DULLES, Va., September 04, 2008—Cigital, Inc., a leading software security and quality consulting firm, today announced the company's Chief Technology Officer, noted software security expert Gary McGraw, Ph.D., will deliver a keynote address at Forrester’s Security Forum being held Sept. 4-5, 2008 in Boston, MA.

Dr. McGraw's presentation is about Exploiting Online Games, based on his book of the same title which exposes the inner workings of online game security for everyone to see. Ultimately this talk is about security problems associated with advanced massively distributed software, a situation the forum attendees will be facing in the near future, if they are not already, as organizations move to distributed environments such as SOA. With hundreds of thousands of interacting users, today's online games are a bellwether of modern software yet to come.

At Forrester's Security Forum analysts and industry executives will address how to manage security and risk amid business and IT. The forum will discuss the success imperatives critical to Security & Risk professionals, such as: how to conquer today's most difficult security threats; gaining influence at the executive level; and how to build operational risk, security, and compliance excellence.

"Forrester continues to be one of the premier research companies providing practical and forward-thinking advice to global leaders in business and technology," states Désirée Campbell, Vice President, Sales and Marketing, "and we are honored to have Dr. McGraw provide Cigital's security message at this recognized industry event."

Dr. McGraw is a globally-recognized authority on software security and the author of six best selling books on this topic. The latest, Exploiting Online Games, was released in 2007. His other titles include Java Security, Building Secure Software, Exploiting Software, and Software Security; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 90 peer-reviewed scientific publications, authors a monthly security column for informIT, and is frequently quoted in the press.

About Cigital

Cigital, Inc., a leading software security and quality consulting firm, has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security and quality solutions to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. Established in 1992, Cigital is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., June 09, 2008—Cigital, Inc., a leading software security and quality consulting firm, today announced that the company's Chief Technology Officer, noted software security expert Gary McGraw, Ph.D., will deliver a keynote address at SIFMA's 28th Annual Technology Management Conference & Exhibit being held June 10-12 at the Hilton New York.

Dr. McGraw, a featured keynote speaker, will review the best software security practices in his address titled: "Software Security: State of the Practice 2008." Using the framework described in his book, Software Security: Building Security In – built around the three pillars of software security: risk management, the touchpoints, and knowledge – he will discuss and describe in detail the state of the practice – peppered with real data from the field that is based on work with several large financial services.

SIFMA's 28th Annual Technology Management Conference & Exhibit will address the rapidly-changing world of technology and how the financial industry is using technology to drive productivity, comply with regulatory requirements, and adapt to converging markets, products and investors. This year's theme is Managing IT in Financial Services During the Credit Crisis and SIFMA will explore the critical technology issues facing the securities industry and provide the strategies and solutions firms need to stay competitive.

"SIFMA is on the forefront of tackling the security issues faced by the financial industry. We are thrilled to have Dr. McGraw provide his insight on the state of software security and its importance to the financial industry's business applications," stated Désirée Campbell, Vice President, Sales and Marketing.

Dr. McGraw is a globally-recognized authority on software security and the author of six best selling books on this topic. The latest, Exploiting Online Games, was released in 2007. His other titles include Java Security, Building Secure Software, Exploiting Software, and Software Security; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 90 peer-reviewed scientific publications and authors a monthly security column for informIT.

About Cigital

Since 1992, Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital also specializes in software quality, assuring the reliable delivery and deployment of software that organizations build, buy and integrate. Cigital (www.cigital.com) is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., June 06, 2008—Cigital, Inc., a leading software security and quality consulting firm and the Financial Services Technology Consortium (FSTC), where business and technology leaders build solutions for the financial services industry, announced the participation of Cigital's Jason Rouse, Technical Manager, in the FSTC Mobile Technology Project. Mr. Rouse will be a lead in this project and will chair a research team focused on the security required for safe mobile transactions.

The Financial Services Technology Consortium (FSTC) formed the Mobile Payments and Banking project to identify and document technology-based opportunities for banks in the mobile arena. The project aims to define standards for technology and interoperability that give all mobile phone users a seamless, secure, and easy-to-use payment option for everyday banking.

"Mobile phones are today's most ubiquitous consumer technology platform," states Jason Rouse. "Mobile phones are the convergence point for multiple technologies, placing immense capability into millions of hands across the US and worldwide. Cigital is working with the FSTC and its partners to design and implement a secure, accountable system that will form the basis for mobile payments in the US."

The project will benefit from leadership provided by sponsorship from major financial industry clearinghouse organizations and associations with memberships representing a dominant share of US banking institutions. The initial project roster contains over 25 participating organizations, including some of the largest banks in the country along with notable technology and security experts and providers.

