Press Release

SignaCert Introduces Enterprise Trust Services

Jan 31, 2007

Trusted Integrity Verification Proves IT Systems Stay Configured as Intended

Portland, Ore. — SignaCert today introduced Enterprise Trust Services, the only integrity verification service and appliance that proves enterprise systems and endpoints are deployed and configured as intended over their lifetime. The SignaCert Enterprise Trust Service allows enterprises to measure and verify the integrity of software across information technology (IT) systems, ensuring greater reliability, manageability, security, and compliance.

SignaCert helps enterprises measure, validate, and maintain their technology infrastructure using a new proactive approach that checks the operating system,applications, platforms and other software against a known trusted reference versus the traditional approach that seeks simply to keep out unwanted software. Using this approach, SignaCert delivers true 100% enterprise wide integrity verification by creating a trusted reference that combines the SignaCert Global Trust Repository with an organization's in-house deployed software and associated configurations.

"The industry is recognizing the need for a new approach to IT security and systems management," said Wyatt Starnes,founder and CEO of SignaCert. "Using a trusted reference to verify the integrity of their enterprise is a powerful new method."

"System failures are often the result of change, either through corruption,malicious code, or unintended configuration changes," said John Pescatore,VP Gartner Inc. "To secure servers and PCs, enterprises need vulnerability management approaches that assure that only trusted, valid software is running on their systems."

The SignaCert Enterprise Trust Service can solve many IT business challenges such as:

• Gold image verification: Proactively define OS,applications and configurations for your multi-platform systems, and continually validate their state against a trusted reference.
• Endpoint Integrity: Gain greater control and reliability by knowing the current state of your systems.
• Regulatory Compliance: Deliver fine-grained verification of your enterprise and prove it is deployed as intended.

SignaCert's Global Trust Repository contains a broad range of authentic signatures (short-hand definite software component identifiers) from the industry's leading Independent Software Vendors (ISVs). SignaCert continuously and proactively works with IT technology vendors to ensure the broadest supply of important common software signatures.

About SignaCert

SignaCert is the leading provider of end-to-end and partner-based IT compliance solutions based on known-provenance whitelist technology. These methods allow SignaCert's direct customers to rapidly achieve and prove continuous compliance for the systems that deliver critical business services. The SignaCert architecture is designed to seamlessly integrate with existing change processes and continuously monitor critical business services without disruption.

Additionally, SignaCert's OEM and ISV Partners can supply to, or license content from, the SignaCert Global Trust Repository (GTR), adding new and important capabilities to their product offerings. All use cases are supported by a rich repository of vendor-independent software measurements. These "white" or "allow" list methods enable SignaCert's patented technology to be quickly deployed and provide immediate visibility into the actual state of IT infrastructure.

Founded in 2004 by 34-year IT security and compliance industry veteran Wyatt Starnes, SignaCert has assembled a world class team of industry leaders with hands-on IT experience for its executive team, board of directors, and advisory board.

SignaCert's end-customers span a wide variety of industries, including financial services, government, and healthcare.