrin being chosen as one of the top CTOs in the Nation by InfoWorld magazine.

Orrin’s recognition among this elite group of the Top 25 CTOs followed right on the heels of Sanctum’s CEO Peggy Weigle being named one of the most influential people in networking by Network World magazine. This recognition validated the management team’s success in defining and implementing a technology and business strategy that meets enterprise requirements today.

§ Product and Technology: Sanctum’s AppShield won Network World’s fifth annual ?Best of the Tests Award? in the Security Infrastructure category. AppShield earned the award over competing products from KaVaDo, Internet Security Systems and Network Associates for delivering outstanding results in hands-on tests performed by the Network World Lab Alliance.

§ Industry Contributions: Sanctum continued to play a major role in advancing security initiatives and research within the industry. As a founding member of the Web Application Security Consortium (WASC), Sanctum is working to establish security standards for the Web. In addition, Sanctum is an active participant in several working groups of OASIS, producing worldwide standards for security, Web services, conformance and other areas of e-business standards. Finally, the Sanctum security research team recently announced the discovery of a next-generation attack called HTTP Response Splitting-a new carrier affecting Web server communications to perform both new types of attacks and old ones in more elegant and malicious ways, once again proving the company’s commitment to the discovery and sharing of emerging application threats.

About Sanctum, Inc.
Founded in 1997 and headquartered in Santa Clara, Calif., Sanctum, Inc. is the recognized leader for Web application security solutions. Sanctum software solutions provide automatic enforcement of intended business processes, ensuring the protection of core information and data. By detecting and defending against any unauthorized behavior, Sanctum protects customers against malicious cybercriminal activity-from theft of intellectual property and customer data, to e-commerce fraud and Web site defacement-even if a site has unknown security holes or flaws. Sanctum’s solutions complete a company’s security infrastructure, assure regulatory compliance and create sustainable ROI. Sanctum’s customers include industry leaders in finance, retailing, healthcare, government and telecommunications. Privately held, Sanctum is funded by blue-chip venture capital firms and industry leaders including Sprout Group, Dell, Gemini Israel Funds, Fidelity Ventures, Wachovia Strategic Ventures Group, Mofet Israel Technology Fund and Walden Israel. For more information, visit www.SanctumInc.com or contact the Company directly at (408) 352-2000.