DULLES, Va., April 22, 2008—Cigital, Inc., a leading software security and quality consulting firm, today announced that the company's Chief Technology Officer, noted software security expert Gary McGraw, Ph.D., will deliver a keynote address at Interop Moscow being held April 23–24, 2008 at the T-Modul exhibition centre in Moscow.

Dr. McGraw will be a featured keynote along with other top industry leaders to share insights into the future of information technology at Interop Moscow. The title of his keynote will be: "Software Security: Building Security In" and he will present a detailed approach to getting past theory and putting software security into practice.

Interop Moscow (www.interop.ru), bringing together 5000 IT experts and business managers from Russia and CIS, will deliver a conference dedicated to showing how to bring together technology solutions that deliver business value. Some of this year's key themes include such topics as Information Security, Data Management and Storage, Network Infrastructure, Open Source, Enterprise Mobility and VoIP.

"With Dr. McGraw being one of the best known security software experts in the world, it makes him an exceptional keynote speaker for Interop Moscow, states Désirée Campbell, Vice President, Sales and Marketing. "And having him discuss software security best practices is a wonderful opportunity to convey Cigital's message and its importance to business value."

Dr. McGraw is a globally-recognized authority on software security and the author of six best selling books on this topic. The latest, Exploiting Online Games, was released in 2007. His other titles include Java Security, Building Secure Software, Exploiting Software, and Software Security; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 90 peer-reviewed scientific publications, authors a monthly security column for informIT.

About Cigital

Since 1992, Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. Cigital (www.cigital.com) is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., April 07, 2008—Cigital, Inc., a leading provider of software quality and software security solutions, today announced Gary McGraw, Ph.D., the company's Chief Technology Officer, will be participating at RSA 2008 as a featured panel moderator during the conference and at the exclusive Executive Action Security Forum annual meeting held in conjunction with RSA, April 7 – 11 at the Moscone Center in San Francisco, CA.

The fifth annual Executive Security Action Forum (ESAF) to be held Monday, April 7 is an invitation-only, closed-door meeting for Chief Information Security Officers and other senior executives who are responsible for protecting information for Global 1000 companies and government.

Dr. McGraw will be on the panel session entitled, "Can we get a grip on application security?" This session will focus on how organizations are dealing with a growing number of application layer attacks -- with even the most trusted web sites being hacked without detection and how do application developers and security work together to solve this problem?

During the RSA conference, Dr. McGraw will be the panel moderator for, "Electronic Voting: The Politics of Broken Systems" This panel will demonstrate and discuss major problems, describe research results for better future systems, and explain what happens when politics and technology collide on a subject critical to democracy.

"RSA continues to be one of the most comprehensive forums in information security," states John Wyatt, Chief Operating Officer, "and we are honored to have Dr. McGraw provide insight on the most business critical issues facing security professionals at this recognized industry event."

Dr. McGraw is a globally-recognized authority on software security and the author of six best selling books on this topic. The latest, Exploiting Online Games, was released in 2007. His other titles include Java Security, Building Secure Software, Exploiting Software, and Software Security; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 90 peer-reviewed scientific publications, authors a monthly security column for informIT.

About Cigital

Since 1992, Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. Cigital (www.cigital.com) is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., March 05, 2008—Cigital, Inc., a consulting firm specializing in software risk management and data security, today announced that the company's chief technology officer – noted software security expert Gary McGraw, Ph.D. – will deliver a keynote address at the BITS Security Forum to be held March 6 – 7, 2008 at the Ritz-Carlton, Pentagon City, Arlington, VA.

The purpose of this year's security forum is to examine the strategic security implications of web-based business applications from a business, operational, and legal/regulatory perspective. Following this theme, Dr. McGraw will discuss best practices in software security for the enterprise.

The BITS Security forum, a day and a half, invitation-only event, will address business application security and fraud risks facing the financial services industry today. BITS is a non-profit industry consortium whose members are 100 of the largest financial institutions in the U.S.

"Cigital is a thought-leader in software security," states Désirée Campbell, Vice President, Sales and Marketing. "And having Dr. McGraw discuss software security best practices with such an esteemed organization as BITS is a wonderful opportunity to convey the security message and its importance to business applications."

