Citadel Security Software Achieves Major Milestone of 20,000 Vulnerability Remedies to Mitigate All Classes of Threats for Commercial and Government Enterprises.DALLAS -- The Citadel Remediation Security Group Continues to Deliver the Most Comprehensive Library of Tested Vulnerability Solutions Providing Proactive Enterprise Vulnerability Management Citadel Security Software Inc. (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on :CDSS CDSS California Department of Social Services CDSS Clinical Decision Support Systems CDSS Country Dance and Song Society CDSS Canadian Down Syndrome Society CDSS Community Day Secondary Schools (Malawi) ), a leader in enterprise vulnerability management and policy enforcement solutions, announced today that the company's Remediation Security Group has surpassed the milestone of twenty thousand vulnerability remedies that proactively protect customers against all five classes of vulnerabilities, including software defects, mis-configurations, unsecured passwords, backdoors and unnecessary services across Windows, Linux and Unix platforms. During the past three years, Citadel's Remediation Security Group continuously developed the world's largest library of fully tested vulnerability remedies, now exceeding 20,000. "Surpassing the 20,000 remedy mark demonstrates Citadel's continuing commitment to address the growing number of vulnerabilities that plague our customer's networks," said Carl Banzhof, CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. for Citadel. "Our dedicated Remediation Security Group leads the industry with its ability to deliver to our customers the means to fix vulnerabilities within hours of a new vulnerability announcement." Large, complex commercial and government enterprises typically make use of different operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. platforms and multiple operating system versions within a single platform on their networks. Remedies are needed for every operating system platform and version, making a large library of remedies necessary to mitigate all security vulnerabilities. In addition, security vulnerabilities include not only software defects, but also unnecessary services, unsecured accounts, mis-configurations and backdoors. Citadel's library of remedies is designed to address all five classes of vulnerabilities. Remediation Security Group: Testing Around-the-Clock Citadel's Remediation Security Group is the team of security analysts that writes, tests and delivers the remedies Citadel customers depend on to secure their networks. As a new vulnerability is discovered, the Remediation Security Group quickly responds by developing a remedy to counteract the vulnerability. The remedy is then tested against all known affected platforms and delivered electronically through the Hercules V-Flash service to the customer site. The Hercules V-Flash service is an automated delivery mechanism that connects customers to the Hercules server which houses the library of vulnerability remedies. In addition to delivering remedies, the Citadel Security Group also monitors and updates research information, URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. links for patches and related content to ensure links and information continue to be accurate, timely and relevant. Protection Against All Classes of Vulnerabilities The remedies developed by Citadel's Remediation Security Group combine security intelligence with defined and tested automated steps to mitigate the following five classes of vulnerabilities: 1. Unsecured accounts are accounts with null passwords, or administrator access without password protection or passwords without expiration. 2. Mis-configurations are network devices that have not been properly configured and could allow both internal and external exploits on the network. Some of these improper configurations include use of NetBIOS or SMB (1) (Small to Medium-sized Business) Also called "SME" (small to medium-sized enterprise), it refers to companies that are larger than the small office/home office (SOHO), but not huge. Protocol or Null Sessions. 3. Unnecessary services are services left running that are no longer needed. If they are left undiscovered, these services may unknowingly grant unwarranted access to the network. Unnecessary services may include Telnet or PC Anywhere. 4. Backdoors occur when there are certain tools that may be installed on a device for specific reasons such as remote assistance, but may also allow unrestricted access into a network such as Spyware including KaZaa, DownloadWare, 180 Solutions and GAIN along with known backdoors such as MyDoom.A, Netbus, Back Orifice A program that installs itself on a Windows machine as a server, allowing a cracker with the client counterpart to manipulate the machine more completely than the user at the keyboard. It can come in the form of a Trojan or ActiveX control. (based on Microsoft back office) and Sub Seven. 