SYS-CON MEDIA Authors: Stackify Blog, Zakia Bouachraoui, Yeshim Deniz, Elizabeth White, Pat Romanski

Related Topics: Cloud Security

News Feed Item

Citadel Responds to Latest Cyber Theft Events With New Security Service to Protect Computer Networks

Free Daily Service Identifies New Threats and Recommends Steps to Defend Networks Against Cyber Attacks

DALLAS, TX -- (MARKET WIRE) -- 06/20/05 -- In response to the recent series of major computer system breaches, Citadel Security Software Inc. (NASDAQ: CDSS), a leader in enterprise vulnerability management and policy enforcement solutions, has increased its efforts to educate public, private and academic organizations about network security best practices. Today Citadel introduced a daily security news service that provides up-to-the-minute threat alerts, recommended actions to thwart attacks, and headline news in a radio-style broadcast. This free subscription service enables network security professionals to stay abreast of new vulnerabilities and quickly develop plans to mitigate risk and maintain security compliance.

Because of the serious and ongoing nature of security breaches at some of the country's leading businesses, Citadel decided to offer its "Citadel 2 Minute Warning - A Daily Security Briefing" free to customers and non-customers alike. By doing so, Citadel aims to build awareness of the ever-widening range of exploitable vulnerabilities, promote the aggressive implementation of security measures, and minimize the damage caused by security exploits. In addition, Citadel customers can proactively remove any vulnerabilities before they are exploited using the company's award-winning Hercules automated vulnerability remediation solution.

"When I testified before a Congressional panel a year ago, I warned that the dangerous state of exploitable vulnerabilities in computer systems presented serious risks to the U.S. economy and even our way of life," said Steve Solomon, CEO of Citadel Security Software. "The technology sector is responding to this danger with tools that have proven to be successful in protecting networks from the constant onslaught of security threats. This country and its leaders must act with urgency to invest in security measures that will defend our nation's critical infrastructures."

While progress has been made in the government and private sectors, the recent string of significant breaches demonstrates there is more to be done -- and quickly -- to prevent attacks that may threaten economic stability and national security. The latest breach announced by MasterCard International at its credit card processing provider, CardSystems Solutions, Inc., underscores the importance of enforcing minimum security requirements for participating companies throughout the credit card industry supply chain. This step would "operationalize" information security as a routine business process and improve compliance with current statutory and regulatory requirements for security and privacy.

"Improving the cyber security profile of this nation must be a collaborative effort among public, private and academic sectors that are entrusted with personal information and other sensitive data," said Bob Dix, Citadel Vice President and former Staff Director of the House Government Reform Subcommittee on Technology during the 108th Congress. "Awareness through education is the first step in the development of a consistent and repeatable process for security compliance. We also need incentives that recognize the proactive efforts organizations are taking to protect networks against security threats and exploits."

"The recent highly publicized exploits, including the breach announced by MasterCard at its third-party credit card processing provider, is a manifestation of our nation's unprotected infrastructure resulting from the lack of investment in proactive technology to not only identify and respond to threats but to automate the removal of known vulnerabilities," said James C Foster, Deputy Director of Global Security Solutions for CSC and author of the best-selling book, "Buffer Overflow Attacks." "Companies need to implement technologies that not only create but enforce comprehensive security compliance policies to eliminate vulnerabilities from their networks before events like this occur."

About Citadel's 2 Minute Warning - A Daily Security Briefing

Citadel's 2 Minute Warning is an enhanced service offering that leverages Citadel's vast library of 23,000 remedies to known system vulnerabilities. These remedies, when applied in a timely manner, strengthen the security posture of an organization's network. Citadel's V-Flash Team of security analysts and remediation experts fuel the daily briefings with around-the-clock research to alert subscribers to their current threat exposure, identify new exploits, worms and viruses, and recommend specific security measures to prevent attacks.

Citadel's 2 Minute Warning is composed of five major sections:

1) Security In The News provides the top security news stories, updates and editorials describing how vulnerabilities may affect subscribers and ways to protect their networks.

2) The Internet Alert Regulator averages all Internet alert monitoring systems to provide an accurate daily alert status based on four levels: Low / Normal, Medium, High and Extreme.