Dr. McGraw is a globally-recognized authority on software security and the author of six best selling books on this topic. The latest, Exploiting Online Games was released in 2007. His other titles include Java Security, Building Secure Software, Exploiting Software, and Software Security; and he is editor of the Addison-Wesley Software Security series. Dr. McGraw has also written over 90 peer-reviewed scientific publications, authors a monthly security column for darkreading.com, and is frequently quoted in the press.

About Cigital

For fifteen years, Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. Cigital (www.cigital.com) is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., December 05, 2007—Cigital, Inc. today announced the U.S. Air Force has selected Cigital, as part of a team led by Telos Corporation and including Fortify Software, IBM Watchfire and Application Security Inc., to provide expert technical leadership and services in creating and operating an Air Force Application Software Assurance Center of Excellence. The center of excellence is tasked with centralizing software assurance knowledge and best practices Air Force-wide. Operating under the 754th ELSG at Gunter Air Force Base in Montgomery, AL, initial funding for the center has been awarded under NETCENTS with minimum funding of $10.2M and up to $75M over a two-year period of performance.

With 15 years of software assurance expertise, and demonstrated thought leadership in the field, Cigital was selected for this project based on successful execution of similar engagements with Fortune 500 clients. These clients, including some of the largest financial services organizations, have been innovators in their industries by applying secure software development practices rather than focusing solely on intrusion protection. They have been the first to develop software centers of excellence with Cigital's advice. IT industry analysts universally advocate the mitigation of software vulnerabilities at the application layer, instead of just depending on perimeter protection.

The Air Force is showing its commitment to addressing software assurance focusing support across the following areas: software risk assessment and management; software assurance knowledge and training, processes and practices, automation and tools; software acquisition assurance, software assurance governance and secure software operation.

"We're very enthusiastic about this opportunity to work with the Air Force on such a ground-breaking venture" said John Wyatt, President of Cigital. "This recognition of the critical nature of software assurance and the commitment to address it in a strategic and comprehensive fashion will serve as an exemplar to other organizations throughout the government and industry."

Cigital has been providing thought leadership and expert services to the government since 1992 when Cigital Labs was established to perform basic and applied research in software security and reliability with contracts from the Air Force and Army research labs, Department of Defense, DARPA and others. Currently Cigital is actively involved in providing thought leadership to the government and industry at large through the software assurance programs of the Department of Homeland Security, Department of Defense and National Security Agency. This work includes numerous whitepapers on software assurance practices as well as technical leadership of the Common Weakness Enumeration (CWE), Common Attack Pattern Enumeration and Classification (CAPEC) and the Software Assurance Landscape.

About Cigital

For more than a decade Cigital has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client’s unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. The company is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., September 25, 2007—Cigital, Inc., a consulting firm specializing in software risk management and data security has developed an enterprise-level credit card encryption solution that solves some of the toughest, most complex PCI data protection requirements.

To avoid serious financial penalties many companies that process credit cards are trying to find the best ways to solve the Payment Card Industry (PCI) Data Security Standards (DSS) for protecting customer data. The challenge for many organizations has been meeting these new requirements without serious disruption of legacy systems, while being able to serve thousands of remote or distributed locations that can include partners, customers and affiliates.

Companies must consider many possible options to attain a truly cost-effective, yet enterprise-wide solution. It's a matter of balancing careful investment against the right level of business risk. Cigital has a long and successful track record in assessing complex IT situations and testing for issues related to data security. For Marriott International, a leading lodging company, a Secure Credit Card Proxy was recommended to provide a strong security framework.

"We set an aggressive goal of reaching full PCI compliance and sought out a trusted partner with a holistic approach to securing enterprise systems," says Kathy Memenza, Vice President of Enterprise Security for Marriott International. "Cigital's Secure Proxy Solution had exactly the right combination of software components and processes to help us reach our goal at considerably less expense than we would have incurred doing it alone."

At the core of this solution is a cryptographic algorithm that provides a transparent replacement, or "proxy," for credit and debit card numbers. It overcomes one of the biggest obstacles to PCI compliance by bringing legacy systems on board without massive application and database rework. Strict "need to know" access privileges were defined, as well as logging and key management systems to satisfy PCI requirements. This solution is designed to be highly available and easily scales to support even the most demanding environments.

