Welcome!

News Feed Item

LockPath Drives Groundbreaking Compliance Solution

Bridges Gaps Between Compliance and Security, Providing Automated Auditing and Continuous Monitoring

OVERLAND PARK, KS -- (Marketwired) -- 02/25/14 -- LockPath, the leading provider of governance, risk management, and compliance (GRC) solutions, today announced the integration between its software, Keylight, the UCFinterchange (UCFi) and technology partner NetIQ. The integration ties together Secure Configuration Management (SCM), Configuration Auditing (CA) and LockPath's Keylight Platform to automate the IT audit data collection and continuous monitoring processes.

Built on the patented, award-winning Unified Compliance Framework, the UCFi marries the technical controls of NetIQ (such as machine configuration settings) to LockPath's audit mechanisms, allowing for complete automation of continuous monitoring and audit data collection.

"With the integration of these best-in-class solutions, we can now offer our customers an innovative, automated approach to IT auditing and continuous monitoring," says Chris Caldwell, CEO of LockPath. "The UCFi format will enable our customers to form deeper and more meaningful relationships within the GRC ecosystem and empower their audit and compliance programs."

The UCFinterchange facilitates communication between SCM, CA, and GRC tools. IT specialists can now automatically perform business-wide configuration audits and map the results to corresponding policies and regulations. Compliance officers are then able to generate powerful, in-depth reports on these findings and route identified risks through the remediation process. This standardized and automated approach streamlines customer audit and IT security efforts, creates efficiencies within compliance programs, and enables users to make better and faster business decisions.

"We built an intelligent interchange platform to outpace the newest and still-emerging security and GRC guidelines," says Craig Isaacs, CEO of Unified Compliance Framework. "All indications point to full integration across GRC, SCM and CA tools will soon become a mandate and we are thrilled to have LockPath and NetIQ spearhead this initiative."

Keylight is the first fully-integrated GRC solution to meet the needs of both compliance officials and IT experts. Through their partnerships with the UCF and NetIQ, LockPath customers can leverage best-practice framework controls, gain valuable insights into configuration deficiencies and network vulnerabilities, and prioritize risks.

Attendees at this week's RSA Conference can see a demonstration of Keylight's UCFi integration at LockPath's booth (#238). More information on Keylight is available at www.lockpath.com/products.

About LockPath
LockPath brings a flexible, pragmatic approach to governance, risk management, compliance and security programs. Its solutions help organizations gain a deeper understanding of their security and risk posture while reducing their audit fatigue by aligning people with their processes and the enabling technology. LockPath provides the platform to efficiently manage and harvest meaningful data from GRC activities, including regulatory compliance, policy life cycle, information security risk data, incidents, disaster recovery plans, third party assessments and internal audits. LockPath is headquartered in Kansas City. Visit LockPath.com to learn more.

About Unified Compliance and the UCF
Since 1992, Unified Compliance has developed ground-breaking tools to support IT best practices, with a focus on solutions and processes that further the science of compliance, including harmonization methods, metrics, systems continuity and governance. The UCF was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Perkins Coie, which oversees all legal aspects of the UCF. More information can be found at www.unifiedcompliance.com.

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
Transformation Abstract Encryption and privacy in the cloud is a daunting yet essential task for both security practitioners and application developers, especially as applications continue moving to the cloud at an exponential rate. What are some best practices and processes for enterprises to follow that balance both security and ease of use requirements? What technologies are available to empower enterprises with code, data and key protection from cloud providers, system administrators, inside...
With the proliferation of both SQL and NoSQL databases, organizations can now target specific fit-for-purpose database tools for their different application needs regarding scalability, ease of use, ACID support, etc. Platform as a Service offerings make this even easier now, enabling developers to roll out their own database infrastructure in minutes with minimal management overhead. However, this same amount of flexibility also comes with the challenges of picking the right tool, on the right ...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and Bi...
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
Contextual Analytics of various threat data provides a deeper understanding of a given threat and enables identification of unknown threat vectors. In his session at @ThingsExpo, David Dufour, Head of Security Architecture, IoT, Webroot, Inc., discussed how through the use of Big Data analytics and deep data correlation across different threat types, it is possible to gain a better understanding of where, how and to what level of danger a malicious actor poses to an organization, and to determin...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Traditional IT, great for stable systems of record, is struggling to cope with newer, agile systems of engagement requirements coming straight from the business. In his session at 18th Cloud Expo, William Morrish, General Manager of Product Sales at Interoute, will outline ways of exploiting new architectures to enable both systems and building them to support your existing platforms, with an eye for the future. Technologies such as Docker and the hyper-convergence of computing, networking and...
Today, we have more data to manage than ever. We also have better algorithms that help us access our data faster. Cloud is the driving force behind many of the data warehouse advancements we have enjoyed in recent years. But what are the best practices for storing data in the cloud for machine learning and data science applications?
"MobiDev is a Ukraine-based software development company. We do mobile development, and we're specialists in that. But we do full stack software development for entrepreneurs, for emerging companies, and for enterprise ventures," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
As Cybric's Chief Technology Officer, Mike D. Kail is responsible for the strategic vision and technical direction of the platform. Prior to founding Cybric, Mike was Yahoo's CIO and SVP of Infrastructure, where he led the IT and Data Center functions for the company. He has more than 24 years of IT Operations experience with a focus on highly-scalable architectures.
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, discussed how data centers of the future will be managed, how the p...
When applications are hosted on servers, they produce immense quantities of logging data. Quality engineers should verify that apps are producing log data that is existent, correct, consumable, and complete. Otherwise, apps in production are not easily monitored, have issues that are difficult to detect, and cannot be corrected quickly. Tom Chavez presents the four steps that quality engineers should include in every test plan for apps that produce log output or other machine data. Learn the ste...