ThreatLocker Zero Trust Platform Reviews

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for almost a year now. My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are definitely a solution around application control, Ringfencing, and elevation control, which ticks a lot of security frameworks for us.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I like the most are the Ringfencing, elevation control, storage control, and application whitelisting functionality.

For examples of how these features benefit my company, we were looking for a solution across various vendors to actually implement application whitelisting controls. ThreatLocker's agent, which is very lightweight and does not use much CPU or RAM, helped us achieve that solution. Ringfencing was an add-on that ticked off a lot of Australian framework security controls, which is the reason we chose it.

My impression of the allowlisting feature in terms of managing which software, scripts, and libraries run on my devices is that ThreatLocker's community page has a lot of information around this, which is very helpful. Not only that, the Cyber Hero support that ThreatLocker provides gives us insights and best practices, helping us achieve that solution and guiding us to the right platform.

The impact of Ringfencing on controlling the behavior of approved applications has been a big winner for us because it is something that many other platforms do not provide as a functionality. Having that allowed us to identify what applications talk to each other, which is something that many other platforms do not do.

The network control feature impacts my ability to manage network traffic across my endpoints and servers. We have not used this widely across all our partners, but wherever required, we use it. It has been an easy solution for those customers to get that control implemented.

The elevation feature's role in facilitating just-in-time administrative access for approved applications shows that elevation control helps in many use cases involving remote control platforms, door usage, and security system platforms that require local admins. There are many solutions that provide this functionality, but the licensing cost seems to be expensive, and it also adds another solution into the mix. Rather than doing that, we try to use ThreatLocker Zero Trust Endpoint Protection Platform to achieve that control.

Regarding the storage control feature, I have used it. The primary function is USB blocking, which is very widely adopted, and also just locking down and allowing certain users to access certain file locations helps us there.

When it comes to enforcing policy-driven access over various storage devices, it depends on the business risk adapted by the companies that we support, but generally the use case is USB and external storage devices where companies know that is a risk, but they do not have appropriate solutions. There are EDR platforms that claim to do this, but ThreatLocker Zero Trust Endpoint Protection Platform does it at an advanced level.

My assessment of the efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites leads me to think that Web Control is another functionality within ThreatLocker Zero Trust Endpoint Protection Platform that is an add-on on top of the current set. That is another solution that we use based on what is required for the company, but again, that is not widely adapted yet for our partners.

When it comes to how the solution can be improved, I think app stores, like the web extension in the app stores within the Windows platform, would help rather than rolling it out manually. App store installation with linking to Office 365 or the ThreatLocker user account would be very handy.

Regarding the stability and reliability of the platform, I have not experienced any downtime, crashes, or performance issues. No platform is completely reliable 24/7. Microsoft calls themselves 24/7, but there are still one or two days of outages per day. There have been outages here or there, but ThreatLocker has been open about the communication. A recent example was a DDoS attack or something similar that happened to ThreatLocker's platform, but they were very open about it, sharing what caused it, what happened, and what they were doing. The transparency in communication has given us confidence that the keys to the kingdom are with the right people.

The solution scales well with the growing needs of my company. We have expanded the usage after adopting ThreatLocker Zero Trust Endpoint Protection Platform as a solution. Due to our past experience, we were a bit optimistic about the solution. We signed up for up to 200 endpoints from memory. Within six months, we are close to 2,200 endpoints, which is a scale-up of almost 10 times in six months. We anticipate it will grow up to 4,000 by the next three months, and we have agreements signed up.

I evaluate customer service and technical support as one of the best places I have seen across many vendors. The Cyber Heroes is one of the standout features, and that is feedback that I gave when I attended this event. It helps us, coming from IT professionals where we are also frustrated trying to figure out what is going on, and when you see the other end helping us, it gives us that relief. They are knowledgeable, they know what to do, and they guide us with the appropriate KB articles that support what they are saying. It is not just one person saying something, but they support it with relevant KB articles. I would not rate customer service and technical support a 10 just because of my personal perspective. I would give it nine out of 10, as there is always room for improvement.