"Credit card usage is and will continue to be the most popular form of consumer payment; it's measured in trillions of dollars," said John Wyatt, Cigital's President and COO. "PCI requirements are now being enforced, with escalating financial liabilities that can affect profit. Companies that need to accelerate their compliance and security processes and enact strong data protection across distributed operations should evaluate the cost-saving benefits inherent in this Secure Credit Card Proxy."

About Cigital

For over a decade Cigital has enabled some of the most well-known companies in financial services, communications, insurance, hospitality and e-commerce to reduce their mission-critical software business risks. Cigital consultants help companies protect some of their most valuable assets: company information, customer data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. The company is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

DULLES, Va., August 14, 2007—Cigital, a firm specializing in software risk management and data security, and Software Quality Engineering (SQE), a company engaged in education, training and publishing in the software engineering field, have announced a partnership of benefit to both organizations' customers.

Security training is a logical and timely extension to the resources that SQE provides to a large audience of software development and QA professionals. With security a major concern in today's business environment, companies are discovering many of their applications were created without security requirements in development. Or, older systems that provide access to data and information are not secure enough for today's sophisticated threats. Increasingly, security is being considered a component of quality so that development and QA staff are now being called upon to add security to their skillsets.

Since 1986 SQE has been at the forefront of software improvement education, instituting software testing as a distinct discipline. Cigital helps companies address software risk management in a business context, with security training one of their areas of expertise. By partnering with Cigital, SQE adds a new set of hands-on advisory skills to their software improvement engagements.

As a proponent of the partnership, Alison Wade, CEO of SQE Training, says, "It's a highly complementary offering for the marketplace; we now have a full suite of software security education options available to our clients. Further, we can now offer our clients a comprehensive range of consulting services: organizational quality assessments, process assessments, independent verification and validation, portfolio risk management, software security assurance, as well as full life-cycle software testing consulting and services."

"SQE is the most successful, high-quality training company serving the development and QA community," comments Jeff Payne, CEO of Cigital. "We can further serve their customers by moving staff into software security training, thereby improving the quality and reducing the cost of security for companies."

About SQE

Software Quality Engineering assists software professionals and organizations interested in improving software reliability, boosting productivity and improving ROI through better software practices. SQE hosts three of the industry’s most-recognized software conferences including the STAR testing conferences and the Better Software Conference & Expo. From the classroom to the Web, SQE delivers software testing and development seminars, provides consulting services, specialized publications and research.

About Cigital

Cigital has enabled some of the most well-known companies in financial services, communications, insurance, hospitality and e-commerce to resolve their software business risks for over a decade. Cigital consultants help companies protect some of their most valuable assets: company information, customer data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital helps assure the reliable delivery and deployment of software that organizations build, buy and integrate. The company is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Noida, India.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

Cindy Castillo
Software Quality Engineering
904.287.0524 ext 201
ccastillo@sqe.com

DULLES and RESTON, Va., July 24, 2007—Cigital, Inc., a consulting firm specializing in software risk management and data security, has formed a partnership creating Cigital India with a recognized top performer in offshore outsourcing.

Cigital has selected LeverPoint, LLC, an established player with global experience, to provide high-value quality and testing outsourcing services. This new alliance will afford very advantageous cost benefits to clients for specialized software development and both QA and security testing. Cigital India has been named a Top 10 Vendor by the prestigious Black Book of Outsourcing, an annual, independent and non-biased ranking of 4,500 outsourcing companies based on 20,000 user surveys.

Cigital India excels in a number of key criteria important to Cigital clients. First, the company's IT staff has been recruited from top universities for their credentials in engineering, science and technology. The number of tools utilized internally results in a very high degree of process automation, greatly enhancing productivity. Finally, the focus applied to such specific areas as an offshoring mindset, applications knowledge, product development and QA allows the company to closely align with clients as valuable extensions of their own teams. The partnership-centric approach and positive communications methods developed by Cigital India helps clients realize a very high ROI; 92% of client involvement results in repeat or ongoing business.

Todd Bramblett, CEO of LeverPoint, comments on the advantages of the partnership, "We're pleased to have launched this new entity with Cigital. Combining Cigital's 15-years of experience in software quality and risk management for marquee companies, with our own deep expertise in a broad-range of software quality and testing methods, tools and techniques will provide tremendous capacity, capability and value to Cigital's clients."