3) The Internet Traffic Report gives up-to-date global Internet traffic numbers for Asia, Australia, Europe, South America and North America, as well as the overall global rating.

4) The Virus, Worm and Trojan Report provides the latest virus, worm and Trojan updates with yearly averages that define the daily threat level.

5) The Vulnerability Report updates users on the latest threats and vulnerabilities and provides solutions for these threats as they are available.

Formerly available only to Citadel licensed customers as part of the Citadel Security Portal, Citadel's 2 Minute Warning is now available as a free subscription service to security, IT and business professionals in commercial enterprises and government organizations. Interested parties may register for Citadel's free 2 Minute Warning service at

"We urge organizations in the commercial and public sectors to work with industry-leading advisors and technology solution providers to develop a proactive process for the identification and remediation of security vulnerabilities," says Solomon. "The technology and processes are available today to help organizations avoid many of the security breaches that we learn about every day. Organizations that have not implemented proven solutions for security compliance, enforcement and remediation are living in false sense of security. As a leader in this industry, we stand at the ready to assist organizations as they launch internal security defense projects in light of these public exploits."

About Citadel Hercules

With its award-winning Hercules Security Compliance and Vulnerability Remediation software solutions, Citadel helps protect an organization's network against all five classes of vulnerabilities -- software defects or patches, unsecured accounts, unnecessary services, mis-configurations and backdoors -- across a multi-platform, multi-device environment. By automating vulnerability remediation and policy enforcement processes, Citadel's customers, including the US Department of Defense, US Department of Veterans Affairs, MCI and AutoZone, have a more effective approach to protecting sensitive data and enforcing security policies across their network.

About Citadel

Citadel Security Software (NASDAQ: CDSS) delivers security solutions that enable organizations to manage risk, reduce threats and enforce compliance with security policies and regulations. Citadel's proven architecture provides a business process to manage the increasing volume, frequency and complexity of cyber security attacks. Citadel combines the world's largest active library of remediations spanning all classes of vulnerabilities with a proven delivery methodology to dramatically streamline vulnerability management and security compliance and provide ROI from the first use. Citadel solutions are used across the Department of Defense, at the Veterans Administration, and within other government and commercial organizations. For more information on Citadel, visit, or call 888-8CITADEL.

Safe Harbor/Forward-looking Statements:

This press release may contain forward-looking statements that are intended to be subject to the safe harbor protection provided by Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. These statements relate to future events or future financial performance and involve known and unknown risks and uncertainties that may cause actual results or performance to be materially different from those indicated by any forward-looking statements. In some cases, you can identify forward-looking statements by terminology such as "forecast," "may," "will," "could," "should," "anticipate," "expect," "plan," "believe," "potential" or other similar words indicating future events or contingencies. Some of the things that could cause actual results to differ from expectations are: the economic and geopolitical environment; changes in the information technology spending trends; the uncertainty of funding of government and corporate information technology security projects; the variability of the product sales cycle, including longer sales cycles for government and large commercial contracts; the uncertainty that the company's prospective deals will result in final contracts; the potential changes in the buying decision makers during a customer purchasing cycle; the complexities in scope and timing for finalization of contracts; the fluctuations in product delivery schedules; a lack of Citadel operating history; uncertainty of product development and acceptance; uncertainty of ability to compete effectively in a new market; the uncertainty of profitability and cash flow of Citadel; intellectual property rights and dependence on key personnel; economic conditions; the continued impact of terrorist attacks, global instability and potential U.S. military involvement; the competitive environment and other trends in the company's industry; the effects of inflation; changes in laws and regulations; changes in the company's business plans, including shifts to new pricing models that may cause delays in licenses; interest rates and the availability of financing; liability, legal and other claims asserted against the company; labor disputes; the company's ability to attract and retain qualified personnel; and adjustments to the amounts presented in the unaudited financial tables as a result of the completion of the audit process. For a discussion of these and other risk factors, see the company's Annual Report on Form 10-KSB for the year ended December 31, 2004, and the company's Quarterly Report on Form 10-Q for the quarter ended March 31, 2005. All of the forward-looking statements are qualified in their entirety by reference to the risk factors discussed therein. These risk factors may not be exhaustive. The company operates in a continually changing business environment, and new risk factors emerge from time to time. Management cannot predict such new risk factors, nor can it assess the impact, if any, of such new risk factors on the company's business or events described in any forward-looking statements. The company disclaims any obligation to publicly update or revise any forward-looking statements after the date of this report to conform them to actual results.

