PRESS RELEASE

OVERLAND PARK, Kan., April 10, 2012 – LockPath, a provider of innovative governance, risk and compliance (GRC) applications, today announced the release of version 2.3 of the Keylight platform. Keylight 2.3 gives users more flexibility when importing data into Dynamic Content Framework (DCF) tables, significantly strengthens Keylight Threat Manager, and adds the latest United Compliance Framework (UCF) content.

With Keylight 2.3, users have the ability to upload data files (.xls and .csv) and import them directly into DCF tables. In addition, Threat Manager now displays vulnerability scan reports within a DCF table, allowing users to easily assign vulnerability tasks and track remediation items via workflow. Threat Manager now also dynamically pulls in the latest vulnerability results from the Qualys Detection API on a scheduled interval, providing differential imports, de-duplicating vulnerability data and significantly reducing import processing time and bandwidth requirements.

“LockPath has developed a next generation GRC platform, and the seamless integration with the QualysGuard cloud platform will streamline the tedious process of collecting and presenting security and compliance data for IT-GRC,” said Philippe Courtot, chairman and CEO of Qualys.

Continuing its market leadership in UCF and Shared Assessments content integration and harmonization, version 2.3 of the Keylight Platform incorporates the UCF’s Q1 2012 content update, which includes NIST 800-53 revision 3.

Other enhancements in Keylight 2.3 include:

Reporting and Dashboards: Users can now generate detailed reports to display the mapping relationships between controls and business units, controls and Compliance Documents, Authority Documents and business units, and Authority Documents and citations. There is also a new system dashboard report portlet, which displays a pie chart of the percentage of controls that are currently mapped to a Compliance Document versus controls that are not mapped. Keylight Compliance Manager: In addition to more easily mapping controls and audit items to citations, users can now select an Authority Document Issuer when creating a new Authority Document and run reports filtered by those issuers. Managing assessments is also easier now, as users can copy an assessment template and view assessment questions linked to controls. Version 2.3 also offers the option for point- and percentage-based assessment scoring labels when creating the template, and users can report on assessment score labels. Email Templates: Users can now quickly access and fully customize email templates for awareness events and vendor contact account alerts.

“LockPath is committed to delivering the most innovative GRC platform on the market,” noted Chris Goodwin, co-founder and CTO of LockPath. “Thanks to its inherent flexibility, we can continually update the Keylight platform and quickly bring significant enhancements to market. LockPath offers a new way for companies to effectively manage GRC initiatives that can keep pace with today’s fast-paced risk and compliance environment.”

For more information on the Keylight platform, please download the datasheet or call 913-601-4800.

About LockPath

LockPath helps companies of all sizes address the increasingly complex issues of regulatory compliance and risk management. Its innovative software provides keen insight by correlating security information from multiple data sources with current regulations and policies to gauge risk. Easy to install and manage, the Keylight platform empowers people at every level in an organization to take control and make better business decisions. LockPath is headquartered in Kansas City. Please visit www.lockpath.com to learn more.