Raj Singhal, COO of LeverPoint's India operations says, "Cigital India's software development and QA testing experience allows Cigital to have longer-term associations with their clients because of the cost-savings achieved. Cigital will introduce Fortune 500 client involvement as well as adding their security testing expertise to a portfolio of services."

John Wyatt, President and COO of Cigital, Inc., finds the high quality of the resource and overall savings that can be offered an excellent competitive advantage in the marketplace, "Cigital India enables our clients to take the expert 'White Box' approach to testing processes on a larger scale for our clients for a very cost-efficient, yet high-quality, outcome. This methodology improves the overall quality of business-critical software.

"Now we can offer outsourced security testing as well for companies that require resources for extended engagements," he adds. " Until now this has only been provided by small, niche testing vendors short-term or for a single project. We feel the quality of the engineering and QA particularly is considerably higher via Cigital India than from other sources." Cigital's established team of U.S.-based Managing Principals and Principal Consultants will continue to have project lead and oversight responsibilities, as well as the client reporting interface, for all business done jointly with Cigital India.

About Cigital

Cigital has enabled some of the most well-known companies in financial services, communications, insurance, hospitality and e-commerce to mitigate their software business risks for over a decade. Cigital consultants help companies protect some of their most valuable assets: company information, customer data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. The company is headquartered near Washington, D.C. with offices in Boston, New York, and Los Angeles.

About LeverPoint

LeverPoint provides world-class global software product development and testing outsourcing services to software companies and software-enabled enterprises across the US and Western Europe. Utilizing its US-based and offshore-based employees around the globe, LeverPoint crafts tight, trusted partnerships with each client with a mix of team members from at least two shores to maximize the cost, speed and quality advantages afforded by the a global delivery model. The company is headquartered outside Washington, DC and has US offices in Boston and New York in addition to its off-shore delivery centers in India, Argentina and Eastern Europe.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

Larry Roe
LeverPoint, LLC
703.435.6365
Larry.Roe@leverpointinc.com

INDIANAPOLIS, IN and DULLES, VA, July 13, 2007—Online game security is a powerful indicator of software security issues facing us in the near future, according to Exploiting Online Games, a new book published by Addison-Wesley Professional. Co-authored by Greg Hoglund and Dr. Gary McGraw, Chief Technology Officer of consulting firm Cigital, Exploiting Online Games takes a close look at the controversial world of massively multi-player online role-playing games (MMORPGs).

Analysts estimate that the gaming market will be a $12 billion industry by 2009, as tens of millions of simultaneous, interacting online gamers continue to move into the mainstream. Exploiting Online Games explores how game companies invade personal privacy in the name of security, why and how some gamers cheat, and what's really at stake in terms of real money. For example, some virtual economies have per capita Gross Domestic Products (GDPs) greater than many small nations, and they host direct connections to the real-world economy with published exchange rates and trading. With this kind of money at stake, criminals can - and do - become involved.

Exploiting Online Games describes in detail the kinds of attacks and techniques used by hackers who specifically target MMORPGs, and how these attacks and security issues have broader implications for how business will use distributed software and face similar exploits in the very near future.

"Sophisticated hackers have been working the fertile fields of MMORPGs for years," says McGraw. "Cheaters have real economic incentive to break game security, and as a reaction, game companies resort to some downright scary 'security' tactics-from installing secret spyware to imposing strong-arm legal tactics. Our fervent hope is that this book will lead to more secure software, both in the game community and beyond."

Princeton Professor Edward Felten, the Director of the Center of Information Technology Policy comments, "If we are going to improve our security practices, frank discussions like the ones in this book are the only way forward."

According to Daniel McGarvey, Chief, Information Protection Directorate, United States Air Force, "Historically games have been used by the military to develop new capabilities and hone existing skills. The authors turn this simple concept on itself, making games the subject and target of hackers. Along the way they have created a masterly publication that is as meaningful to the gamer as it is to the serious security system professional."

Both Greg Hoglund and Gary McGraw are world-recognized authorities on the subject of software security. Between them, McGraw and Hoglund have authored several best-selling books published by Addison-Wesley Professional on software security including: Rootkits, Software Security, Exploiting Software, Building Secure Software, and Java Security.