"As a technology thought leader, Cigital has been involved in mobile device security for many years, helping secure software from multiple cell phone vendors and mobile operating system providers," said Dr. Gary McGraw, Cigital CTO and author of Software Security. "We look forward to putting our expertise to use with the banking industry as it grapples with the hyper-aggressive technology churn of the mobile market. Critical mobile security issues demonstrate exactly why software security goes far beyond simple Web applications."

"Any payment channel destined to generate billions of payments representing trillions of dollars will require security and technology that is effective and efficient," says Jim Pitts, managing executive of payments initiatives at the FSTC. "Wide spread adoption will be an important element of achieving this level of success, and that will require standards for security and interoperability that technology and financial service stakeholders can agree on. FSTC is pleased to have organizations like Cigital and leaders like Jason contributing in this very important effort."

The project is anticipated to have multiple phases. The output of this effort will be a vital input in creating the foundation of understanding used for establishing the future technology standards for interoperability between banks and wireless carriers, and other service providers.

For more information on FSTC, the Mobile Payments Initiative, or current and future FSTC projects please contact JimPitts@fstc.org or visit www.fstc.org.

About Cigital

Since 1992, Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. Cigital (www.cigital.com) is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va. and Indianapolis, IN, May 29, 2008—Cigital, Inc., a leading provider of software quality management consulting solutions, and InformIT, the trusted technology learning source, today announced that Cigital Chief Technology Officer and Addison-Wesley Professional author Gary McGraw’s popular monthly column on computer security will be offered exclusively on InformIT– the online presence for the world's leading technology publishing imprints including Addison-Wesley Professional.

Dr. McGraw, a globally-recognized authority on software security and the author of six best selling books on this topic, decided to move the monthly column from darkreading.com because of InformIT’s large readership and his affiliation with Addison-Wesley Professional. His books include the just published Software Security Engineering: A Guide for Project Managers; as well as Exploiting Online Games; Software Security; Exploiting Software; and Building Secure Software.

McGraw's podcast, Silver Bullet, will also be syndicated exclusively through InformIT. He has been writing his column since October 2004, where it first appeared in Network magazine, which later became IT Architect.

To view the first column for InformIT, visit: http://www.informit.com/articles/article.aspx?p=1189519.

"Gary McGraw is one of the most respected voices in the field of Security, and one of Addison-Wesley’s most valued authors. We are thrilled to have Gary writing and podcasting on the InformIT.com network, where his insight and working knowledge can reach a hungry audience of technology professionals," said Pearson Technology Group's Vice President and Publisher Paul Boger.

About Pearson Education

The global leader in educational and professional publishing, Pearson Education is home to such respected brands as Addison-Wesley Professional, Cisco Press, Exam Cram, IBM Press, Prentice Hall Professional, Que, and Sams Publishing, which have as their online publishing arm, InformIT (www.informit.com) -The Trusted Technology Learning Source. In addition, Berkeley-based Peachpit (www.peachpit.com), the publishing partner for Adobe Press, Apple Certified, and others, publishes best-selling books for creative design professionals. Pearson is also co-founder, with O'Reilly Media Inc., of Safari Books Online (http://safari.informit.com), the premier on-demand technology content library providing thousands of expert reference materials through a single point of contact, including expert technology, creative and design, industry and management resources in video, audio and written formats. Pearson Education is part of Pearson (NYSE: PSO), the international media company. Pearson's other primary businesses include the Financial Times Group and the Penguin Group.

About Cigital

Since 1992, Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. Cigital (www.cigital.com) is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

Andrea Bledsoe
Pearson Education
317-428-3168
Andrea.Bledsoe@pearson.com
www.InformIT.com

DULLES, Va., May 21, 2008—Cigital, Inc., a leading software security and quality consulting firm, today announced the company's Chief Technology Officer, noted software security expert Gary McGraw, Ph.D., will deliver a keynote address at OWASP AppSec Europe 2008 being held May 21 - 22, 2008 in Ghent, Belgium.

Dr. McGraw a featured keynote speaker will review the best software security practices in his address titled: "Software Security: State of the Practice 2008". He will discuss and describe in detail the state of the practice – peppered with real data from the field, based on work with several large financial services companies.

In addition to his keynote presentation, Dr. McGraw will host a session on Exploiting Online Games, based on his book of the same title which exposes the inner workings of online game security for everyone to see. Ultimately this talk is about security problems associated with advanced massively distributed software. With hundreds of thousands of interacting users, today's online games are a bellwether of modern software yet to come.

OWASP Belgium AppSec 2008 Conference (http://www.owasp.org) will bring together those who are focused on improving the security of application software and it will include a number of high-quality presentations from leading technical experts on the latest application security risks and trends as well as offer the opportunity to network with relevant application security vendors and professionals.

