Pathlock CCM Streamlines Control and Change Monitoring to Boost Security

Pathlock, a provider of identity and application access governance, is releasing Continuous Controls Monitoring (CCM), a product within the Pathlock Cloud Platform that encompasses control management, risk quantification, and change monitoring to streamline control mechanisms from various frameworks into one centralized, automated system.

"As the digital landscape continues to evolve and new risks are identified, Continuous Controls Monitoring empowers organizations to stay one step ahead of risk by providing real-time visibility, enhanced compliance, and proactive mitigation,” said Piyush Pandey, CEO, Pathlock. “As a major element of the strategic Pathlock Cloud vision, Pathlock's CCM is a cross-industry solution that focuses on user access and the potential impact of inappropriate access to sensitive data or SoD violations so that those violations can be quickly remediated. We’re excited to see the time and cost-saving benefits that these capabilities will provide to our current and future customers.” 

Large enterprises will be able to continuously monitor all business control, separation of duties, and IT configuration change transactions, replacing the current method of periodic sample reviews, according to the company.

The aim is to reduce both business losses and the cost of audits through continuous auditing of controls in financial and other transactional applications.

The availability of CCM will enable Pathlock customers to prioritize risk remediation based on potential impact to make the best use of available resources and limit business process risks (financial, operational, and security) through two key modules:

  • Controls Management: This module provides the ability to integrate and streamline business processes and manual process control mechanisms from various frameworks into a centralized, automated system. It provides enhanced risk visibility, improves efficiency, and reduces manual effort in maintaining compliance. The risk quantification feature analyzes transaction data for organizations to quantify the financial exposure of Separation of Duty (SoD) violations and business process transactions within or across application environments.
  • Change Monitoring: This module generates events and notifies a business to analyze master data and key application configuration changes in the business system. It enables detailed analysis of the changes including the source of the change, the user initiating the change, along with before and after values including items that have been deleted and carry out corrective and or preventative actions depending on the impact of the change.  This capability aids in maintaining a complete audit path over configuration and master data changes. 

Through the implementation of standardized, automated process controls based on accepted frameworks, organizations can quickly improve their cybersecurity posture while reducing manual efforts. The reduction of manual efforts results in lower internal and external resource costs, fewer errors, and reduced audit preparation times, according to the company.

For more information about this news, visit