About Pearson Education

Educating 100 million people worldwide, Pearson Education (www.pearsoned.com) is the global leader in educational and professional publishing, providing scientifically research-based print and digital programs to help people of all ages learn at their own pace, in their own way. Professionals, leaders, academics, experts, and consultants draft the books and online resources that help develop today's and tomorrow's business leaders. Top technology companies who have chosen Pearson Education as their publishing partner include IBM, Symantec, Cisco, Adobe, and Macromedia. The company is home to such renowned publishing and information portal brands as Informit.com, IBM Press, Prentice Hall Professional, Addison-Wesley Professional, Peachpit, Cisco Press, and Que Publishing. Pearson Education is part of Pearson (NYSE: PSO), the international media company. In addition to Pearson Education, Pearson’s primary operations include the Financial Times Group and the Penguin Group. For more information, visit www.pearsoned.com.

About Cigital

For over a decade Cigital has enabled some of the most well-known companies in financial services, communications, insurance, hospitality, e-commerce –- as well as government agencies -- to resolve their mission-critical software business risks. Cigital clients are able to protect some of their most valuable assets: company information, customer data, shareholder value and brand. Each client’s unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital helps assure the reliable delivery and deployment of software that organizations build, buy and integrate. The company is headquartered near Washington, D.C. with offices in Boston, New York, and Los Angeles.

Exploiting Online Games, (ISBN-10: 0132271915) is available at major retail book stores and online booksellers. List price $44.99 USD. For further information, visit the following web sites: www.awprofessional.com/title/0321356705; www.exploitingonlinegames.com.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

Andrea Bledsoe
Pearson Education
317.428.3168
Andrea.Bledsoe@pearsoned.com

DULLES, Va. and WALTHAM, Mass., July 11, 2007—Cigital, a consulting firm specializing in software risk management for the enterprise and Guardium, the database security company, today announced a referral partnership whereby the two companies will work together to make data security and compliance more easily attainable for their respective customers.

The partnership offers the best of both worlds -- experts from Cigital who can address critical software challenges such as integrating security across legacy and Web 2.0 applications, and Guardium's practical, appliance-based solution for real-time protection of sensitive corporate information such as cardholder data.

Cigital's client list includes Fortune 500 companies in hospitality, financial services, communications, insurance and e-commerce. The company leverages its consulting expertise to help organizations with critical security projects such as software reviews, best practices and automation for software testing, secure Software Development Lifecycle (SDLC) implementation, portfolio risk analysis, and software security training. As a result, Cigital's clients benefit from improved time-to-market, improved software security and quality in application development, assurance in software delivery, and successful attainment of IT governance and compliance.

Guardium's blue-chip customer base spans all major industries and geographies. Customer examples include a 6,000-store national retailer, a Tier-1 card issuer, a leading merchant acquirer and a major transaction processor. The company's technology protects against both external and internal threats by immediately identifying suspicious or unauthorized behavior based on continuous comparisons to baselines of normal activity, and generating policy-based actions such as alerts, account lock-outs and blocking. Unlike traditional logging approaches, the system monitors all database management system (DBMS) traffic at the network layer and on the database server itself, helping organizations rapidly address Payment Card Industry Data Security Standard (PCI DSS) requirements (including Requirements 3, 6, 7, 8 and 10) without impacting performance or requiring changes to databases or applications.

The partnership also brings together two luminaries with unmatched expertise in their respective areas:

• Cigital CTO Gary McGraw, Ph.D. is a globally recognized expert and author of "Software Security," "Exploiting Software," and "Building Secure Software." Dr. McGraw is a member of the IEEE Computer Society Board of Governors, authors a monthly security column for darkreading.com and produces a monthly Silver Bullet security podcast for IEEE's Security & Privacy Magazine.
• Ron Ben-Natan, Ph.D. and CTO for Guardium, has more than 20 years experience developing applications and security technology for enterprises such as Merrill Lynch, J.P. Morgan, Intel, and AT&T Bell Laboratories. An IBM Gold consultant and author of ten technical books, Dr. Ben-Natan is an expert on data governance, database and application security, and distributed application environments. His most recent book, "Implementing Database Security and Auditing" guides security professionals and database administrators on hardening, monitoring and securing all types of database environments and protecting them from vulnerabilities and attacks.

