Partnership Enables Customers to Identify, Assess and Remediate Security Vulnerabilities Due to Undocumented Open Source

SAN FRANCISCO, CA & DULLES, VA October 29, 2008 – Palamida, the leader in application security for open source, today announced a partnership with Cigital, the leading software security and quality consulting firm. Palamida and Cigital are teaming up to provide their customers with the broadest range of subject matter expertise – encompassing in-depth open source knowledge and application security best practices. The partnership helps organizations develop an accurate inventory of open source used and assess security implications, reducing the risk that vulnerabilities may be introduced into applications through undocumented code.

“Open source helps organizations deliver high-quality, more capable Web and software applications in less time, with fewer resources,” said Mark Tolliver, Palamida CEO. “But you cannot manage and secure what you do not know you have -- and open source components are often inserted inside applications without formal record of their use. Working with Cigital, we will help organizations expand their coverage to this important new area of application security."

Cigital will use the Palamida Enterprise Edition software to identify the inventory of open source in use, report its location within the code base, and provide descriptions of the open source projects and vulnerabilities associated with them, including classification and severity ranking. Customers will also benefit from associated patch and remediation assessment, services and advice.

“In today’s world of 24/7 access, applications have become the new frontline of attack,“ said John Wyatt, Cigital COO. “We are pleased to be working with Palamida to help organizations realize the importance of managing security issues surrounding their use of open source. Cigital and Palamida have the extensive experience to identify and remediate security vulnerabilities before they become data breaches…and before they become headlines.”

About Palamida, Inc.

Palamida provides the industry’s first application security solution exclusively for open source software. The Palamida Enterprise Edition uses component-level analysis to quickly identify and track undocumented code and associated security vulnerabilities, as well as intellectual property and compliance issues. Using Palamida, organizations can cost-effectively manage and secure mission critical Web and software applications. Customers include Avaya, Cisco Systems, EMC, Microsoft, and Sun Microsystems, among others.

For more information visit: www.palamida.com.

About Cigital

Cigital, Inc., a leading software security and quality consulting firm, has enabled some of the most well-known organizations in financial services, communications, insurance, hospitality, e-commerce and government to reduce their mission-critical software business risks. Cigital consultants specialize in software security and quality solutions to help organizations protect some of their most valuable assets: company and mission information, customer and individual data, shareholder value and brand. Each client's unique requirements are served through a combination of proven methodologies, tools and best practices. Cigital assures the reliable delivery and deployment of software that organizations build, buy and integrate. Established in 1992, Cigital is headquartered near Washington, D.C. with offices in Boston, New York, Los Angeles and Delhi, India.

For more information visit: www.cigital.com.