For Immediate Release –July 25, 2008

SAINT Corporation is Accepted as a PCI Security Standards Council Approved Scanning Vendor

SAINT Corporation proves their ability to detect, identify, and report vulnerabilities

Bethesda, MD, July 25, 2008 — SAINT Corporation, a global leader in vulnerability assessment and penetration testing, announced today that its SAINT vulnerability scanner has successfully completed the rigorous PCI Security Standards Council Approved Scanning Vendors (ASV) testing process.

The PCI Data Security Standard (DSS), endorsed by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., requires merchants and service providers that store, process, or transmit customer payment card data to adopt information security controls and processes to ensure data integrity. Participating payment brands require PCI DSS compliance reports by a certified third-party assessor for on site audits of merchants and service providers that process payment card transactions. More information on the Council and the standard can be found at

As an ASV, SAINT Corporation is able to help merchants manage data security risks, evaluate the security of their systems that store payment account data and assist them in achieving compliance with the PCI DSS.

SAINT Corporation has achieved approved status by subjecting their SAINT network vulnerability scanner to rigorous testing on the Council’s infrastructure, which simulates the network of a typical security scan customer. In an era of increasingly sophisticated attacks on systems, the PCI DSS qualification reassures merchants that they are being assessed accurately and fairly against the most current payment industry requirements. Additionally, the vendors approved by the PCI Security Standards Council are the only entities qualified to perform scanning assessments.

“The PCI Security Standards Council is committed to helping everyone involved in the payment chain protect consumer payment data,” said Bob Russo, General Manager, PCI Security Standards Council. “By participating in the ASV certification process, SAINT Corporation demonstrates they are playing an active part in this important end goal.”

“Our top priority is to meet the needs of our customers by addressing the industry requirements for PCI auditing and compliance. We are happy to be able to provide the PCI solution they need,” said Donna Ruginski, CEO of SAINT Corporation.

“Aberdeen’s benchmark research on PCI DSS shows that companies with top performance currently use both vulnerability assessment and penetration testing solutions,” said Derek E. Brink, Aberdeen Group’s vice president and research fellow for IT Security. “In addition, the top-performing organizations have also been more successful than their counterparts at reducing both the time and cost to address security-related issues. Having both vulnerability assessment and penetration testing tools integrated in the same software, such the solution provided by SAINT, is consistent with these best-in-class characteristics.”

About PCI Security Standards Council

The mission of the PCI Security Standards Council is to enhance payment account security by driving education and awareness of PCI security standards. For more information, please visit

About SAINT Corporation

SAINT Corporation provides network security tools to financial, government, and educational institutions around the world. SAINT offers the only integrated vulnerability assessment and penetration testing tools available anywhere.

# # #
Media contacts

PCI Security Standards Council
Glenn R. Boyet

SAINT Corporation
Carole Stull