Skip navigation

The Keylight Platform

Achieve audit-ready status by using LockPath’s award-winning GRC and information security platform.

Automate processes. Minimize risk. Demonstrate compliance.

The Keylight Platform is designed to help enterprises manage all facets of compliance and information security programs, including policies and procedures, risk assessment and mitigation, incident tracking and remediation, vulnerability management, third-party risk management, business continuity planning and audit preparation.

Keylight allows organizations to house their entire list of activities, processes and information in one database. The platform consists of a fully integrated suite of management applications, connectors to third-party data sources and a user friendly interface that provide the capabilities to:

  • Centralize policy management with Compliance Manager
  • Bring order to the chaos of IT Security with Security Manager
  • Capture organization risks with Risk Manager
  • Evaluate suppliers and contractors for risk and compliance with Vendor Manager
  • Connect to third-party intelligence, data, analytics and content feeds through Keylight Connectors
  • Link to extensive third-party data, including Syslog, with the Keylight Ambassador™
  • Track all security and compliance incidents with Incident Manager
  • Provide effective prevention and recovery with Business Continuity Manager
  • Streamline the audit process with Audit Manager
  • Gain business intelligence from your GRC program with Advanced Analytics Engine

Compliance Manager

Centralize policy management—from creation to testing.

  • Manage policy lifecycle.
    Create or import existing policies and link to controls.
  • Track regulatory changes.
    Identify gaps and eliminate inefficient overlaps.
  • Create awareness.
    Track and report acknowledgement of policies.
  • Assess knowledge.
    Measure policy comprehension.
Compliance Manager


Security Manager

Correlate configuration, vulnerability and web app scan data.

  • Add context.
    Correlate data from multiple scanners to identify trends.
  • Link findings.
    Maintain a reportable asset profile of vulnerabilities, risks, incidents, events, controls and policies.
  • Track remediation.
    Prioritize and assign tasks, manage status with integrated workflow.
  • Deep integration.
    Fast setup and flexible control over input frequency.
Security Manager


Risk Manager

Capture organizational risks and policy exceptions.

  • Document risks.
    Generate a risk register, including dynamic records created by assessments.
  • Prioritize risks.
    Analyze, score and track each risk—configurable for any risk methodology.
  • View key risk indicators.
    Powerful, flexible reporting on current risk status and trends over time.
  • Manage treatment.
    Track remediation, including policy exceptions.
Risk Manager


Vendor Manager

Assess large sets of third parties for risk and compliance.

  • Create assessments.
    Build dynamic surveys based on standards or regulations.
  • Share awareness.
    Distribute new policies or policy changes.
  • Score results.
    Automatically identify high-risk vendors.
  • Automate reviews.
    Schedule periodic assessments based on risk levels.
Vendor Manager


Incident Manager

Track all security and compliance incidents.

  • Investigate incidents.
    Track all enterprise incidents—from InfoSec to human resources.
  • Maintain consistency.
    Streamline process for managing incident identification and resolution tasks.
  • Consolidate records.
    Automatically import incidents from third parties and SIEMs.
  • Connect data.
    Relate incidents to policies, risks and business continuity plans.
Incident Manager


Business Continuity Manager

Provide effective prevention and recovery for your organization.

  • Maintain secure plans.
    Develop custom business continuity and disaster recovery plans.
  • Conduct business impact analysis.
    Analyze and prioritize critical and non-critical functions and activities.
  • Integrate risk and compliance factors.
    Automate tasks for investigating incidents and remediating risks.
  • Test plans.
    Use tabletop exercises to validate plan effectiveness.
Business Continuity Manager


Audit Manager

Streamline audits. Automate task generation.

  • Identify audit universe.
    Implement a risk-based approach to planning and prioritizing audit processes.
  • Automate tasks.
    Create audit and remediation tasks based on project and findings.
  • Collect evidence.
    Easily document and share audit findings.
  • Report status.
    Complete visibility to audit performance, findings and history.
Audit Manager


Advanced Analytics Engine

Gain business intelligence from your GRC programs.

  • Monitor Key Performance Indicators.
    Prioritize improvements by monitoring progress toward strategic or operational goals.
  • Evaluate Key Risk Indicators.
    Identify trending risks to prioritize remediation efforts.
  • Track productivity over time.
    Know when your productivity is at its highest by capturing performance over time.
  • Determine benchmarks for future success.
    Compare performance to industry standards, internal achievements or competitors.
Advanced Analytics Engine