San Francisco, CALIF. — VSLive! San Francisco 2003 — February 11, 2003 - Sanctum, Inc., an established leader in Web application security software, today announced AppScan� Developer Edition (DE) 1.5, an automated testing tool that enables rapid development of secure Web-based applications. Integrated with Microsoft Visual Studio .NET 2003, AppScan DE identifies and provides fixes for application defects, helping developers deliver secure, high quality applications to QA. Sanctum's AppScan DE offers developers a tool to maintain creative integrity, while raising the bar for secure software. By testing applications for security defects early in the development cycle, AppScan DE builds confidence that enterprise applications will withstand the security threats of live, production environments. AppScan DE for Visual Studio .NET 2003 will be available in Spring 2003.

"It is imperative that developers adopt secure coding best practices without adding time or cost to the development process," said David Lazar, director for the Developer and Platform Evangelism Division at Microsoft Corp. "AppScan DE, from Sanctum, enables the developer community to deliver applications on time without sacrificing software security. That has huge benefit for both the developer and the enterprise."

By extending the application engineer's ability to develop secure applications beyond basic unit testing, and provide real time inline fix recommendations and remediation guidance, AppScan DE enables rapid development of secure next generation Web applications and Web services. With AppScan DE, enterprises benefit from fewer-and shorter-development cycles, ultimately lowering the total cost of the development lifecycle and reducing the business risk associated with insecure applications.

"Sanctum's goal is to spoil the fun a hacker experiences in corrupting the thoughtful design and intent of a Web-based application," said Steve Orrin, CTO, Sanctum, Inc. "AppScan DE enables developers to build resilience into the very business logic of the site, ensuring that the application can withstand any attack, that the developer wins every hacker battle, and that corporate risk is eliminated."

Availability
AppScan DE will be available in March 2003.

About Sanctum, Inc.
Founded in 1997 and headquartered in Santa Clara, Calif., Sanctum, Inc. is the recognized leader for Web application security solutions. Sanctum software solutions provide automatic enforcement of intended business processes, ensuring the protection of core information and data. By detecting and defending against any unauthorized behavior, Sanctum protects customers against malicious cybercriminal activity-from theft of intellectual property and customer data, to e-commerce fraud and Web site defacement-even if a site has unknown security holes or flaws. Sanctum's solutions complete a company's security infrastructure, assure regulatory compliance and create sustainable ROI. Sanctum's customers include industry leaders in finance, retailing, healthcare, government and telecommunications. Privately held, Sanctum is funded by blue-chip venture capital firms and industry leaders including Sprout Group, Dell, Gemini Israel Funds, Fidelity Ventures, Wachovia Strategic Ventures Group, Mofet Israel Technology Fund and Walden Israel. For more information, visit www.SanctumInc.com or contact the Company directly at (408) 352-2000.

For Immediate Release

Contact:

Diane Fraiman
Sanctum, Inc.
(408) 352-2000
[email protected]

Tara Dugan or Dara Sklar
Schwartz Communications, Inc.
(415) 512-0770
[email protected]