5. Software Defects are application defects that are typically fixed with some type of software update or patch. Examples of exploits of software defects include Blaster, SQL SQL in full Structured Query Language. Computer programming language used for retrieving records or parts of records in databases and performing various calculations before displaying the results. Slammer A worm that caused a billion dollars worth of damage on the Internet on January 25, 2003. Slammer infected computers all over the Internet by generating random IP addresses and causing the computer's buffer to overflow with its own instructions that replicate itself and start the process and Code Red. About Citadel Citadel Security Software Inc., a leader in enterprise vulnerability management solutions powered by AVR (Automatic Voltage Regulation) See voltage regulator. technology, helps enterprises effectively neutralize security vulnerabilities. Citadel's patent-pending, Common Criteria (Common Criteria for Information Technology Security) An international standard process for defining security objectives and for evaluating compliance with those objectives. The Common Criteria have largely replaced the Trusted Computer Security Evaluation Criteria (TCSEC), the Canadian EAL EAL English as an Additional Language EAL Evaluation Assurance Level EAL Eastern Airlines EAL Emergency Action Level EAL Environmental Analysis Laboratory EAL Evidence Analysis Library (American Dietetic Association) 3 certified Hercules(R) technology provides users with full control over the automated remediation process, enabling efficient aggregation, prioritization and resolution of vulnerabilities detected by industry-standard vulnerability assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. tools. SecurePC(TM) and NetOFF(TM) products enable companies to enforce security policies from a single point of control. Citadel's solutions enable organizations to ensure the confidentiality of information, reduce the time and costs associated with the inefficient manual remediation process, and facilitate compliance with organizational security policies and government mandates such as FISMA FISMA Federal Information Security Management Act of 2002 FISMA Federal Information System Management Act , HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, and Gramm-Leach-Bliley legislation. Citadel's customers include the Department of Defense, MCI (1) (Media Control Interface) A high-level programming interface from Microsoft and IBM for controlling multimedia devices. It provides commands and functions to open, play and close the device. (2) (Microwave Communications Inc. , Washington Mutual “WaMu” redirects here. For the Washington, DC radio station, see WAMU. Washington Mutual (or WaMu; NYSE: WM) is the United States' largest savings and loan association. Bank, Cushman & Wakefield and Providence Healthcare among others. For more information on Citadel, visit www.citadel.com, or contact the company at (214) 520-9292. Safe Harbor/Forward-looking Statements: This press release may contain forward-looking statements that are intended to be subject to the safe harbor Safe Harbor 1. A legal provision to reduce or eliminate liability as long as good faith is demonstrated. 2. A form of shark repellent implemented by a target company acquiring a business that is so poorly regulated that the target itself is less attractive. protection provided by Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. These statements relate to future events or future financial performance and involve known and unknown risks and uncertainties that may cause actual results or performance to be materially different from those indicated by any forward-looking statements. In some cases, you can identify forward-looking statements by terminology such as "forecast," "may," "will," "could," "should," "anticipate," "expect," "plan," "believe," "potential" or other similar words indicating future events or contingencies. Some of the things that could cause actual results to differ from expectations are: the current economic and geopolitical ge·o·pol·i·tics n. (used with a sing. verb) 1. The study of the relationship among politics and geography, demography, and economics, especially with respect to the foreign policy of a nation. 2. a. environment; current information technology spending trends; the uncertainty of funding of government information technology security projects; a lack of Citadel operating history; uncertainty of product acceptance; uncertainty of ability to compete effectively in a new market; the uncertainty of profitability and cash flow of Citadel; intellectual property rights and dependence on key personnel; economic conditions; the continued impact of terrorist attacks, global instability and potential U.S. military involvement; the competitive environment and other trends in the company's industry; changes in laws and regulations; changes in the company's business plans; interest rates and the availability of financing; liability and other claims asserted against the company; labor disputes; the company's ability to attract and retain qualified personnel; and inflation. For a discussion of these and other risk factors, see the company's Annual Report on Form 10-KSB for the year ended December 31, 2003 and its Quarterly Report on Form 10-QSB for the quarter ended September 30, 2004. All of the forward-looking statements are qualified in their entirety by reference to the risk factors discussed therein. These risk factors may not be exhaustive. The company operates in a continually changing business environment, and new risk factors emerge from time to time. Management cannot predict such new risk factors, nor can it assess the impact, if any, of such new risk factors on the company's business or events described in any forward-looking statements. The company disclaims any obligation to publicly update or revise any forward-looking statements after the date of this report to conform them to actual results. Editors Note: Citadel is a trademark and Hercules is a registered trademark of Citadel Security Software Inc. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion