Media Advisory: Citadel Security Software to Present at ISACA Austin Meeting

Citadel Security Software Inc. (NASDAQ: CDSS)

Who:      Kevin Milewski, Citadel Security Software

What:     Leading enterprise vulnerability management solution vendor
          presents on best practices for security audits

Where:    ISACA Austin Chapter, Austin Women's Club, Austin, TX

When:     Tuesday, May 3, 2005, 11:00 a.m. to 1:00 p.m.

Title:    Audit of Security Policies and Standards (1 hour CPE)

Abstract: An Enterprise Security Audit entails a review of all the
          processes and practices followed by an organization while
          ensuring an enterprise-wide security policy. Additionally,
          it involves a technical audit conducted across all locations
          and devices in the enterprise. This session will explore the
          best practices regarding security audits based on the spread
          and criticality of the devices being audited. There is a
          judicious mix of remote and on-site audits that should be
          exercised.

About Citadel

Citadel Security Software Inc., a leader in enterprise vulnerability management solutions powered by AVR technology, helps enterprises effectively neutralize security vulnerabilities. Citadel's patent-pending, Common Criteria EAL 3 certified Hercules® technology provides users with full control over the automated remediation process, enabling efficient aggregation, prioritization and resolution of vulnerabilities detected by industry-standard vulnerability assessment tools. SecurePC(TM) and NetOFF(TM) products enable companies to enforce security policies from a single point of control. Citadel's solutions enable organizations to ensure the confidentiality of information, reduce the time and costs associated with the inefficient manual remediation process, and facilitate compliance with organizational security policies and government mandates such as FISMA, HIPAA and Gramm-Leach-Bliley legislation. For more information on Citadel, visit www.citadel.com, or contact the company at (214) 520-9292.

Safe Harbor/Forward-looking Statements:

This press release may contain forward-looking statements that are intended to be subject to the safe harbor protection provided by Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. These statements relate to future events or future financial performance and involve known and unknown risks and uncertainties that may cause actual results or performance to be materially different from those indicated by any forward-looking statements. In some cases, you can identify forward-looking statements by terminology such as "forecast," "may," "will," "could," "should," "anticipate," "expect," "plan," "believe," "potential" or other similar words indicating future events or contingencies. Some of the things that could cause actual results to differ from expectations are: the economic and geopolitical environment; changes in the information technology spending trends; the uncertainty of funding of government and corporate information technology security projects; the variability of the product sales cycle, including longer sales cycles for government and large commercial contracts; the uncertainty that the company's prospective deals will result in final contracts; the potential changes in the buying decision makers during a customer purchasing cycle; the complexities in scope and timing for finalization of contracts; the fluctuations in product delivery schedules; a lack of Citadel operating history; uncertainty of product development and acceptance; uncertainty of ability to compete effectively in a new market; the uncertainty of profitability and cash flow of Citadel; intellectual property rights and dependence on key personnel; economic conditions; the continued impact of terrorist attacks, global instability and potential U.S. military involvement; the competitive environment and other trends in the company's industry; the effects of inflation; changes in laws and regulations; changes in the company's business plans, including shifts to new pricing models that may cause delays in licenses; interest rates and the availability of financing; liability, legal and other claims asserted against the company; labor disputes; the company's ability to attract and retain qualified personnel; and adjustments to the amounts presented in the unaudited financial tables as a result of the completion of the audit process. For a discussion of these and other risk factors, see the company's Annual Report on Form 10-KSB for the year ended December 31, 2004. All of the forward-looking statements are qualified in their entirety by reference to the risk factors discussed therein. These risk factors may not be exhaustive. The company operates in a continually changing business environment, and new risk factors emerge from time to time. Management cannot predict such new risk factors, nor can it assess the impact, if any, of such new risk factors on the company's business or events described in any forward-looking statements. The company disclaims any obligation to publicly update or revise any forward-looking statements after the date of this report to conform them to actual results.

Editors Note: Citadel is a trademark and Hercules® is a registered trademark of Citadel Security Software.

Distributed by Market Wire