SecurityExpressions 2.0 Launched for UNIX and Solaris

Top-Rated Software Makes Huge Strides in Large Scale System Protection

BOSTON–(BUSINESS WIRE)–Sept. 6, 2001–Pedestal Software today announced the availability of SecurityExpressions 2.0 management software.

SecurityExpressions, which one reviewer called a “powerful, user friendly tool for closing security loopholes”, has helped organizations with large-scale systems lockdown and reduced systems administration costs by automating the process of deploying, assessing, and maintaining consistent security policies for Windows NT and 2000 systems. Now, 2.0 will support UNIX and Solaris operating systems as well.

Since its debut, SecurityExpressions has been well-received. Halfway through fiscal 2001, sales have increased 300% The number of “Trial-Version” downloads off the company web site have tripled since last July. “Even in these days of corporate and organizational IT-spending freezes, we have managed this amount of growth,” says Keith Woodard, Pedestal Software CTO. “CIOs are spending money on small expenditures with quick pay-offs. SecurityExpressions greatly reduces the administrative resources that go into managing network-security settings.”

New customers include specialized segments of the US armed forces, and a top Fortune 100 company. “This upgraded software reinforces Pedestal’s commitment to providing solutions that are both powerful and highly customizable to help organizations meet their unique security management needs,” says Fernando Trias CEO of Pedestal. “The other great advantage to SecurityExpressions 2.0 is simply ease of use.”

In a recent case study, SecurityExpressions’ integral “auditing” function was found to provide a multinational corporation with an efficient, and safe way to automate its system security checks. An international reinsurance company, the German-based Munich Re Group considers “security and system integrity” as a top priority. A leader in the risk business since 1880, Munich Re questioned the safety of its computer network with the increased usage of the Internet. As a result, it decided to verify that its system was in compliance with its Global Information Security Framework (GISF) policy.

“Out of all the software we reviewed, SecurityExpressions was the only one that addressed our needs,” said Peter Walker, Vice President of Information and Office Services at the group’s Toronto Center of Competence. “SecurityExpressions has paid for itself, and will continue to save us time and money for years to come.”

As in the case of Munich Re, SecurityExpressions utilized network authentication and access control features provided by Windows, eliminating the need for expensive agent software on managed systems. Security managers can execute SecurityExpressions from a central location to scan and fix workstations and servers ensuring compliance with the provided industry-standard guidelines or custom policies. Tying SecurityExpressions to the security manager’s desktop enables quick access to SecurityExpressions functions while still supporting existing practices.

Other SecurityExpressions features enhanced in the new 2.0 version are:

– Querying. This capability lets administrators perform “seek and

destroy” operations that look for inconsistent or questionable

permissions and settings in Windows 2000 group policies.

– Identifying. Even on remote machines, the software will make lock

down recommendations appropriate for the software that is

installed.

– Validating. Access controls, securing information, ensuring

consistent user settings, rights and group membership.

– Updating. Ensure that IIS and Windows are maintained with the

latest patches, and install them if necessary.

– Reporting. Paper and web-based features enable administrators to

quickly perform comprehensive audits and maintain records.

“We are looking to have our (other) versions available with even more feature enhancements ready for launch in early 2002,” adds Trias.

About Pedestal Software

Pedestal Software has been providing computer security and administration software since 1996. The company’s products are used by organizations around the world including central banks and large financial institutions where security and system integrity are top priorities. More information and a 30-day trial are available from www.SecurityExpressions.com or by calling 888-664-7174. Prices start at $895 for a 10-host license.

Fernando Trias, CEO

Co-founder of Pedestal Software, Fernando Trias brings technical and business expertise to his role as CEO. Prior to founding Pedestal, Trias worked at the Federal Reserve Board in Washington, where he developed systems strategies that enabled the Fed to fulfill its research objectives. Following his work with the US Government, Trias led development teams at Fidelity Investments in Boston. His technical, analytical and supervisory skills were instrumental in the software development for a key multi-billion dollar trading project.

Keith Woodard, CTO

Before co-founding Pedestal Software, Keith Woodard worked with the Federal Reserve Board in a variety of technical and network-related roles. Later, as Senior Firewall Engineer at the Federal Reserve Bank of Boston, he designed, coordinated and helped manage the Fed’s first nation-wide Internet and interagency firewalls. As Pedestal’s CTO, Keith oversees all product development. He brings strong software, networking and computer security skills to his role as Pedestal CTO, where he oversees all product development.

A History of Pedestal Software

Pedestal Software, Inc. is a Massachusetts-based company that specializes in security software for system administrators and managers. Our software is listed in many books and periodicals, such as Designing Secure Web-Based Applications for Microsoft Windows 2000 by Michael Howard published by Microsoft Press and is taught in many classes such as SANS. Pedestal has been providing computer security and administration software since 1996. The company’s products are used by organizations around the world including e-commerce sites, military agencies, central banks and large financial institutions where security and system integrity are top priorities.