NetIQ Vulnerability Manager Certified by Center for Internet Security;

    Business Editors/High-Tech Writers

    SAN JOSE, Calif.--(BUSINESS WIRE)--Jan. 26, 2005--In an effort to automate IT policy and regulatory compliance, NetIQ Corp. (Nasdaq:NTIQ), a leading provider of Systems & Security Management and Web Analytics solutions, today announced that NetIQ Vulnerability Manager(TM) 5.0 has been certified against the Center for Internet Security (CIS) Level 1 Benchmark for Windows 2000 operating systems.
    "Our customers are using CIS benchmarks to aid in compliance with regulations, like Sarbanes-Oxley," said Greg Davoll, group product manager at NetIQ. "Given the prevalence of Microsoft Windows 2000 within our customer base, the Windows 2000 benchmark was a priority for us. We will continue to follow our customers lead in order to provide a solid basis for security configuration management across other key Windows and non-Windows platforms."
    With the CIS certification, NetIQ Vulnerability Manager customers can now accelerate their Windows compliance efforts based on a leading, credible source for industry best practices. The CIS Level 1 Benchmark for Windows 2000 is a technical standard that draws upon best practices published by The SANS Institute, the National Security Agency, the National Institute of Standards and Technology, and the United States Defense Information Systems Agency, as well as consensus guidance from CIS members and users from both the public and private sectors.
    The CIS Certification program is distinguished from other IT certifications because CIS Certified vendor tools support the consensus best practices movement. CIS strategic partnerships with AICPA, IIA and ISACA are advancing the science of security auditing to include measurement of configuration management outcomes.
    "CIS works with end users and software vendors, facilitating a consensus building process that defines security benchmarks for minimum baseline and best practice configuration. The benchmarks are widely accepted, user-originated standards that help companies satisfy the configuration requirements imposed by federal regulations such as SOX, GLBA, and HIPAA," said Bert Miuccio, vice president of CIS. "NetIQ Vulnerability Manager can help companies securely configure and periodically audit Windows 2000 systems for compliance with the Level 1 Benchmark."
    NetIQ is a charter member of CIS, which was formed in October 2000 to develop consensus-based IT technical standards and to certify products to advance widespread adoption of security benchmarks for security configuration management.

    About NetIQ Vulnerability Manager

    NetIQ Vulnerability Manager provides a broad, fully integrated solution to optimize vulnerability management, including: vulnerability notification and advisory; policy compliance and auditing; vulnerability scanning; and patch management.

    About NetIQ

    NetIQ Corp. (Nasdaq:NTIQ) is a leading provider of Systems & Security Management and Web Analytics solutions. In addition to managing Windows-based applications, NetIQ delivers cross-platform solutions that enhance business performance resulting in higher returns on infrastructure and Web investments. NetIQ products are sold worldwide, directly and through a network of authorized NetIQ distributors and resellers. The company is headquartered in San Jose, Calif., with development and operational personnel in Houston; Portland, Ore; Raleigh, N.C.; Bellevue, Wash.; and Galway, Ireland. For more information, please visit the company's Web site at www.netiq.com or call 888-323-6768.

    NetIQ and NetIQ Vulnerability Manager are trademarks or registered trademarks of NetIQ Corporation in the United States and other countries. All other trademarks mentioned are the property of their respective owners.

--30--AA/ho*

CONTACT: NetIQ Corp., Houston Carrie Ward, 713-418-5801 carrie.ward@netiq.com or Investor Relations Greg Klaben, 408-856-1894 greg.klaben@netiq.com or Access Communications for NetIQ Christina Sarracino, 415-844-6219 csarracino@accesspr.com

KEYWORD: CALIFORNIA TEXAS INDUSTRY KEYWORD: SOFTWARE INTERNET E-COMMERCE SOURCE: NetIQ Corp.

Copyright Business Wire 2005