Elemental’s Unique Approach To Comprehensive Security Policy Management Fuels Strong Growth In 2005

SAN MATEO, Calif. – Jan. 25, 2006 – Elemental Security, Inc., the award-winning pioneer of new technology in enterprise information security, today announced that its security policy and risk management business increased tenfold by the close of 2005, nine months after the commercial availability of its Elemental Compliance System.

Following its launch in April 2005, the company saw significant traction in key vertical markets, such as high-tech, healthcare, financial services and education. Elemental’s growth has been driven by rapid customer adoption of its policy management capabilities that empower organizations to manage compliance policies using security baselines, networking activity, and hardware/software inventory of computers – all within a single unified policy framework. Elemental also earned a number of industry and technical accolades for its innovation and success in 2005, as the broader industry recognized that its differentiated approach, delivering a high degree of automation and responsiveness to change, is key in the growing market of security policy and compliance management.

“By gathering information across our more than 50 geographic locations and making it centrally visible, and allowing us to exercise tailored security policies based on that information, the Elemental product gives us control over our distributed infrastructure which we have not previously had,” said Brian Murphy, director of Health Science Information Technology for the University at Buffalo Health Science schools. “This is the first product we’ve seen that centrally touches all machines in an area and allows us to protect and control them with security policies applied to groups that are dynamically populated based on the current state of the machines on our network. Now we can identify, control and protect against vulnerabilities like we have never been able to do before.”

According to Gartner, Inc., in 2006 IT financial compliance management spending will rise to a level between 10 percent and 15 percent of IT budgets. A Gartner and CIO Insight magazine survey in March 2004 found that 3.3 percent of the IT budget was dedicated to compliance1.

Elemental’s significant achievements in 2005 include:

– Publicly launching the company and announcing the commercial availability of the Elemental Compliance System;

– Securing $11 million in financing, with Lehman Brothers Venture Partners leading the investment round and original investors Bessemer Venture Partners, Mayfield and Sequoia Capital increasing their respective investment participation;

– Key customer acquisitions, including Catholic Health System, Marshall BankFirst, the University at Buffalo Health Science schools, John Wiley & Sons, Inc., and Knight Ridder;

– Growing the Elemental executive team with the addition of Michael Rogers, VP of Sales, and Marc Ferrie, VP of Engineering;

– Shipping a second major release of its product, which included increased platform coverage and scale, a deeper policy library, and reporting improvements;

– Earning 10 industry awards in 2005, including InfoWorld’s Technology of the Year Award, Information Security’s Hot Pick Award, Info Security Product Guide’s 2005 Product Excellence Award, Red Herring’s 100 Award, and InfoWorld’s Innovator 2005 Award;

– Growing the channel to more than 10 partners, including newest partners Corsa Networks, IGX Global Systems, REACT Networks, TruArx, and Vigilar; and

– Filing three patents with the U.S. Patent Office covering Elemental’s unique policy technology.

Elemental’s award-winning product is the world’s first solution that unifies policy management, host configuration, inventory/discovery and network access control in one seamlessly integrated offering. For the first time, enterprises can easily express cross-platform security policies that affect individual computers and their behavior on the network, gather meaningful up-to-date information to compare to established metrics, and selectively enforce policies across a diverse, dynamic environment. Security compliance has become a top priority for enterprises due to the pressures from increasing frequency and severity of security breaches, and from regulations such as Sarbanes-Oxley (SOX), the Payment Card Industry (PCI) Data Security Standard, and the Health Insurance Portability and Accountability Act (HIPAA).

According to a recent Gartner report, “Companies should look for solutions to support multiple regulations, not just SOX, and multiple business units. Sustainable compliance – that is, a level of effort that is sufficient, but not excessive – will only be achieved by consolidating compliance efforts through a programmatic, rather than a project-oriented, approach. A programmatic approach means that compliance is not treated as one project after another, but rather as a sustained ongoing effort across multiple regulations and business units.”2

“We are pleased with our industry traction and the progress we made in 2005, following Elemental’s public launch in April,” said Elemental CEO Peter Watkins. “We are positioned well for 2006, which will be a year of continued growth for the company. The strides we made in 2005 are confirmation of the previously unmet security compliance need of organizations we have identified, and recognition of the effectiveness of Elemental’s policy-based approach to uniquely address it. Our traction in the industry is due to the comprehensiveness of our security compliance management product. Combining policy management, host configuration, inventory management and access controls into a unified solution is seen as important in covering the bases of security compliance management.”

About Elemental
Elemental is an award-winning pioneer in the Security Compliance Management market. Elemental’s products address enterprises’ need to centrally manage the security compliance of all computers in their environments. Elemental provides unified visibility and control to manage dynamic computing environments, enabling enterprises to satisfy compliance requirements and measurably improve their security. Founded in December 2002, Elemental is a privately held company backed by Bessemer Venture Partners, Mayfield, Sequoia Capital and Lehman Brothers Venture Partners. Red Herring and AlwaysOn awarded the company their Red Herring 100 and AlwaysOn 100 awards, respectively, which honor the top private companies of 2005. The company is headquartered in San Mateo, Calif., and has offices throughout the U.S. Go to http://www.elementalsecurity.com for more information.

###

Note 1 – Gartner, Inc., “Sarbanes-Oxley Compliance Hits 15 Percent of the 2006 IT Budget,” French Caldwell, December 9, 2005.

Note 2 – Gartner, Inc., “Sarbanes-Oxley Spending Continues to Disrupt Software Purchases,” Tom Eid, Joanne M. Correia, French Caldwell, December 9, 2005.

Elemental and the Elemental Compliance System, among others, are trademarks or registered trademarks in the United States and certain other countries of Elemental Security, Inc. Additional company and product names may be trademarks or registered trademarks of other individual companies and are respectfully acknowledged.