Positive

The solution we were using before adopting ThreatLocker Zero Trust Endpoint Protection Platform in our company included Microsoft and another platform called Airlock.

ThreatLocker Zero Trust Endpoint Protection Platform has absolutely helped my company save on operational costs and expenses. We used to use many other platforms. We did a recent analysis and costs have reduced by a proportion of 20 to one because we used to spend a lot of time packaging all the files with other platforms. ThreatLocker's built-in functionalities and the work that they do in the back end helped us reduce a lot of time and resources overall.

Regarding the metrics, the recent analysis that we did shows that over a month, we used to spend on other platforms (I will not name the vendors) approximately 260 to 270 hours. Based on what we use ThreatLocker Zero Trust Endpoint Protection Platform for with the same functionalities and packaging, it was around 13 or 14 hours. That is a big investment and a way for us to save time.

My experience with the pricing, the setup cost, and the licensing is that the pricing seems to be acceptable compared to many other solutions out there. I think rather than the pricing, it is more about the ease of use, the ability to understand, and how simple the platform is, which has helped us.

I did not consider any other solutions in my evaluation process. We already had Microsoft, and Airlock and ThreatLocker Zero Trust Endpoint Protection Platform were the two solutions that we had in the product evaluation.

My advice to other companies is to focus on support and more research and development. Factors that led me to consider a change included performance, cost, support, and scalability. Comparing to Microsoft, it was the use of deploying adaptability and the work to be done, as well as operational cost. When it comes to Airlock, it was pricing, ease of platform use, and the amount of research and development that is done in the back end. I did not purchase this product through AWS Marketplace. I purchased it directly. I have not used the DAC dashboard much. I came to this event expecting to learn more about it, so I got some insights which will allow me to use it across the business. It is very new. I gave this product an overall rating of 8 out of 10.

Our main use case for ThreatLocker Zero Trust Endpoint Protection Platform is application whitelisting and ring-fencing, and we also utilize the elevation control. That was what led us to ThreatLocker. We use it for application whitelisting and elevation. We have the storage module, which we need to use a bit more, but we are at a point where we are working on other projects, so we are okay right now, but we will come back to it and continuously improve on it, adding more functionality there. Mostly those three are our current focus.

The elevation feature of ThreatLocker Zero Trust Endpoint Protection Platform is what led us to them because originally we were using a different company that was overcharging us for elevation. My boss, Robert, met ThreatLocker at a conference and talked with them, saying, "Well, we do that and more." So it started at elevation, but the application whitelisting is what really helped us out, especially getting to the point where we are with Zero Trust. We had dealt with ransomware attacks in the past, and we were always trying to figure out how to stop this. We did not want to face that again because if you get hit once, you almost get PTSD. So we ended up with the application whitelisting, and that brings me peace of mind. If I had to pick one module out of all of them, that one is it.

ThreatLocker Zero Trust Endpoint Protection Platform benefits a company in general by providing all features under one umbrella, but specifically elevation control is crucial. Certain software needs admin rights to run, and we do not want to give a person admin rights to run that software, especially security software for us, specifically the security cameras. We tried other solutions, but they did not work as nicely. They would work and then break, but we have not had a problem with ThreatLocker. The application side is the one I would pick just because you do not have a situation where if you are going to try to run a program, it stops it. You can allow it through, and it will start running for you. Because it stops you along the way during the initial phase, you know that a malicious actor is not going to be able to run something bad on your system. That is the beauty of the whole Zero Trust platform, that lovely protection layer of stopping literally everything.

The only improvement I would suggest for ThreatLocker Zero Trust Endpoint Protection Platform is the ability to stop automatic processes when pushing out updates or applying new policies to your computers. It would be beneficial because if you deploy to a large number of servers that are not broken down by groups and all have the same network-attached storage, it can cause an issue. Deploying to an entire organization at once could lead to a slowdown, so you can avoid that by deploying to individual groups at different times. If I had one thing to add, that would be it.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for about two years.

