From the early days as an intern at the Pentagon, my technical background has been the foundation on which I ‘ve built a storied career of securing information and data. I’ve worked with many government agencies, as well as private organizations, which fight off cyber attacks on a daily basis. Having managed a highly successful government consulting company, and co-founding a cyber security software company, I am uniquely positioned to understand the client’s pain points and how to protect their data. As CEO and Co-Founder of SAINT Corporation, I have been an integral part of building a company that is leading the way in cyber security. We are recognized for supplying high-quality products and services, delivering outstanding customer support and undergoing robust business growth. I am responsible for the strategic direction, growth and management of the company and positioning the SAINT products in the top sector of the vulnerability assessment market. I have personally been responsible for contract awards for the following government agencies: • Office of the Secretary of Defense (OSD) • Defense Intelligence Agency (DIA) • The Drug Enforcement Administration (DEA) • Commander in Chief – Atlantic Intelligence Division • Office of the Joint Chiefs of Staff • Department of Agriculture (DOA) • Agriculture Research Service • Army Deputy Chief of Staff for Operations • Military Personnel Office • Federal Bureau of Investigation (FBI) • Department of Justice (DOJ) • National Institute of Genetics (NIG) • Comptroller • U.S. Navy

Chief Executive Officer @ Since its inception in 1998, SAINT Corporation has been developing software products to make network security easy and affordable. As a global leader in vulnerability assessment and penetration testing, our customers include high-level government agencies, top colleges and universities and major financial institutions. Industries and governments all over the world are now using SAINT products and services to manage IT security risk and compliance. SAINT Corporation offers a down-loadable software suite, SAINT 8, and a cloud-based system, SAINTCloud. Both are designed to assess the vulnerability of your company’s network, with features including: • Vulnerability scanning • Penetration testing and integrated vulnerability, configuration and application assessment • Exploit and penetration testing, including social engineering • Easy to understand dashboard and analytics • Government and industry compliance policies and reports • Configuration Assessments • Web Application Scanning • Remediation Ticketing • Custom Reporting • Asset Management • Security Trending • Automatic Updates • Advance object-based group and user permissions for additional security • Scan configuration options SAINT Corporation offers a variety of services to our clients, including vulnerability assessments to identify threats and risks to your company’s infrastructure. Our assessments focus on network devices, operating systems, desktop applications, databases, web-applications, printers and any device that is attached to your network. We also partner with companies to provide penetration testing services, using both manual and automated testing methodologies. SAINT Corporation developed the first integrated penetration testing and vulnerability scanner technologies. Our team of engineers focuses on security solutions relating to vulnerabilities, exploits and regulatory compliance. We offer both internal and external penetration testing, regardless of target type or scope. From January 2006 to Present (9 years 10 months) Washington D.C. Metro AreaChief Operating Officer @ I was appointed to Chief Operation Officer of Carson Associates in order to oversee the corporate operations of the company. At the time of my promotion, the following leaders of our organization reported to me: the VP of Advance Research Development, the VP of Decisions Systems, the VP of Process Improvement and the CIO. I worked with these executives to ensure that our company is providing valuable services to our clients, while maintaining our profitability as an organization. As COO, I am responsible for the overall corporate profitability, development and growth of Carson Associates. My achievements include: • Integrated corporate divisions and business units under a single operational structure, improving the overall efficiency of the organization • Rebranded the company image and logo to reflect our presence as an IT Consulting Firm • Established a clear corporate vision and mission for employees, clients and prospects • Consolidated three business offices in Virginia and Maryland to a single corporate headquarters location in Bethesda, Maryland, which is where Carson Associates resides today • Established a unified corporate budgeting model and forecasting process in order to maintain profitability • Established consistent management processes and corporate quality management initiatives • Developed corporate strategic plan and business development strategy including competitive cost centers for biding government contracts • Established corporate bid and proposal process for review of new business opportunities and teaming