Citadel Security Software Vulnerability Remediation Solution Automates Attack Clean Up in Response to Latest Threats

Hercules Automates the Process of Removing Sobig, Nachi and MSBlast Worms from Infected Computers; Cutting Down Clean Up Time by up to 95 %

Dallas, TX – August 26, 2003 – Citadel Security Software, Inc. (OTCBB: CDSS), a leader in automated vulnerability remediation (AVR) and policy compliance solutions, today announced that its Hercules vulnerability remediation solution is helping corporate and government agencies automate the removal of worms and viruses on individual and multiple devices.

In the wake of recent attacks, organizations are faced with the daunting task of manually running removal tools on each infected device, a process that has been estimated to take up to an hour per device. While Citadel’s customers were proactively protected against the attacks by using Hercules to automatically deploy the required patches prior to the release of the threat, to assist organizations who were not able to patch their systems, Hercules automates the worm removal process, reducing clean up time to a matter of minutes and enabling organizations to quickly return to business as usual.

“In a record week for Internet security threats, network administrators are struggling to disinfect machines and reassess their security priorities,” said Pete Lindstrom, Research Director, Spire Security. “An automated solution, such as Citadel’s Hercules, can proactively protect against attacks by ensuring timely patch deployment and now with the product’s enhancements speed clean-up as well. As organizations evaluate what went wrong last week, vulnerability management should be on the top of their lists.”

“We built the Hercules technology to flexibly address our customers’ needs, whether to automate patch deployment or remove infection,” said Steve Solomon, CEO of Citadel. “The rising wave of quickly spreading security threats, demonstrates that automation is the only viable solution to protecting organizations today. Hercules is the only automated remediation solution on the market to both proactively defend against threats and assist in the resolution of infected systems.”

Citadel’s Hercules is the first vulnerability remediation solution to automate the resolution of all five classes of vulnerabilities, including software defects, misconfigurations, unsecured user accounts, unnecessary services and backdoors. With the largest library of remediation signatures across Windows, Sun Solaris and Linux Red Hat platforms and interoperability with industry leading network scanners and vulnerability assessment tools, Hercules allows users to import and aggregate data from multiple sources, review, approve and customize resolutions, and systematically deploy vulnerability fixes.

About Citadel
Recently cited by the Dallas Business Journal as the 7th fastest growing public company in DFW, Citadel Security Software, Inc., a leader in automated vulnerability remediation and policy enforcement solutions, helps enterprises effectively neutralize security vulnerabilities. Citadel’s patent-pending Hercules® technology provides users with full control over the automated remediation process, enabling efficient aggregation, prioritization and resolution of vulnerabilities detected by industry-standard vulnerability assessment tools. Winshield® SecurePCâ„? and NetOFFâ„? products enable companies to enforce security policies from a single point of control. Citadel’s solutions enable organizations to ensure the confidentiality of information, reduce the time and costs associated with the inefficient manual remediation process, and facilitate compliance with organizational security policies and government mandates such as HIPAA and Gramm-Leach-Bliley legislation. For more information on Citadel, visit www.citadel.com, or contact the company at (214) 520-9292.

Except for the historical information contained herein, this press release contains forward looking statements that are subject to risks and uncertainties, including the current economic and geopolitical environment, information technology spending trends, lack of Citadel operating history, uncertainty of product acceptance, uncertainty of ability to compete effectively in a new market and the uncertainty of profitability and cash flow of Citadel. These risks and uncertainties may cause actual outcomes and results to differ materially from expectations in this presentation. These and other risks are detailed in Citadel’s current report on Form 10-QSB for the quarter ended March 31, 2003 and on Form 10-KSB for the year ended December 31, 2002.

Editors Note: Citadel is a trademark and Hercules is a registered trademark of Citadel Security Software.