Lockpath

Lockpath, Inc

Company type	Subsidiary of Navex Global
Industry	Security Management, Governance, Risk, Compliance
Founded	2010
Founder	Chris Caldwell Chris Goodwin
Headquarters	Overland Park, Kansas
Products	Keylight Platform Blacklight Platform
Parent	Navex Global
Website	www.lockpath.com

Lockpath is a governance, risk management, and compliance and information security software platform based in Overland Park, Kansas.^[1] Its Keylight platform integrates business processes to simplify risk management and regulatory compliance challenges. Common business areas Lockpath target are policy and procedure management, risk assessment, incident management, vulnerability management, vendor management, business continuity planning and internal audit preparation.

Lockpath was founded by Chris Caldwell and Chris Goodwin in 2010 ^[2] to develop and sell governance, risk management and compliance software. Lockpath is headquartered in Overland Park, Kansas. Lockpath was purchased by NAVEX Global in 2019.

Products

Keylight Platform

Lockpath launched the Keylight Platform and their first application, Compliance Manager, in October 2010.^[3] The initial launch consisted of a regulatory content and controls library fully integrated with the Unified Compliance Framework (UCF), workflow capabilities and a reporting engine. Keylight 1.2 introduced the Threat Manager and Vendor Manager applications.^[4] Keylight 2.0 launched the Dynamic Content Framework^[5] and introduced two new applications, Incident Manager and Risk Manager. SE Magazine's Peter Stephenson described Keylight as a "...family of applications [that] helps organizations manage enterprise risks and demonstrate compliance by providing visibility into corporate risk and security controls. The ready-to-use toolset integrates all applications under a single user interface, unifies and correlates any amount of security content, exposes vulnerabilities throughout the organization by tracking and recording key information about secured assets, and creates an iron-clad audit history."^[6] Keylight 2.4 introduced the Business Continuity Manager application and gave users the ability to create business continuity plans, conduct Business Impact Analyses, and perform tabletop exercises to test business continuity plans.^[7] Keylight 3.0 included an integration with the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), a framework designed for healthcare organizations.^[8] Keylight 3.3 introduced the Audit Manager application^[9] and renamed Threat Manager to Security Manager.^[10] Keylight 3.5 included a hybrid-cloud delivery method for Vendor Manager^[11] and the Anonymous Incident Portal.^[12] Keylight 4.0 added the Advanced Analytics Engine to the product portfolio.^[13]

On 28 October 2014, Lockpath received U.S. patent number 8,874,621 for the Dynamic Content Framework (DCF).^[14]

Keylight 4.1 introduced the Keylight Ambassador.^[15] It was the first GRC platform to allow for both SAML and LDAP integration, the first to perform bulk tasks on data records, including data edits, workflow and record deletion, and the first to create ad-hoc reports on historical content. Keylight 4.1 also added support for syslog data collection.

Blacklight Platform

In 2018 Lockpath launched Blacklight,^[16] Blacklight brings automation to the configuration assessment of servers and corporate devices. The platform utilizes agent technology that continuously assesses devices and systems against Center for Internet Security (CIS) configuration benchmarks, as well as custom benchmarks, to detect misconfigurations that put organizations at risk for breaches or noncompliance.

The Keylight Ambassador

The launch of Keylight 4.1 in November 2014 introduced the Keylight Ambassador, the first hybrid connector on the market to allow users to securely automate data collection processes from on-premise applications, custom applications, applications without APIs, and applications where ad-hoc data is created.^{[citation needed]}

References

1. "Lockpath Rolls out Version 2.0 of Its Keylight Platform". InfoTech News. 30 September 2011. Retrieved 8 April 2013.
2. Kim, Jim. "Lockpath Draws Attention as Hot GRC Startup". FierceComplianceIT. Retrieved 1 September 2013.
3. "Lockpath, Inc. Poised to Revolutionize GRC with Announcement of Keylight Platform". pr.com. Retrieved 27 May 2014.
4. "Lockpath Releases New Applications on the Keylight Platform". LockPath. Retrieved 27 May 2014.
5. "Lockpath Releases Version 2.0 of Its Keylight Platform". Reuters. Archived from the original on 28 May 2014. Retrieved 27 May 2014.
6. Stephenson, Peter (1 June 2012). "Lockpath Keylight Platform v2.3". SC Magazine. Retrieved 27 May 2014.
7. "Lockpath Launches Business Continuity Manager". Disaster Recovery Journal. 5 June 2012. Retrieved 27 May 2014.
8. "Lockpath Adds HITRUST Common Security Framework to Keylight Platform". Healthcare IT News. 17 December 2012. Retrieved 5 April 2013.
9. Messmer, Ellen (10 June 2013). "Products of the Week 6.10.13". Network World. Retrieved 27 May 2014.
10. "Lockpath Keylight 3.3 Streamlines Audits". Compliance Week. 11 June 2013. Retrieved 27 May 2014.
11. Butler, Brandon (28 October 2013). "Products of the week 10.28.13". networkworld. Retrieved 27 May 2014.
12. Vatu, Gabriela (28 October 2013). "Lockpath Launches Anonymous Whistleblower Portal". softpedia. Retrieved 27 May 2014.
13. "Lockpath Debuts Keylight 4.0". Yahoo! Finance. Yahoo!. Retrieved 27 May 2014.
14. "United States Patent: 8874621 – Dynamic content systems and methods". United States Patent and Trademark Office. Retrieved 6 November 2014.
15. "Error". Retrieved 11 November 2014.
16. "Lockpath Announces New Platform for Security Configuration Assessment". PR Newswire. 25 September 2018. Retrieved 27 June 2019.