partnerships • Conducted a complete review of corporate human resources and implemented necessary changes to ensure consistent performance and salary reviews across the company • Constructed an outsourced corporate recruiting program, designed to bring in top-notch talent • Built an incentivized reward program to motivate executives, business developers and program managers to excel above and beyond our client’s expectations From July 1999 to Present (16 years 4 months) Washington D.C. Metro AreaPresident @ In late 1997, the National Institutes of Health (NIH) asked our company to come up with a cost effective solution to access the presence of vulnerabilities in their vast computer network. The size and complexity of the network was massive, spanning components for agency administrative systems, clinical center systems, physician data and patient records systems, and host of external interface points related to medical research. The most prominent commercial solution far exceed the budget of the agency, so we were faced with compiling a variety of open source tools combined with analytic and reporting software we developed as a solution for our customer. It was clear that there was room in the early stage security market for companies producing network vulnerability scanning technology and we seized this opportunity to form a commercial software company focused on the growing security concerns surrounding the Internet. SAINT Corporation was established to provide a solution to government agencies and commercial companies who have cyber security concerns. As President of SAINT Corporation, I put together a team of software engineers, programmers and security experts. Together, we created a product offering that went to market in 2000, first as a Cloud-based network scanning software branded as WebSAINT. Subsequently, we created the SAINT suite of software including downloadable software and appliances solutions. From July 1998 to August 2006 (8 years 2 months) Washington D.C. Metro AreaSr. Vice President @ As Sr. Vice President, I was responsible for selling, managing and developing new business with regards to information systems and information security services in the federal market place. My duties included preparing corporate bids and proposals, program development, staff development and maintaining customer relationships • Expanded a sole source contract base from $200,000 to over $3.0M in on-going business • Conducted top-level management study which lead to over $1.0M in continued implementation work • Structured bidding strategies to win a competitive, multi-year, multi-million dollar contract. • Organized the proposal development and Red Team review and wrote major portions of the technical and business proposals • Developed and executed a business plan to market and conduct Model 204 training for the intelligence community. • Responsible for the overall technical management, quality control, project planning and coordination, resource scheduling and final delivery of products to our government clients • Conducted study for the Drug Enforcement Administration (DEA); evaluated hardware and software alternatives for the Pathfinder Intelligence Database system • Managed the development of a prototype relational database system for the Military Personnel Office • Managed business operations and budget for the Computer Systems Division • Responsible for new business development, proposal generation, technical review of contract performance and client interface. • Acted as the Office-in-Charge; meeting regularly with clients as a primary corporate representative • Responsible for ensuring that the security programs were properly implemented for government contracts in accordance with Defense Investigative Service (DIS) requirements • Worked directly with the CFO to establish the corporate GSA Schedule 70 and MOBIS contract schedules • Corporate expert on the FAR and government contacting requirement From July 1988 to July 1999 (11 years 1 month) Washington D.C. Metro AreaVice President, Computer Systems Division @ A large part of my role as Vice President of the Computer Systems Division included proposal writing and development. As a direct result of my expertise, skills and abilities to effectively write winning proposals, Carson Associates was awarded contracts with the Drug Enforcement Administration, Office of the Secretary of Defense, Department of the Army, Defense Intelligence Agency and the Department of the Navy. Through my ongoing business development efforts, Carson Associates was awarded its first contract with the Drug Enforcement Administration (DEA). Cultivating this contract, I was able to establish and grow the company’s business within the intelligence community and was granted special clearance levels for these projects. This enabled the expansion of our work with the Defense Intelligence Agency (DIA). During this time, I was responsible for the highest proposal win rate in Carson Associate’s history as well as company wide contract expansion and growth. In 1988, I was responsible for winning the company’s largest contract with the Office of the Secretary of Defense, resulting in my promotion to Sr. Vice President of Carson Associates. Specialties & Key Accomplishments include: • Management of government contracts. Often times I was bid as the Project Manager-Key Personnel • Technical and cost volumes, win themes and analysis of proposal evaluation criteria in order to win more contracts • Year over year growth of the computer division business area for billings, bookings and backlog of contracts. • Structure contract management with appropriate staffing, planning, milestones and execution exceed customer expectations and satisfaction. From March 1983 to July 1988 (5 years 5 months) Washington D.C. Metro AreaDirector, Computer Systems Division @ Based on my work and the confidence I established with the client during my time as Sr. Associate, Richard Carson requested that I take over total responsibility for the program to develop automated budget exhibits. Assuming this responsibility resulted in my promotion to Director of the Computer Systems Division, and in turn, set the pace for my rapid professional growth within Carson Associates. Professional Duties & Projects: • Designed, developed and implemented a budget analysis decision support system for the DoD on the OSD Datapoint Distributed Network • Conducted Analysis of the DEA’s Pathfinder II system and established evaluation criteria that ranked strategic objectives and scored alternatives • Performed analysis of the Pacific Missile Test Center and the Fleet Tactical Analysis Center weapons systems database to determine opportunities for consolidation and re-systemization • Analyzed data products applicable to maintenance processes for weapons system life cycle From August 1981 to March 1983 (1 year 8 months) Washington D.C. Metro AreaSr. Associate @ As a Sr. Associate at Carson Associates, I worked as a programmer to develop report applications for the OSD Comptroller focusing on the Price and Program Growth (PPG) and Foreign Currency Fluctuation (FCF) budget exhibits incorporated into the Congressional Justification Book and the DoD budget to the President of the United States. Professional Duties & Projects: • Managed the definition and preparation of the Teleprocessing Services Program’s Multiple Award Schedule Contracts, as well as the BA requirements documentation, statement of work and evaluation criteria for the Tri-Service Medical Information System (TRIMIS) Automated Budget System • Developed manual and automated procedures for the Department of Defense (DoD) for the Data Element Standardization Program • Researched office automation hardware and procedures • Developed evaluation criteria and modeling methods for word processing & data processing applications From September 1979 to August 1981 (2 years) Washington D.C. Metro AreaSummer Federal Intern @ Imagine my surprise when the head of the mathematics department at Towson University received a call from General Scott’s secretary, asking me to report directly to the Pentagon at the end of my spring semester. Towson did not have an ROTC program, so a call from a Pentagon General received a lot of attention, and I was very excited to have a second internship with his team. I worked on a new program effort and provided oversight of one of our consultants, who was conducting a study related to the OSD Data Element Standardization Program. The consultant was Richard Carson, and at the time I was his boss. Little did I know that at the end of the summer, General Scott would suggest to Richard that he hire me to work on the same contract as a civilian, hence the start of my career at Carson Associates. During this internship, my responsibilities included: • Updating the 5000.12M Data Element Database • Participating in the development of the DoD Data Element Standardization Program • Utilizing the Model 204 Data Base Management System, supported by the Computer Corporation of America • Compiling a complete database for the Automated Selected Acquisition Reporting System (AUTOSAR) on the Air Force Data Services Center Multics System From June 1979 to August 1979 (3 months) Washington D.C. Metro AreaSummer Federal Intern @ The summer of 1978, I had an internship and worked for General Winfield S Scott, Jr. During this time, I was exposed to the inner workings of the DOD acquisition process and learned how major acquisition programs were managed through the Selected Acquisition Reporting (SAR) system. My responsibilities that summer included: • Automating the financial analysis of weaponry • Updating the automated SAR system • Utilizing Fortran and the Nomad Data Base System From June 1978 to August 1978 (3 months) Washington D.C. Metro Area

Master of Science (M.S.), Computer Science @ The Johns Hopkins University From 1984 to 1988 Bachelor of Science (B.S.), Mathematics and Computer Science @ Towson University From 1976 to 1980 Catonsville High School From 1972 to 1975 Donna Ruginski is skilled in: Vulnerability Assessment, Penetration Testing, Security, PCI DSS, Network Security, Information Security, Computer Security, Security Audits, Information Security..., Business Management, Business Operations, Team Management, Acquisition Integration, Cyber-security, Strategic Planning, Relationship Building