"OWASP continues to be one of the premier organizations focused on application security," states Désirée Campbell, Vice President, Sales and Marketing, "and we are honored to have Dr. McGraw provide Cigital's security message at this recognized industry event."

Dr. McGraw is a globally-recognized authority on software security and the author of six best selling books on this topic. The latest, Exploiting Online Games, was released in 2007. His other titles include Java Security, Building Secure Software, Exploiting Software, and Software Security; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 90 peer-reviewed scientific publications, authors a monthly security column for informIT.

About Cigital

Since 1992, Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. Cigital (www.cigital.com) is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., April 22, 2008—Cigital, Inc., a leading software security and quality consulting firm, today announced that the company's Chief Technology Officer, noted software security expert Gary McGraw, Ph.D., will deliver a keynote address at Interop Moscow being held April 23–24, 2008 at the T-Modul exhibition centre in Moscow.

Dr. McGraw will be a featured keynote along with other top industry leaders to share insights into the future of information technology at Interop Moscow. The title of his keynote will be: "Software Security: Building Security In" and he will present a detailed approach to getting past theory and putting software security into practice.

Interop Moscow (www.interop.ru), bringing together 5000 IT experts and business managers from Russia and CIS, will deliver a conference dedicated to showing how to bring together technology solutions that deliver business value. Some of this year's key themes include such topics as Information Security, Data Management and Storage, Network Infrastructure, Open Source, Enterprise Mobility and VoIP.

"With Dr. McGraw being one of the best known security software experts in the world, it makes him an exceptional keynote speaker for Interop Moscow, states Désirée Campbell, Vice President, Sales and Marketing. "And having him discuss software security best practices is a wonderful opportunity to convey Cigital's message and its importance to business value."

Dr. McGraw is a globally-recognized authority on software security and the author of six best selling books on this topic. The latest, Exploiting Online Games, was released in 2007. His other titles include Java Security, Building Secure Software, Exploiting Software, and Software Security; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 90 peer-reviewed scientific publications, authors a monthly security column for informIT.

About Cigital

Since 1992, Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. Cigital (www.cigital.com) is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., April 07, 2008—Cigital, Inc., a leading provider of software quality and software security solutions, today announced Gary McGraw, Ph.D., the company's Chief Technology Officer, will be participating at RSA 2008 as a featured panel moderator during the conference and at the exclusive Executive Action Security Forum annual meeting held in conjunction with RSA, April 7 – 11 at the Moscone Center in San Francisco, CA.

The fifth annual Executive Security Action Forum (ESAF) to be held Monday, April 7 is an invitation-only, closed-door meeting for Chief Information Security Officers and other senior executives who are responsible for protecting information for Global 1000 companies and government.

Dr. McGraw will be on the panel session entitled, "Can we get a grip on application security?" This session will focus on how organizations are dealing with a growing number of application layer attacks -- with even the most trusted web sites being hacked without detection and how do application developers and security work together to solve this problem?

During the RSA conference, Dr. McGraw will be the panel moderator for, "Electronic Voting: The Politics of Broken Systems" This panel will demonstrate and discuss major problems, describe research results for better future systems, and explain what happens when politics and technology collide on a subject critical to democracy.

"RSA continues to be one of the most comprehensive forums in information security," states John Wyatt, Chief Operating Officer, "and we are honored to have Dr. McGraw provide insight on the most business critical issues facing security professionals at this recognized industry event."

Dr. McGraw is a globally-recognized authority on software security and the author of six best selling books on this topic. The latest, Exploiting Online Games, was released in 2007. His other titles include Java Security, Building Secure Software, Exploiting Software, and Software Security; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 90 peer-reviewed scientific publications, authors a monthly security column for informIT.

About Cigital

Since 1992, Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. Cigital (www.cigital.com) is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., March 05, 2008—Cigital, Inc., a consulting firm specializing in software risk management and data security, today announced that the company's chief technology officer – noted software security expert Gary McGraw, Ph.D. – will deliver a keynote address at the BITS Security Forum to be held March 6 – 7, 2008 at the Ritz-Carlton, Pentagon City, Arlington, VA.

The purpose of this year's security forum is to examine the strategic security implications of web-based business applications from a business, operational, and legal/regulatory perspective. Following this theme, Dr. McGraw will discuss best practices in software security for the enterprise.

The BITS Security forum, a day and a half, invitation-only event, will address business application security and fraud risks facing the financial services industry today. BITS is a non-profit industry consortium whose members are 100 of the largest financial institutions in the U.S.

"Cigital is a thought-leader in software security," states Désirée Campbell, Vice President, Sales and Marketing. "And having Dr. McGraw discuss software security best practices with such an esteemed organization as BITS is a wonderful opportunity to convey the security message and its importance to business applications."

