San Jose, CA, April 6, 2009

The Security Consortium (TSC) and AppSec Consulting today announced their partnership to create comprehensive security services for enterprises, combining the expertise of TSC in network and product security with AppSec web application security. TSC and AppSec bring together deep security, network and firewall selection, implementation and testing expertise with application analysis and testing, offering companies a complete solution for compliance and security. The partnership provides companies with comprehensive vulnerability assessment and testing services to protect network applications.

Increasingly, companies are subject to regulations or requirements such as the Payment Card Industry Digital Security Standards (PCI DSS), which covers data security practices. Through the TSC and AppSec partnership, companies now have the ability to get sound advice on meeting these requirements, assistance in implementing and testing and affordable validation of compliance by a PCI Qualified Security Assessor. The partnership covers a broad range of services for product selection, implementation, testing, vulnerability analysis and penetration testing, and wireless network security.

Many companies are in the process of complying with the additional application security requirements in PCI DSS 6.6. In this section, companies are required to put in place some combination of application analysis and web application firewalls. AppSec expertise in application analysis and commercial web application firewalls, combined with TSC knowledge of network infrastructure and open source web application firewalls such as ModSecurity, provides comprehensive services to help companies select, implement and verify affordable compliance.

"As too many companies have discovered, meeting the letter of PCI doesn’t mean you won’t get breached," noted Mark Kadrich, CEO of The Security Consortium. "Companies need to work with experts to choose and implement security methods then test and verify the results. Working with AppSec allows us to provide more comprehensive compliance services by adding deep application security knowledge and methods to our product and network security service offerings."

"With the increased compliance requirements from PCI, companies are being asked to ensure security across a broad range of applications, but also the network as a whole," added Brian Bertacini, CEO of AppSec Consulting. "By partnering with TSC, we can provide comprehensive services to comply with requirements such as PCI and affordably validate that compliance."

Comprehensive compliance services are available through either TSC or AppSec. Contact TSC at http://www.thesecurityconsortium.net or info@thesecurityconsortium.net or AppSec at http://www.AppSecConsulting.com or info@AppSecConsulting.com for more information.

About The Security Consortium:
Testing, research, counsel and leadership services from The Security Consortium (TSC) provide companies with the ability to balance the need for security with business objectives. By focusing on overall business results instead of narrow test requirements, TSC helps companies improve the processes used to create, purchase, and operate security products.

TSC is a privately held company, founded in 2007 and based in San Jose, California.

About AppSec Consulting:
AppSec Consulting provides risk management, data security, and compliance solutions. Service offerings include risk and vulnerability assessment, penetration testing services, solutions integration, education and training, software assurance solutions, and PCI compliance services. AppSec is a PCI Approved Scanning Vendor and Qualified Security Assessor.

AppSec Consulting is a privately held company and a California Certified Small Business.