Citadel CTO Carl Banzhof Appointed to MITRE OVAL -- Open Vulnerability Assessment Language -- Board.Business Editors/High-Tech Writers DALLAS--(BUSINESS WIRE)--Dec. 10, 2002 Industry Veteran Joins IT Security Leaders to Standardize Vulnerability Assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. for Accelerated Remediation Citadel Security Software, Inc. (OTCBB OTCBB See OTC Bulletin Board (OTCBB). :CDSS CDSS California Department of Social Services CDSS Clinical Decision Support Systems CDSS Country Dance and Song Society CDSS Canadian Down Syndrome Society CDSS Community Day Secondary Schools (Malawi) ), a leader in automated vulnerability remediation, announced today that CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. Carl Banzhof has been appointed to the OVAL (Open Vulnerability Assessment Language) Board. Banzhof joins security veterans from industry leaders including Symantec, Internet Security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. Systems, Network Associates, SANS Institute The SANS Institute (SysAdmin, Audit, Networking, and Security) is a trade name owned by the for-profit Escal Institute of Advanced Technologies. SANS provides computer security training, professional certification, and a research archive. , CERT/CC (Computer Emergency Response Team/Coordination Center) Part of the Software Engineering Institute of Carnegie Mellon University, CERT/CC is a major reporting center for Internet security problems. (R) and Harris. The goal for the board is to establish a baseline method for performing vulnerability assessments along with standardizing the process of identifying and naming vulnerabilities. MITRE (www.mitre.org) is a not-for-profit national resource that provides systems engineering, research and development, and information technology support to the government. "We are delighted to have Carl Banzhof join the other IT security experts on the OVAL Board," said Matthew Wojcik, Senior Information Security Engineer, The MITRE Corporation (body) MITRE Corporation - A US federally funded R&D center, spun off in 1958 from the MIT Lincoln Laboratory (also an FFRDC). MITRE is a non-profit corporation chartered to do R&D in the public interest. . "His deep understanding of security vulnerability remediation will greatly benefit the Board's efforts to simplify vulnerability identification. As automated vulnerability remediation gains adoption in the enterprise, it will be critical that assessment tools support the OVAL standard." Automated Vulnerability Remediation (AVR (Automatic Voltage Regulation) See voltage regulator. ) enables IT managers to quickly and effectively resolve the backlog of vulnerabilities identified by assessment tools, providing an efficient and economical answer to an ongoing costly problem. Vulnerability remediation is not limited to installing patches--it encompasses the entire scope of IT vulnerabilities, including software defects, insecure user accounts, unnecessary services and misconfigurations. "I am pleased to be selected to participate in the OVAL project which will allow Citadel to apply resources to help pioneer the future of vulnerability assessment and remediation through consolidated research and heuristic A method of problem solving using exploration and trial and error methods. Heuristic program design provides a framework for solving the problem in contrast with a fixed set of rules (algorithmic) that cannot vary. 1. capabilities," said Carl Banzhof, Chief Technology Officer, Citadel. "This driving consortium will forever change the landscape of the market and provide users with additional capabilities that seek to refine the science of vulnerability assessment and remediation." In his 17 years in the security industry, Carl Banzhof has been responsible for the architecture and development of multiple award-winning security products. He and his development team are also credited with the innovation behind Hercules, Citadel's automated vulnerability remediation solution. OVAL builds upon Common Vulnerabilities and Exposures (CVE (Common Vulnerabilities and Exposures) A list of information security exposures and vulnerabilities sponsored by US-CERT and maintained by the MITRE Corporation. ), a dictionary of standardized names and descriptions for publicly known information security vulnerabilities and exposures, developed by MITRE in cooperation with the international security community. The OVAL effort was initiated by MITRE, and involves representatives from a broad spectrum of industry, academia, and government organizations, including operating system and security tool vendors. About Citadel Citadel Security Software, Inc. (OTCBB:CDSS) develops, markets and licenses computer security and privacy software for one of the fastest growing software industry segments today -- security inside the firewall. Citadel's Winshield(R) SecurePC(TM) and NetOFF(TM) products enable companies to enforce security policies from a single point of control. Citadel's Hercules remediates vulnerabilities from the five classes of security vulnerabilities: insecure accounts, unnecessary services, misconfigurations, back doors and software defects. Hercules' open architecture design allows the import and aggregation of assessment data from many sources. Hercules is interoperable with industry leading vulnerability assessment tools, allowing customers to address the real world issues of vulnerability assessment and remediation. Citadel's products also address the initiatives of the President's National Strategy to Secure Cyberspace In the United States government, the National Strategy to Secure Cyberspace, is a component of the larger National Strategy for Homeland Security. The National Strategy to Secure Cyberspace was drafted by the Department of Homeland Security in reaction to the September 11, 2001 and the mandates of HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, and Gramm-Leach-Bliley legislation for the healthcare and financial industries. Further information about Citadel Security Software and its products can be accessed at its website, www.citadel.com. Safe Harbor/Forward-looking Statements: Except for the historical information contained herein, this news release contains forward looking statements that are subject to risks and uncertainties, including lack of Citadel operating history, uncertainty of product acceptance, uncertainty to compete effectively in a new market category and the uncertainty of profitability and cash flow of Citadel. These risks and uncertainties may cause actual outcomes and results to differ materially from expectations in this press release.These and other risks are detailed from time to time in CT Holdings' and Citadel's SEC reports, including CT's report on Form 1O-KSB for the year ended December 31, 2001 and most recent Form 10-QSBs, as well as Citadel's Registration Statement on Form 10-SB and amendments and most recent Form 10-QSBs. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion