Citadel Security Software's Hercules Awarded Certificate of Compatibility for Full CVE Compliance.DALLAS -- Citadel is the First Automated Vulnerability Remediation Product Certified as Fully CVE (Common Vulnerabilities and Exposures) A list of information security exposures and vulnerabilities sponsored by US-CERT and maintained by the MITRE Corporation. Compliant Citadel Security Software Inc. (Nasdaq:CDSS CDSS California Department of Social Services CDSS Clinical Decision Support Systems CDSS Country Dance and Song Society CDSS Canadian Down Syndrome Society CDSS Community Day Secondary Schools (Malawi) ), a leader in vulnerability management and policy enforcement solutions, announced today that the company's AVR (Automatic Voltage Regulation) See voltage regulator. solution, Hercules(R), has been certified as fully compliant and compatible with the Common Vulnerabilities and Exposures (CVE(R)) Initiative. Led by the MITRE Corporation (body) MITRE Corporation - A US federally funded R&D center, spun off in 1958 from the MIT Lincoln Laboratory (also an FFRDC). MITRE is a non-profit corporation chartered to do R&D in the public interest. , CVE promotes the use of standard names for security vulnerabilities and exposures to foster information sharing See data conferencing. across security solutions. The Certificate of Compatibility was awarded to Citadel at the 2nd CVE Compatibility Award Ceremony during the Computer Security Institute (CSI CSI Crime Scene Investigator CSI CompuServe, Inc. CSI Commodity Systems, Inc. CSI Commodity Systems Inc. (Boca Raton, FL) CSI Crime Scene Investigation (CBS TV show) CSI Christian Schools International ) 31st Annual Computer Security Conference and Exhibition in Washington, D.C. Lawrence C. Hale, the Deputy Director of the National Cyber Security Division The National Cyber Security Division (NCSD) is a division of the Office of Cyber Security & Communications, within the United States Department of Homeland Security's Directorate of National Protection and Programs. , U.S. Computer Emergency Readiness Team (CERT) at the Department of Homeland Security Noun 1. Department of Homeland Security - the federal department that administers all matters relating to homeland security Homeland Security executive department - a federal department in the executive branch of the government of the United States , presented the awards. "The CVE Initiative brings consistency and interoperability to the security and computing community," said Kent Landfield, a CVE Editorial Board member since 1999 and Security Group Director for Citadel. "The CVE Compatibility Process is a formal evaluation of submitted information security products and services. The testing and certification process assures products meet the criteria set out by the CVE Initiative to prove they are CVE-compatible." CVE is a community-wide effort to create a list of standardized names for vulnerabilities and other information security exposures. Being CVE-compatible means that an information security product or service uses CVE names in a way that allows it to cross-link with other repositories that also use CVE names, facilitating the exchange of vulnerability information and making it easier to share data in a vendor-independent manner. "The CVE Initiative achieved a major milestone when more than 200 products and services were declared CVE-compatible or were in the process of being made compatible by 125 organizations from industry, government, and academia from around the world," said Bob Martin, CVE compatibility lead for MITRE. "Citadel's Hercules has met the strict CVE compatibility evaluation and testing requirements and is now fully CVE-compatible, demonstrating their commitment to an industry standard that benefits enterprise security requirements." "Prior to this award ceremony, only 14 products or services from 10 organizations had achieved the final phase of MITRE's formal CVE Compatibility Process and become officially CVE-compatible," said Carl Banzhof, CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. of Citadel Security Software. "We are proud to be the first automated vulnerability remediation solution to meet the CVE compatibility requirements. By achieving full CVE compatibility for Hercules, our customers now have better vulnerability coverage, easier interoperability and enhanced security across the enterprise." About The Common Vulnerabilities and Exposures (CVE) Initiative In 1999, MITRE created CVE to act as a bridge between different information security tools and services. The CVE Editorial Board includes numerous information security-related organizations including commercial security tool vendors, members of academia, research institutions, government agencies, and other prominent security experts that work together to foster the integration and direction of CVE. The CVE Initiative is funded by the U.S. Department of Homeland Security. About The MITRE Corporation MITRE (www.mitre.org) is a not-for-profit national resource that provides systems engineering, research and development, and information technology support to the government. It operates federally funded research and development centers Federally Funded Research and Development Centers (FFRDCs) conduct research for the United States Government. They are administered in accordance with U.S Code of Federal Regulations, Title 48, Part 35, Section 35.017 by universities and corporations. for the Department of Defense, the Federal Aviation Administration Federal Aviation Administration (FAA), component of the U.S. Department of Transportation that sets standards for the air-worthiness of all civilian aircraft, inspects and licenses them, and regulates civilian and military air traffic through its air traffic control and the Internal Revenue Service, with principal locations in Bedford, Mass., and McLean, Va. About Citadel Citadel Security Software Inc., a leader in enterprise vulnerability management solutions powered by AVR technology, helps enterprises effectively neutralize security vulnerabilities. Citadel's patent-pending, Common Criteria (Common Criteria for Information Technology Security) An international standard process for defining security objectives and for evaluating compliance with those objectives. The Common Criteria have largely replaced the Trusted Computer Security Evaluation Criteria (TCSEC), the Canadian EAL EAL English as an Additional Language EAL Evaluation Assurance Level EAL Eastern Airlines EAL Emergency Action Level EAL Environmental Analysis Laboratory EAL Evidence Analysis Library (American Dietetic Association) 3 certified Hercules(R) technology provides users with full control over the automated remediation process, enabling efficient aggregation, prioritization and resolution of vulnerabilities detected by industry-standard vulnerability assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. tools. SecurePC(TM) and NetOFF(TM) products enable companies to enforce security policies from a single point of control. Citadel's solutions enable organizations to ensure the confidentiality of information, reduce the time and costs associated with the inefficient manual remediation process, and facilitate compliance with organizational security policies and government mandates such as FISMA FISMA Federal Information Security Management Act of 2002 FISMA Federal Information System Management Act , HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, and Gramm-Leach-Bliley legislation. For more information on Citadel, visit www.citadel.com, or contact the company at (214) 520-9292. Safe Harbor/Forward-looking Statements: This press release may contain forward-looking statements that are intended to be subject to the safe harbor Safe Harbor 1. A legal provision to reduce or eliminate liability as long as good faith is demonstrated. 2. A form of shark repellent implemented by a target company acquiring a business that is so poorly regulated that the target itself is less attractive. protection provided by Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. These statements relate to future events or future financial performance and involve known and unknown risks and uncertainties that may cause actual results or performance to be materially different from those indicated by any forward-looking statements. In some cases, you can identify forward-looking statements by terminology such as "forecast," "may," "will," "could," "should," "anticipate," "expect," "plan," "believe," "potential" or other similar words indicating future events or contingencies. Some of the things that could cause actual results to differ from expectations are: the current economic and geopolitical ge·o·pol·i·tics n. (used with a sing. verb) 1. The study of the relationship among politics and geography, demography, and economics, especially with respect to the foreign policy of a nation. 2. a. environment; current information technology spending trends; the uncertainty of funding of government information technology security projects; a lack of Citadel operating history; uncertainty of product acceptance; uncertainty of ability to compete effectively in a new market; the uncertainty of profitability and cash flow of Citadel; intellectual property rights and dependence on key personnel; economic conditions; the continued impact of terrorist attacks, global instability and potential U.S. military involvement; the competitive environment and other trends in the company's industry; changes in laws and regulations; changes in the company's business plans; interest rates and the availability of financing; liability and other claims asserted against the company; labor disputes; the company's ability to attract and retain qualified personnel; and inflation. For a discussion of these and other risk factors, see the company's Annual Report on Form 10-KSB for the year ended December 31, 2003 and its Quarterly Report on Form 10-QSB for the quarter ended June 30, 2004. All of the forward-looking statements are qualified in their entirety by reference to the risk factors discussed therein. These risk factors may not be exhaustive. The company operates in a continually changing business environment, and new risk factors emerge from time to time. Management cannot predict such new risk factors, nor can it assess the impact, if any, of such new risk factors on the company's business or events described in any forward-looking statements. The company disclaims any obligation to publicly update or revise any forward-looking statements after the date of this report to conform them to actual results. Editors Note: Citadel is a trademark and Hercules is a registered trademark of Citadel Security Software and CVE is a registered trademark of the MITRE Corporation. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion