OUNCE LABS SECURITY EVANGELIST TO DISCUSS APPLICATION VULNERABILITIES AT SANS WHATWORKS IN APPLICATION SECURITY SUMMIT 2007

WALTHAM, MA -- (MARKET WIRE) -- August 9, 2007

What
Dinis Cruz, Director of Advanced Technology at Ounce Labs, will deliver a keynote address, strategy presentation and participate in a panel discussion at the SANS WhatWorks in Application Security Summit 2007 conference being held on August 15 -17 in Washington, DC.

Keynote Address
Mr. Cruz will deliver a keynote address entitled 'Some Inconvenient Truths About Application Security' on Thursday, August 16th at 1:30 pm. This presentation will discuss how, as we combat daily threats to our businesses, we must never lose sight of the real and inconvenient truths about creating applications that handle and protect confidential information.

Strategy Presentation
Mr. Cruz will also present 'Making the Case for Sandboxed Environments (Why Microsoft and Sun are Asleep at the Wheel)' on Tuesday, August 14th at 8:00 pm. This presentation will focus on the need to have systems that execute code inside sandboxed environments. It makes the case for the widespread use of tools such as Microsoft's Code Access Security and will discuss solutions for many of the current exploit containment issues faced by developers.

Vendor Panel
Mr. Cruz will also be a panelist on a "Tools Shootout" vendor panel discussion that will take place on Thursday, August 16th at 4 pm. The panel discussion will focus on implementation lessons learned in the deployment of application security tools. Technical experts will discuss the most common mistakes users often make that lessen the value of the tools and how to avoid them.

Speaker Bio
With an extensive career in source code security, penetration testing and security curriculum development, Dinis Cruz is one of the world's foremost consultants on application security. He works as part of Ounce Labs' Advanced Research Team as a Director of Advanced Technology. He has achieved prominence with his role in OWASP, the Open Web Application Security Project, as a board member and their Chief Security Evangelist. He also acts as a senior security consultant and trainer for companies such as Foundstone, Vigilar and Infosys.

Where
The conference will be held at the Wardman Park Marriott Hotel in Washington, DC.

Ounce Labs will also be the exclusive host of a welcome reception the evening of Tuesday, August 14th from 5:00 to 8:00 pm for all conference attendees. The reception will include a full dinner, a jazz trio and will also feature a demonstration of the Ounce 5.0 application released in July.

About Ounce Labs, Inc.
Ounce Labs' solutions enable organizations to identify, prioritize and eliminate business risk to the enterprise caused by software security vulnerabilities. With Ounce Labs, organizations strengthen application security, protect confidential information and verify compliance with both internal policies and industry mandates such as PCI, FISMA, HIPAA and others.

Ounce Labs' software analyzes application source code to provide the most complete and accurate analysis of application vulnerabilities and their relative priorities, enabling business users and IT professionals to optimize their resources on resolving the most critical issues.

Unique in its ability to scale across an organization's entire portfolio of applications, Ounce is used enterprise-wide by many of the world's most security-conscious organizations, including AT&T, EDS, IBM, Intel, Lockheed Martin, MFS, the U.S. Air Force, the U.S. Government Accountability Office, Unisys and VeriSign.

Led by senior executives with deep enterprise software and security expertise, Ounce Labs is headquartered in Waltham, Massachusetts, with regional offices throughout the U.S. For more information, please visit www.ouncelabs.com.

###

Media Contacts:

Jake Messier
Ounce Labs
781.547.7031
Email Contact
http://www.ouncelabs.com

Robert Craig
Davies Murphy Group
+1.781.418.2414
Email Contact
http://www.daviesmurphy.com