As far as stability and reliability with ThreatLocker Zero Trust Endpoint Protection Platform, I have not experienced any downtime, crashes, or performance issues. We had a small blip with everyone trying to write at the same time on the policies, but ThreatLocker's dev team helped us come up with an option to delay it, which is good. I would still like to see the scheduling I mentioned, but I have not had any issues with availability.

ThreatLocker Zero Trust Endpoint Protection Platform's solution scales with the growing needs of my company as we have not really grown yet. We mainly cover our staff and faculty machines. The student machines may get added, but we are reevaluating our computing policy for student devices, especially as many have transitioned online. We can expand it for staff and faculty easily as we have enough fluff in the licenses, but it is very simple to do if needed.

I would rate customer service and technical support of ThreatLocker Zero Trust Endpoint Protection Platform a 10 out of 10, hands down. I am a big fan of them. My account rep is always responsive; if I need something and email him, he gets back to me. I will not get ghosted. They also have the Cyber Hero chat, and they always answer within a few minutes.

Positive

Prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform, I did not have another MDR solution, but we tried several endpoint protection solutions over the years. A long time ago, we had Kaspersky, which was good back in 2015, but we wanted to get away from them for geopolitical reasons. We then went to VMware's Carbon Black, which was a complete failure, even letting ransomware through. Currently, we also have SentinelOne, more for server antivirus, but I find ThreatLocker and SentinelOne to be the best combination.

ThreatLocker Zero Trust Endpoint Protection Platform has absolutely saved us money. If it is not money in an actual cost, it saves in intrinsic value. I sleep better at night because of it. We have the MDR package as well, and just knowing someone is watching those endpoints at 3:00 a.m. is a lifesaver that you cannot put a dollar figure on. It has made things more manageable because we are a smaller team, and we could not replicate what ThreatLocker gives us in manpower with that kind of money.

My experience with the pricing, setup cost, and licensing of ThreatLocker Zero Trust Endpoint Protection Platform has been pretty good. We are in education and typically get education discounts. We signed a five-year agreement, and while there may have been price increases, for us, it has been great. I am going to talk to my account rep later about the changes announced today.

In the consideration process before getting ThreatLocker Zero Trust Endpoint Protection Platform, I looked at Arctic Wolf on the MDR side and possibly another solution. Before buying anything, I check reviews, especially on Reddit in the K-12 university sector. I did not get the warm fuzzies on Arctic Wolf, and while the proof of concept looked okay, nothing wowed me. I can see ThreatLocker working; we have not had anything get through, and I have tested it personally. I have received calls from their team, even at 3:00 a.m. It is fantastic.

Using ThreatLocker Zero Trust Endpoint Protection Platform, we were able to replace a particular solution that was overcharging us for the elevation module, which was about half the cost of ThreatLocker's base module. It was a little bit more money, but we got a whole ton more capability out of the product. You could probably consolidate some tools, but I would to think of ThreatLocker as the first stage of your multi-layer security stack, but it is also the last. It is a nice security blanket at the beginning and the end. You can have other bits in there to cover maybe your network monitoring on your firewalls and things, but when it comes to the actual endpoints and your servers, it is a fantastic product.

The allow-listing feature of ThreatLocker Zero Trust Endpoint Protection Platform is pretty fantastic. It can be a bit of a pain if you are having to implement something new, but honestly, the day-to-day operations are not all that bad to set up. If you go through the actual recommended process with installation mode or monitoring mode and watch the files you need, it is not hard to set up. You see in the Unified Audit everything that it is catching, so you really do get that granular view of what processes are calling what exactly. You tie it to a hash, and as long as it stays to that hash, you really do not have to worry if someone comes in and renames a process. If someone were to come to my machine and rename it to whatever that process was, example.exe, because the hash is different, theirs is not going to be able to run even if it is called the same thing. So there is no need to worry about that.

