Lockpath Explained

Lockpath, Inc
Type:Subsidiary of Navex Global
Industry:Security Management, Governance, Risk, Compliance
Foundation:2010
Founder:Chris Caldwell
Chris Goodwin
Location City:Overland Park, Kansas
Products:Keylight Platform
Blacklight Platform
Parent:Navex Global

Lockpath is a governance, risk management, and compliance and information security software platform based in Overland Park, Kansas.[1] Its Keylight platform integrates business processes to simplify risk management and regulatory compliance challenges. Common business areas Lockpath target are policy and procedure management, risk assessment, incident management, vulnerability management, vendor management, business continuity planning and internal audit preparation.

Lockpath was founded by Chris Caldwell and Chris Goodwin in 2010 [2] to develop and sell governance, risk management and compliance software. Lockpath is headquartered in Overland Park, Kansas. Lockpath was purchased by NAVEX Global in 2019.

Products

Keylight Platform

Lockpath launched the Keylight Platform and their first application, Compliance Manager, in October 2010.[3] The initial launch consisted of a regulatory content and controls library fully integrated with the Unified Compliance Framework (UCF), workflow capabilities and a reporting engine. Keylight 1.2 introduced the Threat Manager and Vendor Manager applications.[4] Keylight 2.0 launched the Dynamic Content Framework[5] and introduced two new applications, Incident Manager and Risk Manager. SE Magazine's Peter Stephenson described Keylight as a "...family of applications [that] helps organizations manage enterprise risks and demonstrate compliance by providing visibility into corporate risk and security controls. The ready-to-use toolset integrates all applications under a single user interface, unifies and correlates any amount of security content, exposes vulnerabilities throughout the organization by tracking and recording key information about secured assets, and creates an iron-clad audit history."[6] Keylight 2.4 introduced the Business Continuity Manager application and gave users the ability to create business continuity plans, conduct Business Impact Analyses, and perform tabletop exercises to test business continuity plans.[7] Keylight 3.0 included an integration with the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), a framework designed for healthcare organizations.[8] Keylight 3.3 introduced the Audit Manager application[9] and renamed Threat Manager to Security Manager.[10] Keylight 3.5 included a hybrid-cloud delivery method for Vendor Manager[11] and the Anonymous Incident Portal.[12] Keylight 4.0 added the Advanced Analytics Engine to the product portfolio.[13]

On 28 October 2014, Lockpath received U.S. patent number 8,874,621 for the Dynamic Content Framework (DCF).[14]

Keylight 4.1 introduced the Keylight Ambassador.[15] It was the first GRC platform to allow for both SAML and LDAP integration, the first to perform bulk tasks on data records, including data edits, workflow and record deletion, and the first to create ad-hoc reports on historical content. Keylight 4.1 also added support for syslog data collection.

Blacklight Platform

In 2018 Lockpath launched Blacklight,[16] Blacklight brings automation to the configuration assessment of servers and corporate devices. The platform utilizes agent technology that continuously assesses devices and systems against Center for Internet Security (CIS) configuration benchmarks, as well as custom benchmarks, to detect misconfigurations that put organizations at risk for breaches or noncompliance.

The Keylight Ambassador

The launch of Keylight 4.1 in November 2014 introduced the Keylight Ambassador, the first hybrid connector on the market to allow users to securely automate data collection processes from on-premise applications, custom applications, applications without APIs, and applications where ad-hoc data is created.

Notes and References

  1. News: Lockpath Rolls out Version 2.0 of Its Keylight Platform. 8 April 2013. InfoTech News. 30 September 2011.
  2. Web site: Kim. Jim. Lockpath Draws Attention as Hot GRC Startup. FierceComplianceIT. 1 September 2013.
  3. News: Lockpath, Inc. Poised to Revolutionize GRC with Announcement of Keylight Platform. pr.com. 27 May 2014.
  4. News: Lockpath Releases New Applications on the Keylight Platform. LockPath. 27 May 2014.
  5. Web site: Lockpath Releases Version 2.0 of Its Keylight Platform. https://archive.today/20140528065721/http://www.reuters.com/article/2011/09/27/idUS135101+27-Sep-2011+MW20110927. dead. 28 May 2014. Reuters. 27 May 2014.
  6. News: Stephenson. Peter. Lockpath Keylight Platform v2.3. 27 May 2014. SC Magazine. 1 June 2012.
  7. News: Lockpath Launches Business Continuity Manager. 27 May 2014. Disaster Recovery Journal. 5 June 2012.
  8. News: Lockpath Adds HITRUST Common Security Framework to Keylight Platform. 5 April 2013. Healthcare IT News. 17 December 2012.
  9. News: Messmer. Ellen. Products of the Week 6.10.13. 27 May 2014. Network World. 10 June 2013.
  10. News: Lockpath Keylight 3.3 Streamlines Audits. 27 May 2014. Compliance Week. 11 June 2013.
  11. News: Butler. Brandon. Products of the week 10.28.13. 27 May 2014. networkworld. 28 October 2013.
  12. News: Vatu. Gabriela. Lockpath Launches Anonymous Whistleblower Portal. 27 May 2014. softpedia. 28 October 2013.
  13. Web site: Lockpath Debuts Keylight 4.0. Yahoo! Finance. Yahoo!. 27 May 2014.
  14. Web site: United States Patent: 8874621 – Dynamic content systems and methods. United States Patent and Trademark Office. 6 November 2014.
  15. Web site: Error. 11 November 2014.
  16. Web site: Lockpath Announces New Platform for Security Configuration Assessment. 2018-09-25. PR Newswire. en-US. 2019-06-27.