Dr. McGraw is a globally-recognized authority on software security and the author of six best selling books on this topic. The latest, Exploiting Online Games was released in 2007. His other titles include Java Security, Building Secure Software, Exploiting Software, and Software Security; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 90 peer-reviewed scientific publications, authors a monthly security column for darkreading.com, and is frequently quoted in the press.

About Cigital

For fifteen years, Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. Cigital (www.cigital.com) is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., December 05, 2007—Cigital, Inc. today announced the U.S. Air Force has selected Cigital, as part of a team led by Telos Corporation and including Fortify Software, IBM Watchfire and Application Security Inc., to provide expert technical leadership and services in creating and operating an Air Force Application Software Assurance Center of Excellence. The center of excellence is tasked with centralizing software assurance knowledge and best practices Air Force-wide. Operating under the 754th ELSG at Gunter Air Force Base in Montgomery, AL, initial funding for the center has been awarded under NETCENTS with minimum funding of $10.2M and up to $75M over a two-year period of performance.

With 15 years of software assurance expertise, and demonstrated thought leadership in the field, Cigital was selected for this project based on successful execution of similar engagements with Fortune 500 clients. These clients, including some of the largest financial services organizations, have been innovators in their industries by applying secure software development practices rather than focusing solely on intrusion protection. They have been the first to develop software centers of excellence with Cigital's advice. IT industry analysts universally advocate the mitigation of software vulnerabilities at the application layer, instead of just depending on perimeter protection.

The Air Force is showing its commitment to addressing software assurance focusing support across the following areas: software risk assessment and management; software assurance knowledge and training, processes and practices, automation and tools; software acquisition assurance, software assurance governance and secure software operation.

"We're very enthusiastic about this opportunity to work with the Air Force on such a ground-breaking venture" said John Wyatt, President of Cigital. "This recognition of the critical nature of software assurance and the commitment to address it in a strategic and comprehensive fashion will serve as an exemplar to other organizations throughout the government and industry."

Cigital has been providing thought leadership and expert services to the government since 1992 when Cigital Labs was established to perform basic and applied research in software security and reliability with contracts from the Air Force and Army research labs, Department of Defense, DARPA and others. Currently Cigital is actively involved in providing thought leadership to the government and industry at large through the software assurance programs of the Department of Homeland Security, Department of Defense and National Security Agency. This work includes numerous whitepapers on software assurance practices as well as technical leadership of the Common Weakness Enumeration (CWE), Common Attack Pattern Enumeration and Classification (CAPEC) and the Software Assurance Landscape.

About Cigital

For more than a decade Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client’s unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. The company is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., September 25, 2007—Cigital, Inc., a consulting firm specializing in software risk management and data security has developed an enterprise-level credit card encryption solution that solves some of the toughest, most complex PCI data protection requirements.

To avoid serious financial penalties many companies that process credit cards are trying to find the best ways to solve the Payment Card Industry (PCI) Data Security Standards (DSS) for protecting customer data. The challenge for many organizations has been meeting these new requirements without serious disruption of legacy systems, while being able to serve thousands of remote or distributed locations that can include partners, customers and affiliates.

Companies must consider many possible options to attain a truly cost-effective, yet enterprise-wide solution. It's a matter of balancing careful investment against the right level of business risk. Cigital has a long and successful track record in assessing complex IT situations and testing for issues related to data security. For Marriott International, a leading lodging company, a Secure Credit Card Proxy was recommended to provide a strong security framework.

"We set an aggressive goal of reaching full PCI compliance and sought out a trusted partner with a holistic approach to securing enterprise systems," says Kathy Memenza, Vice President of Enterprise Security for Marriott International. "Cigital's Secure Proxy Solution had exactly the right combination of software components and processes to help us reach our goal at considerably less expense than we would have incurred doing it alone."

At the core of this solution is a cryptographic algorithm that provides a transparent replacement, or "proxy," for credit and debit card numbers. It overcomes one of the biggest obstacles to PCI compliance by bringing legacy systems on board without massive application and database rework. Strict "need to know" access privileges were defined, as well as logging and key management systems to satisfy PCI requirements. This solution is designed to be highly available and easily scales to support even the most demanding environments.

"Credit card usage is and will continue to be the most popular form of consumer payment; it's measured in trillions of dollars," said John Wyatt, Cigital's President and COO. "PCI requirements are now being enforced, with escalating financial liabilities that can affect profit. Companies that need to accelerate their compliance and security processes and enact strong data protection across distributed operations should evaluate the cost-saving benefits inherent in this Secure Credit Card Proxy."

About Cigital

For over a decade Cigital has enabled some of the most well-known companies in financial services, communications, insurance, hospitality and e-commerce to reduce their mission-critical software business risks. Cigital consultants help companies protect some of their most valuable assets: company information, customer data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. The company is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com