Editors Note: Citadel is a trademark and Hercules® is a registered trademark of Citadel Security Software.

Laura Sellers
Citadel Security Software Inc.
(214) 234-2504
Email Contact

Kim Dion
(415) 593-2262
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
Here to help unpack insights into the new era of using containers to gain ease with multi-cloud deployments are our panelists: Matt Baldwin, Founder and CEO at StackPointCloud, based in Seattle; Nic Jackson, Developer Advocate at HashiCorp, based in San Francisco, and Reynold Harbin, Director of Product Marketing at DigitalOcean, based in New York. The discussion is moderated by Dana Gardner, principal analyst at Interarbor Solutions.
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
Today most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes significant work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reducti...
GCP Marketplace is based on a multi-cloud and hybrid-first philosophy, focused on giving Google Cloud partners and enterprise customers flexibility without lock-in. It also helps customers innovate by easily adopting new technologies from ISV partners, such as commercial Kubernetes applications, and allows companies to oversee the full lifecycle of a solution, from discovery through management.
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, discussed why containers should be paired with new architectural practices such as microservices rathe...
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, John Jelinek IV, a web developer at Linux Academy, will discuss why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers...
Using serverless computing has a number of obvious benefits over traditional application infrastructure - you pay only for what you use, scale up or down immediately to match supply with demand, and avoid operating any server infrastructure at all. However, implementing maintainable and scalable applications using serverless computing services like AWS Lambda poses a number of challenges. The absence of long-lived, user-managed servers means that states cannot be maintained by the service. Lo...
Using serverless computing has a number of obvious benefits over traditional application infrastructure - you pay only for what you use, scale up or down immediately to match supply with demand, and avoid operating any server infrastructure at all. However, implementing maintainable and scalable applications using serverless computing services like AWS Lambda poses a number of challenges. The absence of long-lived, user-managed servers means that states cannot be maintained by the service. Lo...
With the new Kubernetes offering, ClearDATA solves one of the largest challenges in healthcare IT around time-to-deployment. Using ClearDATA's Automated Safeguards for Kubernetes, healthcare organizations have access to the container orchestration to dynamically deploy new containers on demand, monitor the health of each container for threats and seamlessly roll back faulty application updates to a previous version, avoid system-wide downtime and ensure secure continuous access to patient data.
With the rise of Docker, Kubernetes, and other container technologies, the growth of microservices has skyrocketed among dev teams looking to innovate on a faster release cycle. This has enabled teams to finally realize their DevOps goals to ship and iterate quickly in a continuous delivery model. Why containers are growing in popularity is no surprise — they’re extremely easy to spin up or down, but come with an unforeseen issue. However, without the right foresight, DevOps and IT teams may lo...
Docker and Kubernetes are key elements of modern cloud native deployment automations. After building your microservices, common practice is to create docker images and create YAML files to automate the deployment with Docker and Kubernetes. Writing these YAMLs, Dockerfile descriptors are really painful and error prone.Ballerina is a new cloud-native programing language which understands the architecture around it - the compiler is environment aware of microservices directly deployable into infra...
Signs of a shift in the usage of public clouds are everywhere. Previously, as organizations outgrew old IT methods, the natural answer was to try the public cloud approach; however, the public platform alone is not a complete solution. Complaints include unpredictable/escalating costs and mounting security concerns in the public cloud. Ultimately, public cloud adoption can ultimately mean a shift of IT pains instead of a resolution. That's why the move to hybrid, custom, and multi-cloud will ...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
10ZiG Technology is a leading provider of endpoints for a Virtual Desktop Infrastructure environment. Our fast and reliable hardware is VMware, Citrix and Microsoft ready and designed to handle all ranges of usage - from task-based to sophisticated CAD/CAM users. 10ZiG prides itself in being one of the only companies whose sole focus is in Thin Clients and Zero Clients for VDI. This focus allows us to provide a truly unique level of personal service and customization that is a rare find in th...