For Immediate Release – November 16, 2009

SAINT Releases Version 7.2 with Added Web Application and OVAL Functionality

SAINT extends vulnerability scanning offering by adding form based authentication and OVAL integration

Bethesda, MD – SAINT Corporation, the leader in integrated vulnerability assessment and penetration testing software, today announced SAINT 7.2, a new version of the industry’s first integrated vulnerability scanning and penetration testing technology. SAINT 7.2 provides OVAL functionality and additional Web application functionality.

“OVAL is a requirement for SCAP compliance, which is being enforced throughout the government industry. Not only does this illustrate our commitment to the SCAP initiative but we believe our commercial customers will also be able to take advantage of this feature as well,” said Billy Austin, chief security officer of SAINT Corporation. “OVAL provides the capability for SAINT users to import security related checks by compliance, patch, vulnerability, and more.”

The new form based authentication for Web applications complements our existing SQL and XSS vulnerability probes and will allow our customers to provide a more granular analysis of Web security threats. When authentication to an application has occurred, now the security probes can provide visualization of the underlying vulnerability posture. Customers can configure scanning policies and the depth of Web spidering.

SCAP Compliance Status – SAINT is working toward SCAP compliance and currently has the following SCAP requirements incorporated into its products: CVE, CVSSv2, CPE, and OVAL. XCCDF and CCE are the remaining components. SAINT will be submited for SCAP certification as soon as these remaining two components are incorporated.

SAINT scanner and Exploit customers will receive the new OVAL and Web Application functionality by updating to the latest version. For more information regarding SAINT’s new features and how they are applicable for various industry regulatory compliances, contact

SAINT Corporation provides network security tools to financial, government and educational institutions around the world. The SAINT® vulnerability scanner and penetration testing tools are recognized as industry leaders by top information security organizations and publications.