Watchfire Receives ''Positive Rating'' In Top Industry Analyst Firm's Web Application Security Vulnerability Scanners MarketScope Report; Report States Regular Scanning of Web Applications Should Be a Requirement

Business Wire, July 20, 2006

WALTHAM, Mass. -- Top industry analyst firm Gartner, Inc. this week recognized Watchfire with a "Positive Rating" in its MarketScope report on Web Application Security Vulnerability Scanners. Gartner's rating follows recognition by the analyst firm in May citing Watchfire as the Security Vulnerability Scanner worldwide market leader with 31.3 percent global market share based on revenue for 2005.(1)

According to the report, "Regular scanning of web applications for security vulnerabilities should be a requirement at application development and operational stages, both on production systems and as part of testing before allowing web applications to be installed on production systems. The problem is real and significant. Gartner estimates that 90 percent of externally-accessible applications today are web-enabled, and two-thirds of them have exploitable vulnerabilities. Because web applications are intended to be externally accessed using a browser, attacks easily bypass perimeter security solutions."

"Gartner's MarketScope and Magic Quadrant reports are the standards that our industry looks to for confirmation of a company's state of competitiveness in the industry. We believe Watchfire's position confirms how we've evolved our product to match the needs of enterprise customers around the world," said Peter McKay, president and CEO of Watchfire. "In May, a Gartner Dataquest report indicated that Watchfire owns nearly a third of the global market in 2005 and more than twice the market share of any competitor. We feel Gartner's MarketScope report reinforces Watchfire's strategic direction by showing the Company is well positioned to maintain its leadership in the years ahead."

The Gartner MarketScope for Web Application Security Vulnerability Scanners, 2006 serves as a guide for web and application security purchasers, providing a non-partisan status report for existing clients. The report, authored by Research Vice President Joseph Feiman and Vice President and Distinguished Analyst Neil MacDonald, rates companies based upon product and service offerings, market understanding, innovation and overall viability. The authors decided on a "promising" rating for the overall market, citing rapid growth fueled by immediate need to identify and remediate vulnerabilities in web applications, growing exposure of externally-facing applications to the web community, and relentless attacks attempting to disable or ill-exploit those applications.

Gartner Dataquest's recent recognition of Watchfire as the worldwide market share leader in the Application Security Vulnerability Scanning sub-category appeared in, "Market Share: Application Development and Project and Portfolio Management, Worldwide, 2005," by Gartner Dataquest. According to this report, Watchfire's 31.3 percent market share tops the Security Vulnerability Scanners sub-category, owning nearly one-third of the global market and more than twice the market share of the nearest competitor.

Watchfire Web Application Security Scanning Solutions

Watchfire provides security testing throughout the application development lifecycle and meets Gartner's recommended vendor differentiation requirements by providing web application security solutions that integrate into the software development lifecycle, help manage reporting capabilities across multiple instances of deployed scanners, scale to scan applications across the enterprise, and provide features and services that go beyond application scanning. These include:

--AppScan(R) and AppScan DE: the market-share leading web application security testing tools that also provide comprehensive remediation tasks at every level of the application. AppScan DE integrates into Microsoft Visual Studio, Eclipse and JBuilder to enable security testing early and often during the development lifecycle

--AppScan(R) Enterprise: the industry's first enterprise class, browser-based web application security platform. The scalable architecture provides enterprise scanning, reporting, dashboarding and trending capabilities in a web-based environment. The zero-footprint solution can be rolled out across the enterprise enabling security testing at every stage of the software development lifecycle

--AppScan(R) OnDemand: web application vulnerability assessment software offered as a hosted outsourced service that is ideal for those that need to scale their internal security teams or those with little or no security expertise in house

About the Gartner MarketScope

The MarketScope is copyrighted July 14, 2006 by Gartner, Inc. and is reused with permission. The MarketScope is an evaluation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the MarketScope, and does not advise technology users to select only those vendors with the highest rating. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.