Elemental Security Platform Earns Certification from the Center for Internet Security

Elemental ESP Meets Rigorous Technical Security Control Standards

Established by Leading Organization Setting Industry's Benchmark Baselines

Apr 10, 2006, 01:00 ET from Elemental Security, Inc.

    SAN MATEO, Calif., April 10 /PRNewswire/ -- Elemental Security, Inc.,
 the award-winning pioneer of new technology in enterprise information
 security, today announced that its Elemental Security Platform (ESP) v2.0
 has been certified by the Center for Internet Security (CIS) for computing
 platforms supported by the latest release of Elemental's policy and risk
 management product. In addition, ESP v2.0 is the industry's first product
 to complete the CIS' rigorous certification process for the IBM UNIX (AIX)
 and Sun Solaris 10 platforms.
     The CIS Benchmark is a set of technical standards that draws upon best
 practices published by The SANS Institute, the National Security Agency
 (NSA), the National Institute of Standards and Technology (NIST), and the
 U.S. Defense Information Systems Agency (DISA), as well as consensus
 guidance from CIS members and users. The CIS Certification program is
 distinguished from other IT certifications because CIS certified vendor
 tools support the consensus best practices movement. CIS strategic
 partnerships with AICPA, IIA and ISACA are advancing the science of
 security auditing to include measurement of configuration management
     "With the constant proliferation of system threats and computer
 vulnerabilities, enterprises need to take a proactive stance to minimize
 security risks by ensuring that all systems are in compliance with their
 implemented system security compliance policies," said CIS President and
 CEO Clint Kreitner. "This CIS Certification assures Elemental customers
 that ESP v2.0 accurately and thoroughly compares the configuration of their
 organizations' computer platforms with the relevant baseline security
 benchmarks defined by user consensus. Elemental enables users to define
 their security compliance policies with the CIS benchmarks as a guide, and
 to constantly monitor and audit systems to ensure continued compliance with
 these established baselines."
     With these certifications, Elemental customers are assured that their
 security best practices and security benchmark policies are properly
 implemented in order to assure that computers are configured with the most
 appropriate security settings. After extensive testing, Elemental earned
 CIS benchmark certifications for policies for computing platforms supported
 by ESP, including Windows 2000, 2000 Pro, and 2000 Server; Windows 2003
 Domain Member Server and Domain Controller 2003; Windows XP; UNIX versions
 of IBM (AIX) and Hewlett-Packard (HP-UX); Red Hat Enterprise Linux; and Sun
     "The CIS Benchmarks are widely accepted, user-originated standards that
 help companies satisfy the configuration and compliance requirements for
 today's most popular computing platforms," said Elemental Chief Marketing
 Officer Roy Agostino. "We are pleased to earn these certifications, to
 assure that the policy baselines we offer customers are in line with the
 high- security industry benchmarks, as defined by CIS and industry user
     In addition to CIS Benchmark policies, ESP offers an extensive suite of
 policies for other benchmarks, such as from the NSA, NIST and DISA; and
 industry best practices, including those published by Microsoft. With ESP,
 users can assess compliance with established full benchmarks, or can
 customize these policies to fit their specific environments and individual
 business objectives. With ESP, organizations can deploy these policies and
 get compliance results across the entire enterprise in minutes.
     The award-winning ESP is the only security policy system built from the
 ground up to make the state and activity of users and computers fully
 transparent, enabling customers to directly translate their business
 objectives into specific policies for all users and systems on their
 networks. Elemental unifies policy management, host configuration,
 inventory/discovery and role-based access control in one seamlessly
 integrated offering. Using Elemental, security administrators can easily
 assess the security posture of machines and networks, and make proactive
 decisions about managing risk. Security policy and compliance management
 continue to be top priorities due to increasing frequency and severity of
 security breaches, and regulations such as Sarbanes-Oxley (SOX), the
 Payment Card Industry (PCI) Data Security Standard, and the Health
 Insurance Portability and Accountability Act (HIPAA).
     About Elemental
     Elemental is an industry leader in enterprise policy and risk
 management. Using its award-winning Elemental Security Platform (ESP),
 organizations can directly translate their business objectives into
 specific policies for all users and systems on their networks. For the
 first time, enterprises can use a single product to obtain measurable and
 comprehensive metrics for their security policy needs and compliance
 requirements. Founded in December 2002, Elemental is a privately held
 company backed by Bessemer Venture Partners, Mayfield, Sequoia Capital and
 Lehman Brothers Venture Partners. Red Herring and AlwaysOn awarded the
 company their Red Herring 100 and AlwaysOn 100 awards, respectively, which
 honor the top private companies. Elemental was also named the "Most
 Innovative" company at the RSA Conference 2006 and a "Private Security
 Company to Watch" by Red Herring. The company is headquartered in San
 Mateo, Calif., and has offices throughout the U.S. Go to
 http://www.elementalsecurity.com for more information.
     NOTE: Elemental and the Elemental Security Platform, among others, are
 trademarks or registered trademarks in the United States and certain other
 countries of Elemental Security, Inc. Additional company and product names
 may be trademarks or registered trademarks of other individual companies
 and are respectfully acknowledged.
 Available Topic Expert(s): For information on the listed expert(s), click
 appropriate link.
 Dan Farmer

SOURCE Elemental Security, Inc.