LockPath

LockPath, Inc
Private
Industry Security Management, Governance, Risk, Compliance
Founded 2010
Founder Chris Caldwell
Chris Goodwin
Headquarters Overland Park, KS
Products Keylight Platform
Security Manager
Incident Manager
Compliance Manager
Risk Manager
Vendor Manager
Business Continuity Manager
Audit Manager
Anonymous Incident Portal
Advanced Analytics Engine
Website www.lockpath.com

LockPath is a provider of governance, risk management, and compliance and information security software solutions.[1] Its Keylight platform integrates business processes to simplify risk management and regulatory compliance challenges. Common business areas LockPath solutions target are policy and procedure management, risk assessment, incident management, vulnerability management, vendor management, business continuity planning and internal audit preparation.

LockPath was founded by Chris Caldwell and Chris Goodwin in 2010 [2] to develop and sell governance, risk management and compliance software. Today, LockPath's client base included global organizations ranging from small and midsize companies to Fortune 10 enterprises in over 15 industries. LockPath is headquartered in Overland Park, Kansas.

Products

Keylight Platform

LockPath launched the Keylight platform and their first application, Compliance Manager, in October 2010.[3] The initial launch consisted of a regulatory content and controls library fully integrated with the Unified Compliance Framework (UCF), workflow capabilities and a reporting engine. Keylight 1.2 introduced the Threat Manager and Vendor Manager applications.[4] Keylight 2.0 launched the Dynamic Content Framework[5] and introduced two new applications, Incident Manager and Risk Manager. SE Magazine's Peter Stephenson described Keylight as a "...family of applications [that] helps organizations manage enterprise risks and demonstrate compliance by providing visibility into corporate risk and security controls. The ready-to-use toolset integrates all applications under a single user interface, unifies and correlates any amount of security content, exposes vulnerabilities throughout the organization by tracking and recording key information about secured assets, and creates an iron-clad audit history."[6] Keylight 2.4 introduced the Business Continuity Manager application and gave users the ability to create business continuity plans, conduct Business Impact Analyses, and perform tabletop exercises to test business continuity plans.[7] Keylight 3.0 included an integration with the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), a framework designed for healthcare organizations.[8] Keylight 3.3 introduced the Audit Manager application[9] and renamed Threat Manager to Security Manager.[10] Keylight 3.5 included a hybrid-cloud delivery method for Vendor Manager[11] and the Anonymous Incident Portal.[12] Keylight 4.0 added the Advanced Analytics Engine to the product portfolio.[13]

On October 28, 2014, LockPath received U.S. patent number 8,874,621 for the Dynamic Content Framework (DCF).[14] The DCF is a highly scalable and flexible content engine that gives users the ability to create custom tables and fields. With DCF’s drag-and-drop functionality, users can efficiently import and modify large sets of records. It gives users the ability to generate their own reports without requiring the assistance of developers and report writers.

Keylight 4.1 introduced the Keylight Ambassador.[15] It was the first GRC platform to allow for both SAML and LDAP integration, the first to perform bulk tasks on data records, including data edits, workflow and record deletion, and the first to create ad-hoc reports on historic content. Keylight 4.1 also added support for syslog data collection.

Applications

Compliance Manager

Compliance Manager centralizes compliance activities to automate business processes and reduce redundancies. LockPath’s partnership with the Unified Compliance Framework (UCF) provides customers with a library of regulations and frameworks for policy and procedure creation and management. Features of Compliance Manager include policy and procedure management, framework and controls management, and internal awareness events.

Security Manager

Security Manager manages vulnerability scan data from multiple sources, provides visual context around the large amounts of data, and tracks vulnerability remediation. Security Manager is integrated with the National Vulnerability Database and number of third-party connectors, including vulnerability scanners, web application security scanners, and penetration testing software, and supports the collection of syslog files. The application launched as Threat Manager and received a name change in June, 2013 due to the addition of web application connectors.

Risk Manager

Risk Manager is designed to provide insights into risks that could jeopardize organizational compliance. Features include risk documentation and prioritization, risk indicator analysis and risk remediation tracking.

Vendor Manager

Vendor Manager indirectly collects data on vendor internal processes via assessment attestation to identify risks associated with the company-vendor relationship. The data collected by these assessments is then used to proactively manage and monitor identified risks and incidents. Features include a centralized repository for vendor contacts, contracts and assessment history tracking, scheduled bulk-issuance of assessments to multiple vendors, and the Vendor Portal, a third-party extranet for an added layer of data protection. Vendor Manager’s enhancements in Keylight 3.5 included a hybrid cloud delivery option.

Incident Manager

Incident Manager is designed to document and streamline the company incident investigation and remediation process. Features include development and implementation of an incident and investigation strategy, identification and prioritization of new incidents based on business impact, and incident remediation workflows.

Business Continuity Manager

Business Continuity Manager gives users the ability to create and test business continuity plans through business impact analysis and tabletop exercises.

Audit Manager

Audit Manager is designed to enhance the end-to-end internal audit process and promotes a holistic, risk-based approach. Features include data visualization and reporting, automatic assessments and remediation task generation based on audit findings, and document audit history for future use.

Anonymous Incident Portal

LockPath’s Anonymous Incident Portal is a web service allowing users to securely and anonymously report workplace incidents, complaints and violations. It is designed to protect employees from unfair scrutiny and treatment from an organization for whistleblowing.