"Security is best accomplished from the inside out instead of from the outside in," said Dr. Gary McGraw, Cigital CTO. "That's why traditional perimeter firewalls and network monitoring solutions are being back-filled with software security in the SDLC and application-aware data security at the database itself. Modern compliance efforts such as PCI reflect the true aims of security and risk management, which is to protect the privacy and integrity of the organization's most valuable information assets. We're pleased to be working with Guardium to provide our clients with advanced data-centric security technology from a clear industry leader."

"In order to secure modern application environments, with all their complexity and interconnectedness, enterprises need a defense-in-depth strategy that starts with a secure development process and encompasses securing the application stack with real-time controls and auditing," said Dr. Ron Ben-Natan, Guardium CTO. "Cigital provides globally-recognized domain expertise that allows us to offer complete data security and governance solutions to our customer base."

About Guardium

Guardium, the database security company, develops the most widely-used solution for database activity monitoring, security and auditing, with a blue-chip customer base that spans all major geographies and industries. Founded in 2002, Guardium was the first company to address the core data security gap by delivering a practical, appliance-based platform that both protects databases in real-time and automates the entire compliance auditing process.

Guardium's investors include Cisco Systems and leading venture capital firms. The company has partnerships with IBM, EMC, HP, Microsoft, Oracle, and Sybase, and is a member of IBM's prestigious Data Governance Council.

About Cigital

For over a decade Cigital has enabled some of the most well-known companies in financial services, communications, insurance, hospitality, e-commerce –- as well as government agencies -- to resolve their mission-critical software business risks. Cigital clients are able to protect some of their most valuable assets: company information, customer data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital helps assure the reliable delivery and deployment of software that organizations build, buy and integrate. The company is headquartered near Washington, D.C. with offices in Boston, New York, and Los Angeles.

Contacts:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com

Aline Kaplan
Guardium
781.314.0216
aline_kaplan@guardium.com

DULLES, Va., May 22, 2007—Cigital, a consulting firm specializing in software risk management solutions and data security, announces the appointment of Désirée Campbell to the new position of Vice President, Sales and Marketing.

To this role Ms. Campbell brings almost two decades of experience in executive management and business leadership. Her successes include guiding sales teams and major business units, and exceeding bottom-line expectations. Her industry experience is primarily with IT solutions in financial services, healthcare, state, local & federal government.

Prior to joining Cigital Ms. Campbell was a Vice President for the Scientific & Technology Group of Aquilent, Inc. In three years she doubled the size of the group, expanding in multiple sectors with consulting engagements for complex information technology solutions. Her professional career has included positions as a Director at High Performance Technologies, Inc.; Business Development Manager for Sybase, Inc.; and VP for Strategic Planning and Chief of Staff for ManTech Systems Engineering Corp. She began her career with the U.S. Environmental Protection Agency turning around troubled engineering projects. As a Program Manager for US Army HQ Europe she was the permanent US representative on the NATO Environmental Working Group.

When asked about her move to Cigital she commented, "Cigital is a thought leader in information assurance at a time when organizations are concerned that their data and systems are being compromised. I'm excited to apply my experience in both the commercial and government sectors to bring Cigital's software risk management solutions to companies and government organizations worldwide."

John Wyatt, COO of Cigital, is very enthusiastic about what Désirée brings to the table at this critical juncture in the company's growth plans, "We've been looking for someone to fill a major strategic sales role and help move us forward with the right kind of planning and execution. Désirée has many years of high level leadership experience as well as proven success with sophisticated IT solutions."

Ms. Campbell has been actively involved with a number of organizations throughout her career and is currently on the boards of the Government Electronics & Information Technology Association (GEIA) and Armed Forces Communications and Electronics Association (AFCEA.) Ms. Campbell has a B.A., cum laude with honors, and an M.S. from the University of Pennsylvania.

About Cigital

Cigital has enabled some of the most well-known companies in financial services, communications, insurance, hospitality and e-commerce to mitigate their software business risks for over a decade. Cigital consultants help companies protect some of their most valuable assets: company information, customer data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital helps assure the reliable delivery and deployment of software that organizations build, buy and integrate. The company is headquartered near Washington, D.C. with offices in Boston, New York, and Los Angeles.

Contact:
Terri Randolph
Cigital
703-404-5757
trandolph@cigital.com