ICSA Labs Creates Web Application Firewall Product Developers’ Consortium

MECHANICSBURG, Pa.—March 26, 2007 — ICSA Labs®, an independent division of Cybertrust®, the global information security specialist, today announced the formation of the Web Application Firewall Product Developers’ (WAFPD) Consortium. The WAFPD Consortium was created to further evolve the current set of functional and assurance criteria for certifying Web application firewall technology and to provide a third-party information source to help the application security user community select and effectively implement Web application firewall products.

The consortium was formed as a direct result of a meeting attended by leading vendors in the Web application firewall market. Those in attendance unanimously agreed on the need for a consortium whose primary goals would be to educate end users about Web application firewall products, increase the adoption of Web application firewall technology and create publicly vetted, objective and credible security criteria against which Web application firewall products can be tested and certified.

The charter members of the ICSA Labs’ WAFPD Consortium are Breach Security, Inc., Citrix Systems, Inc., F5 Networks, Inc, Imperva and NetContinuum.

“Breach Security is pleased to be a founding member of the Web Application Firewall Product Developers’ Consortium,” said Marc Shinbrood, chief executive officer, Breach Security, Inc. “By working together, the vendor community can best define essential evaluation and testing criteria for Web application firewalls. Such standards are necessary to establish a mandatory level of protection that will ensure customers are effectively secured against fast evolving Web application threats.”

“Citrix Systems endorses the Web Application Firewall Product Developers’ Consortium role in the development and maintenance of application firewall certification criteria,” said Kurt Roemer, chief security strategist, Citrix Systems, Inc. “Strong, relevant and referenced security criteria are of the utmost importance in protecting the integrity of sensitive Web applications, especially those subject to security regulations. Citrix Systems is pleased to participate in the ICSA Labs’ Web Application Firewall certification program, and continually commits management and technical resources to enhance the state of application security through key ICSA Labs’ initiatives.”

The WAFPD Consortium plans to hold its charter meeting in May at Interop Las Vegas 2007. At that meeting, charter members will discuss important issues such as integrating compliance and regulatory standards, defining and differentiating Web application firewalls with respect to other security technologies, and reviewing criteria and related test procedures.

“The growing incidence of Web application attacks underscores the need for standardized criteria to help organizations select the Web application firewall that best matches their needs,” said Shlomo Kramer, founder and CEO of Imperva. “We are pleased to be working with ICSA Labs and others in the industry to establish a minimum standard for evaluating Web application firewalls.”

In addition to criteria development and the testing program, the WAFPD Consortium will develop white papers and tools to help educate and enable end users to better understand and select products that meet their functionality and security needs.

“Our goal is to provide buyers of security products with a credible and objective source for comprehensive information on the security and capabilities of products they are considering,” said George Japak, vice president of ICSA Labs. “ICSA Labs, with the WAFPD Consortium, is uniquely positioned to be that source.”

About ICSA Labs

ICSA Labs, an independent division of Cybertrust, Inc., offers vendor-neutral testing and certification of security products. Hundreds of the world’s top security vendors submit their products for testing and certification at ICSA Labs. The end-users of security technologies rely on ICSA Labs to authoritatively set and apply objective testing and certification criteria for measuring product compliance and reliability. The organization tests products in key technology categories such as anti-virus, anti-spyware, firewall, IPSec VPN, cryptography, network intrusion prevention, PC firewall, SSL-VPN, application firewall, anti-spam and Wireless LAN. For more information about ICSA Labs, please visit: http://www.icsalabs.com.

About Cybertrust
Cybertrust is the global information security specialist, delivering services that secure critical data, protect identities and help customers demonstrate ongoing compliance. Headquartered in Herndon, Virginia, United States with more than 30 offices around the globe, Cybertrust is one of the world’s largest providers of information security and a global market leader in managed security services. For more information, visit www.cybertrust.com.

© Cybertrust 2007. All Rights Reserved.
Cybertrust and ICSA Labs are trademarks or registered trademarks of Cybertrust Holdings, Inc. and/or its affiliates. All other trademarks are property of their respective owners.

About Breach Security, Inc.

Breach Security, Inc. is a leading provider of next-generation web application security that protects corporate-critical information. Breach effectively protects web applications of commercial enterprises and government agencies alike against Internet hacking attacks and provides an effective solution for expanding security challenges such as identity theft, information leakage, and insecurely coded applications. Breach’s solutions are ideal for any organization’s regulatory compliance requirements for security.  Breach was founded in 2004 and is headquartered in Carlsbad, Calif. For more information visit: www.breach.com.

# # #

Media Contacts:

Breach Security, Inc. U.S.

Dan Chmielewski, Principal
Madison Alexander PR, Inc.
dchm@madisonalexanderpr.com
(949) 231-2965