ThreatLocker Review

Application Allowlisting & Control

ThreatLocker’s Allowlisting solves the historical whitelisting challenges of building allowed application lists, responding to updates, and adding new applications. When deployed in Learning Mode, ThreatLocker discovers and logs all applications and their dependencies, including executables, libraries, and scripts, that are currently existing or running on your environment. Based on real-time information and recommendations from your dedicated Solutions Engineer during this onboarding, You and your IT administrator can create allowlisting policies by hash that indicate the applications and dependencies permitted to run on your secured servers and endpoints. To handle constant application updates, ThreatLocker’s 24/7 team monitors and works with applications vendors to apply updated hashes for over 2000 common applications. So when one or more application updates are applied, the updated hash is already part of the control policy. 

When new applications are needed, users or admins can request them, and admins receive access to a testing environment to test the requested application in a sandboxed VDI and evaluate the risk in seconds to allow for approval or decline decisions quickly.

Ringfencing™

ThreatLocker’s Ringfencing™ solution controls what applications are able to do once they are running. By limiting how software can interact on your devices, ThreatLocker can reduce the likelihood of an exploit of unknown application vulnerabilities from being successful as well as if an attacker weaponizes your trusted applications with malware to copy or encrypt files, change registry keys, or access network resources. With Ringfencing™, you can reduce your company’s or client’s exposure to fileless malware, ransomware, island hopping, and zero-day attacks.

Storage Control & Network Access Control

Threatlocker’s cybersecurity platform provides you with complete and unified visibility and control over storage devices and networks. Access to USB devices, local hard drives, and shared network folders can be allowed, denied, or restricted depending on time, user, file type, and application. Using a centralized digital audit trail, you can track and review all the activities of users on storage devices and the specific file names and data they accessed, copied, and transferred.

ThreatLocker comes with Network Access Control that guards your servers and endpoints against internal and external network threats and vulnerabilities. Instead of having your servers available to the public, you’ll permit or prevent devices on your local network or the internet from connecting to your servers and endpoints based on location, IP address, port, or keyword.

Employee Productivity with Elevation Control

With ThreatLocker, you can enhance security and maintain compliance without compromising the productivity of your employees. You can temporarily or permanently elevate user privileges for specific applications so that employees can run those apps as a local admin without gaining full admin rights. Your employees can access and use all of the critical tools and data they need to quickly and smoothly perform their tasks. They don’t have to keep requesting admin rights from IT. This also prevents unauthorized access by users or for a user’s access to be weaponized