Press Release

RSA Named in Leaders Category in Both IT GRC and eGRC Platform Evaluations by Independent Research Firm

RSA Archer Only Platform to Achieve Leader Category in Both IT and eGRC Reports

BEDFORD, Mass., December 1, 2011 - 

RSA, The Security Division of EMC (NYSE: EMC) today announced that the RSA® Archer® Governance, Risk and Compliance platform ranked in the Leaders category in two simultaneous Forrester Research, Inc. Waves evaluating IT and eGRC platform vendors for Q4 2011. RSA Archer was the only GRC vendor to be named to both Forrester Waves and awarded the highest rankings for current offering, strategy and market presence in the IT GRC Wave, and the highest ranking for market presence in the eGRC Wave. Not only was the RSA Archer platform named a leader but it is also positioned as having the highest rating for market presence in both reports.

The Forrester Wave is designed to provide insight into a particular market or technology – to keep decision makers well-informed. For The Forrester Wave™: IT Governance, Risk and Compliance Platforms, Q4 2011, December 1, 2011, Forrester evaluated leading risk and compliance software vendors across 59 criteria and found that the RSA Archer platform scored at the top of the evaluation for content management, risk and control management, and workflow management. Forrester noted in the report that “the strong technical capabilities of the RSA Archer platform and the company's market success set it above the competition," and the RSA Archer platform is "one of the best overall technical platforms we assessed in the IT GRC space. With the Archer platform now under the wings of the RSA brand, the larger set of development resources along with the extended sales and marketing force will enable RSA to remain a leader in the IT GRC market for the foreseeable future."

Reflecting the still substantial gap that exists in most organizations between the IT and enterprise GRC functions, Forrester conducted and published a second evaluation, The Forrester Wave™: Enterprise Governance, Risk and Compliance Platforms, Q4 2011, November 30, 2011. Again the RSA Archer platform emerged as a leader based on a strong vision and the ability to evolve quickly and address customers' changing needs. "With solid technical functionality and a satisfied customer base, Archer made the leap into the Leaders category in this year's evaluation. The company's platform is highly configurable with an intuitive and easy-to-navigate interface, and its ability to facilitate customer-led development sets it apart from competitors," the report noted.

"Many companies are looking for tools to manage inter-related risks across the business not only in IT but also finance, operations, and legal domains, said David Walter, Senior Director, GRC Strategy and Solutions at RSA. "Our continued investment and dedication to creating a best-of-breed GRC platform helped to solidify our position in the market. The RSA Archer eGRC platform automates the measurement and visualization of risks across the enterprise to enable an apples-to-apples prioritization and enable a more effective utilization of limited risk mitigation resources. Our strong ecosystem of partners and vast community of users, help us to keep innovating and answer the latest GRC challenges facing our customers."

On Tuesday, January 24, 2012 at 2:00 PM EST, RSA will host a webinar to discuss the increased need for a converged GRC platform enabling holistic management of risk and compliance across the organization. Joining David Walter in the discussion will be guest Chris McClean, Forrester Senior Analyst and author of the GRC Waves, and a panel of Fortune 500 organizations.

About EMC

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations solve their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention, Continuous Network Monitoring, and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.

Press Contacts

Lona Therrien
781 515 5449
lona.therrien@rsa.com

RSA and Archer are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other products and/or services are trademarks of their respective owners.

This release contains "forward-looking statements" as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (iv) competitive factors, including but not limited to pricing pressures and new product introductions; (v) component and product quality and availability; (vi) fluctuations in VMware, Inc.'s operating results and risks associated with trading of VMware stock; (vii) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (viii) risks associated with managing the growth of our business, including risks associated with acquisitions and investments and the challenges and costs of integration, restructuring and achieving anticipated synergies; (ix) the ability to attract and retain highly qualified employees; (x) insufficient, excess or obsolete inventory; (xi) fluctuating currency exchange rates; (xii) threats and other disruptions to our secure data centers or networks; (xiii) our ability to protect our proprietary technology; (xiv) war or acts of terrorism; and (xv) other one-time events and other important factors disclosed previously and from time to time in the filings of EMC Corporation, the parent company of RSA, with the U.S. Securities and Exchange Commission. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.

Notes: