Press Release

SignaCert and CoreTrace Announce Collaboration on Whitelist Solution Delivery

July 16, 2009

Portland, OR and Austin, TX – SignaCert, a leading provider of known-provenance whitelist content and methods, and CoreTrace, the pioneer of client-based application whitelisting technology, today announced a broad collaboration around their respective methods for whitelisting verification and enforcement. Under the terms of the agreement, the companies will collaborate to provide organizations with the unprecedented ability to verify and enforce the integrity, configuration, compliance and security of endpoint devices.

Specifically, the two companies will promote the value of application whitelisting and will work jointly with customers that are interested in the combination of the companies' leading solutions, BOUNCER by CoreTrace and SignaCert's Global Trust Repository (GTR). These are customers that like BOUNCER's deployment advantages (e.g., auto-generated and perfectly tailored whitelists) and unique ability to dynamically whitelist new applications and upgrades, but that also would like centrally manage standard configurations and verify the relationships and provenance of the executables being whitelisted, a major strength and domain of SignaCert's GTR.

"We're very excited to work with CoreTrace, an organization who has demonstrated their leadership and expertise in endpoint application control using whitelisting," said SignaCert Founder Wyatt Starnes. "Bringing together these best-of-breed solutions will provide a more comprehensive and efficient way to leverage whitelisting techniques to solve a number of challenges our customers face in security, compliance, and administrative efficiency."

SignaCert recently announced a significant arrangement with Microsoft for whitelist, or software "allow lists" that has resulted in a standardized and extensible Data Exchange Format (DEF). With the addition of Microsoft's whitelist data, SignaCert's Global Trust Repository (GTR) is the largest known-provenance whitelist repository in the world. SignaCert will be announcing formal Integration and Harvest Partner Programs in the coming weeks for ISV's that wish to leverage the GTR and participate in the further expansion of the whitelist content ecosystem.

For its part, CoreTrace recently announced version 5.0 of its award-winning BOUNCER solution. BOUNCER is the only application whitelisting solution that simultaneously stops even the most sophisticated malware attacks (e.g., rootkits, memory exploits), while allowing users to safely install new applications and have them automatically added to the whitelist without requiring IT involvement. BOUNCER 5.0 features an industry-first ability to dynamically whitelist trusted ActiveX installations, improved memory protection, automated and streamlined deployments, and efficient management capabilities like group security configurations.

"Software whitelisting and application control enforcement methods are foundational components in building a successful security and risk management strategy for endpoint protection," said Neil MacDonald, VP and Gartner Fellow. "Multiple vendors are targeting this market and it is evolving rapidly, however customers want an end-to-end solution, ideally from a single vendor or via tightly integrated partner relationships."

"CoreTrace fundamentally believes that application whitelisting is the future of endpoint security and control," said Toney Jennings, CEO of CoreTrace. "We are looking forward to working with SignaCert to jointly evangelize application whitelisting and to further validate market-driven requirements for the optimal value-creating solution."

About CoreTrace

CoreTrace® is the pioneer of client-based application whitelisting. The company's award-winning and patented high-security, easy-change BOUNCER solution is at the forefront of the movement in next-generation endpoint control and security solutions. Unlike other application whitelisting solutions that are simply lockdown technologies, BOUNCER's "Trusted Change" capability enables IT professionals to predefine multiple sources from which users can safely install applications and have them automatically added to the whitelist, all with minimal IT involvement. The result: full prevention of unauthorized applications, improved overall security, and lower total cost of ownership compared to alternative whitelisting and traditional blacklisting antivirus solutions. CoreTrace's customers include organizations in a wide variety of industries, such as energy, oil and gas, financial services, telecommunications, as well as government agencies.

For more information, please visit: www.CoreTrace.com.

Media Contact:
Cathy Wright
Kulesa Faul
650.340.1985
[email protected]

About SignaCert

SignaCert is the leading provider of end-to-end and partner-based IT compliance solutions based on known-provenance whitelist technology. These methods allow SignaCert's direct customers to rapidly achieve and prove continuous compliance for the systems that deliver critical business services. The SignaCert architecture is designed to seamlessly integrate with existing change processes and continuously monitor critical business services without disruption.

Additionally, SignaCert's OEM and ISV Partners can supply to, or license content from, the SignaCert Global Trust Repository (GTR), adding new and important capabilities to their product offerings. All use cases are supported by a rich repository of vendor-independent software measurements. These "white" or "allow" list methods enable SignaCert's patented technology to be quickly deployed and provide immediate visibility into the actual state of IT infrastructure.

Founded in 2004 by 34-year IT security and compliance industry veteran Wyatt Starnes, SignaCert has assembled a world class team of industry leaders with hands-on IT experience for its executive team, board of directors, and advisory board.

SignaCert's end-customers span a wide variety of industries, including financial services, government, and healthcare.