Advanced Analytics Engine

LockPath’s Advanced Analytics Engine works with Keylight’s existing analytics and reporting system to aggregate data from multiple sources, generate statistical trend analyses and create granular reports on a predefined frequency. Key performance indicators (KPIs) and key risk indicators (KRIs) can also be tracked, reported on, and routed through workflow. These features allow for a thorough and automated continuous monitoring process on both the compliance and information security sides of the business.

The Keylight Ambassador

The launch of Keylight 4.1 in November, 2014 introduced the Keylight Ambassador, the first hybrid connector on the market to allow users to securely automate data collection processes from on-premise applications, custom applications, applications without APIs, and applications where ad-hoc data is created.

Awards/Recognition

  • Gartner, Inc. 2014 Magic Quadrant for IT Vendor Risk Management[16]
  • GRC 20/20 2014 GRC Value Award: Third-Party Management[17]
  • Gartner, Inc. 2014 Magic Quadrant for Business Continuity Management Planning (BCMP)[18]
  • GRC 20/20 2013 GRC Value Award: IT & Information Risk, Security & Compliance[19]
  • Silicon Prairie News B2B Startup of the Year Finalist[20]
  • Silicon Prairie News Startup Executive of the Year Finalist[21]
  • CRN 25 Coolest Emerging Vendors of 2012[22]
  • CRN 2012 Emerging Vendor[22]
  • MIT 2012 Innovation Showcase[23]
  • Corporate Integrity GRC Technology Innovation Award[24]
  • SC Magazine 5-Star Rating Risk & Policy Management Group Test[6]
  • CRN 2011 Emerging Vendor[25]

References

  1. "LockPath Rolls out Version 2.0 of Its Keylight Platform". InfoTech News. 30 September 2011. Retrieved 8 April 2013.
  2. Kim, Jim. "LockPath Draws Attention as Hot GRC Startup". FierceComplianceIT. Retrieved 1 September 2013.
  3. "LockPath, Inc. Poised to Revolutionize GRC with Announcement of Keylight Platform". pr.com. Retrieved 27 May 2014.
  4. "LockPath Releases New Applications on the Keylight Platform". LockPath. Retrieved 27 May 2014.
  5. "LockPath Releases Version 2.0 of Its Keylight Platform". Reuters. Retrieved 27 May 2014.
  6. 1 2 Stephenson, Peter (1 June 2012). "LockPath Keylight Platform v2.3". SC Magazine. Retrieved 27 May 2014.
  7. "LockPath Launches Business Continuity Manager". Disaster Recovery Journal. 5 June 2012. Retrieved 27 May 2014.
  8. "LockPath Adds HITRUST Common Security Framework to Keylight Platform". Healthcare IT News. 17 December 2012. Retrieved 5 April 2013.
  9. Messmer, Ellen (10 June 2013). "Products of the Week 6.10.13". Network World. Retrieved 27 May 2014.
  10. "LockPath Keylight 3.3 Streamlines Audits". Compliance Week. 11 June 2013. Retrieved 27 May 2014.
  11. Butler, Brandon (28 October 2013). "Products of the week 10.28.13". networkworld. Retrieved 27 May 2014.
  12. Vatu, Gabriela (28 October 2013). "LockPath Launches Anonymous Whistleblower Portal". softpedia. Retrieved 27 May 2014.
  13. "LockPath Debuts Keylight 4.0". Yahoo! Finance. Yahoo!. Retrieved 27 May 2014.
  14. United States Patent and Trademark Office http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=8,874,621.PN.&OS=PN/8,874,621&RS=PN/8,874,621. Retrieved 6 November 2014. Missing or empty |title= (help)
  15. http://www.marketwired.com/press-release/lockpath-introduces-keylight-41-1966796.htm. Retrieved 11 November 2014. Missing or empty |title= (help)
  16. Ambrose, Christopher. "Magic Quadrant for IT Vendor Risk Management". http://www.gartner.com. Gartner, Inc. Retrieved 3 November 2014. External link in |website= (help)
  17. Rasmussen, Michael. "GRC 20/20 Announces 2014 GRC Value Award Recipients". GRC 20/20. Retrieved 31 October 2014.
  18. Witty, Roberta. "Magic Quadrant for Business Continuity Management Planning". https://www.gartner.com/. Gartner, Inc. Retrieved 31 October 2014. External link in |website= (help)
  19. Rasmussen, Michael (30 September 2013). "2013 GRC Value Award: IT & Information Risk, Security & Compliance". GRC 20/20 Research. Retrieved 27 May 2014.
  20. Schreiber, Danny. "Vote Hudl, LockPath, MindMixer or RareWire for B2B Startup of the Year". Silicon Prairie News. Retrieved 1 September 2013.
  21. Schreiber, Danny. "Vote Caldwell, Graff, Jones or Milne for Startup Executive of the Year". Silicon Prairie News. Retrieved 1 September 2013.
  22. 1 2 "The 25 Coolest Emerging Vendors of 2012". CRN. Retrieved 1 September 2013.
  23. Klein, Paula. "10 Top B2B Innovators Showcased". MIT Center for Digital Business. Retrieved 1 September 2013.
  24. Rasmussen, Michael. "2012 GRC Technology Innovation Awards". GRC 20/20. Retrieved 1 September 2013.
  25. Hickey, Andrew R. "10 Hot Emerging Vendors for November 2011". CRN. Retrieved 1 September 2013.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.