Elemental Introduces New Security Compliance Management Products For Satisfying Compliance Requirements And Measurably Improving Security

ORLANDO, Fla. – April 4, 2005 – Elemental Security, Inc., a company pioneering new technology in enterprise information security, today announced the next-generation security compliance management product – the Elemental Compliance System?”. This innovative product addresses enterprises’ needs to centrally manage the security compliance of all computers in their dynamic computing environments. With a customized policy language, Elemental provides enterprises with unified visibility and control of all machines on their networks, enabling them to satisfy internal and regulatory compliance requirements and measurably improve security.

With today’s launch, Elemental delivers the world’s only product that unifies policy management, host configuration and network access control in one seamlessly integrated offering. For the first time, enterprises can easily express cross-platform security policies that affect individual computers and their behavior on the network, gather meaningful up-to-date information to compare to established metrics, and selectively enforce policies across a diverse, dynamic environment.

Today at the InfoSec World Conference and Exposition 2005 in Orlando, Fla., the company unveiled the Elemental Compliance System. These new products are being publicly demonstrated for the first time this week in Elemental’s Booth No. 713 on the show floor. The company also launched formally today at the show (see separate announcement released today by Elemental titled “Elemental Announces Corporate Launch; Debuts with Product that Fills the Unmet Need in Enterprise Compliance”).

“Organizations are looking for better tools to express, enforce, and demonstrate compliance to internal security policies and regulatory requirements,” said Phil Schacter, Vice President and Director of Security and Risk Management Strategies for Burton Group. “The current generation of tools is fragmented across desktops, servers, and various network appliances, with no unifying policy standard or integrated audit and compliance tracking mechanism. The emergence of integrated tools that combine security functions, reduce complexity, and increase accountability is a progressive step for the industry and a better solution for the enterprise customer.”

Elemental also announced today that it has joined the Network Admission Control (NAC) program, a Cisco-led initiative to help prevent attacks by using network infrastructure to enforce security policy compliance on devices attempting to access the network. To see all Elemental launch announcements released today, go to www.elementalsecurity.com/news .

Elemental approaches security compliance by uniquely placing an emphasis on policy. Elemental provides a Unified Policy Infrastructure integrating the management of security policies that are system agnostic and span multiple layers of individual machines, including OS, application, and network-level best practices. Elemental has also developed Fuel?”, the first and only custom policy language that enables intuitive cross-platform policy expression and easy deployment of policies throughout a computing environment. With no programming involved, organizations can express policies in a manner that more closely resembles how they were written in a security policy document, without worrying about implementation details or platform-specific issues.

“We have a dynamically changing environment at DTCC with many moving parts, and with today’s tools it is extremely difficult to prove compliance of these systems at all times,” said Paul De Graaff, Corporate Information Security Officer at The Depository Trust & Clearing Corporation (DTCC), the largest financial services post-trade infrastructure in the world. “We’ve looked at several approaches to addressing these issues, and the Elemental Compliance System provides a most innovative and effective solution. We see Elemental’s product providing continuous visibility into the systems in our network, and giving us the ability to use policy to continually improve our security posture.”

Elemental enables important security compliance capabilities, including dynamic host groupings that are rooted in a clear business context and IT administrative context. Dynamic groupings are derived from a large number of attributes that describe in detail the configuration and activity of machines. As individual machines change configuration or behavior, the dynamic grouping mechanism automatically assigns them into groups based on their attributes or behavior, and immediately assigns them the policies for those groups. Elemental uses these dynamic groupings to enable adaptive host-level network access controls to prevent unauthorized or non-compliant computers from communicating with a particular computer, groups of computers, or the entire network.

“We are pleased to introduce the Elemental Compliance System, the next evolution of the rising product category of security compliance management products,” said Elemental CEO Peter Watkins. “Our technology advancements provide visibility into dynamic enterprise environments and security policy expression capabilities previously unseen in the industry and truly unified for the first time in one product.”

Elemental’s products address enterprise problems such as ensuring that policies are being adhered to by all machines in dynamic computing environments; providing for a unified, up-to-date view of all systems in the network and how they are performing against internal security standards and external regulatory requirements; and enforcing access controls and quarantines on systems not meeting guidelines set up by security and IT administrators.

Availability

Sold directly and through leading channel partners, the new ,,product line is currently available. Contact the company at www.elementalsecurity.com for more, including sales and pricing information.

The Elemental Compliance System

The Elemental Compliance System is an enterprise security software solution that enables organizations to express, monitor, and enforce security policies for any computer connecting to the network. It is a client-server security system that provides broad visibility into all hosts in the enterprise and the means to control or contain them through auto-deployed security policies. The system consists of the Elemental server and Elemental agents running on workstations and server hosts throughout a network. Elemental’s architecture is unique in its ability to detect, monitor and control hosts with or without Elemental agents running on them.

About Elemental
Elemental Security is a pioneer in the Security Compliance Management market. Elemental’s products address enterprises’ need to centrally manage the security compliance of all computers in their environment. Elemental provides unified visibility and control to manage dynamic computing environments, enabling enterprises to satisfy compliance requirements and measurably improve their security. Founded in December 2002, Elemental is a privately held company backed by Bessemer Venture Partners, Mayfield and Sequoia Capital. The company is headquartered in San Mateo, Calif., and has regional offices throughout the U.S. Go to http://www.elementalsecurity.com for more information.

Elemental and the Elemental Compliance System are trademarks of Elemental Security, Inc.