Controlling the behavior of approved applications tends to be pretty good with ThreatLocker Zero Trust Endpoint Protection Platform. There are sometimes where it annoys you, but I would rather deal with that small annoyance than deal with an attack later. It is not hard to manage; if something gets caught, you go to the Unified Audit, check the logs, and make approvals or exemptions as needed. Some things do change in your environment, but overall, the process is very simple.

I do not use the Network Control feature of ThreatLocker Zero Trust Endpoint Protection Platform as much as we should. We have looked at it and want to get there, which is one of those things we want to return to. The features announced for Zero Trust Network Access are very interesting to me just because we are transitioning more towards remote work. One of the use cases I am looking at is Zero Trust Network Access for our SMB shares and file shares, which could solve a problem for us, so I am very interested and looking into that.

ThreatLocker Zero Trust Endpoint Protection Platform facilitates just-in-time administrative access for approved applications, and that is great. It is very simple whenever it is an application you have already approved or if it is a new one. While setting it up, there is a little slider bar down at the bottom where you can set a time of "Okay, this needs to be permanent, this needs to be only an hour, a day." Fantastic.

I use the Storage Control feature of ThreatLocker Zero Trust Endpoint Protection Platform slightly. The only one we are currently utilizing is that we block USBs from being run. We are in the process of testing just cutting off autorun; if you plug in a USB, you cut off the autorun. So far, that has worked, but I am at the conference and did not want to cut it on while I am not there. I do not cause trouble, but when implementing any kind of security feature, you do not want to just throw a grenade and walk off.

I do not use the DAC dashboard of ThreatLocker Zero Trust Endpoint Protection Platform yet, as I learned about it at this conference. I am very interested in it along with the ZTNA because of defending against misconfigurations. I was at another conference where a gentleman from the FBI talked about how misconfigurations often lead to compromises, and it is nice to have that in a portal. It is definitely something we are going to look at.

I do not use the Web Control feature of ThreatLocker Zero Trust Endpoint Protection Platform.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform a 10 out of 10 overall. If I had to suggest it to another company, I would say that, another product, you will get out of it what you put in. It takes a little time to onboard and monitor. Some customers want to just pay to make problems go away, but this product can help you do that. I suggest trying it, but with realistic expectations, as no product can automatically make bad actors go away. You do have to put in a little work, so go through it, do a proof of concept, and give it a shot; it is a great product.

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are to prevent people from downloading and running applications they're not supposed to and to prevent threat actors from launching PowerShell and scripts in our environment or anything else.

One of ThreatLocker's greatest strengths is the ability to allowlist only your core, trusted applications and block everything else by default. The elevation request feature is particularly well-designed — end users can submit a request to run an unfamiliar application on their own, without needing to call the help desk first. That request triggers a detailed email to our IT team with everything we need to make an informed decision: whether the application appears safe, whether we want to approve it, or whether we want to keep it blocked.

When it comes to managing which software, scripts, and libraries are permitted to run across our environment, ThreatLocker gives you excellent tools to build and fine-tune your allowlist with precision. My initial concern was that deployment and ongoing management would be a significant burden — that we'd be constantly fighting with the platform over blocked applications. That concern turned out to be unfounded. Day-to-day maintenance has been far simpler than I anticipated, and a lot of that credit goes to their onboarding team. They were hands-on throughout the entire setup process, and that guidance was honestly the difference-maker in how smoothly things went.

We are actively using Elevation Control, and it's been a standout feature. When a user needs to run something outside the allowlist, they can submit a request entirely on their own without pulling IT into a phone call. We receive all the relevant details and can even run the application in ThreatLocker's controlled sandbox to check for any malicious or undesirable behavior before approving it. That level of visibility just didn't exist for us before — it's a meaningful improvement in how we evaluate and respond to software requests.

I think ThreatLocker Zero Trust Endpoint Protection Platform can be improved with an identity and multi-factor authentication module so that it can help manage situations when you elevate a command prompt to run as an administrator by incorporating its own MFA into that process. That would be excellent. Because there's another solution, we have to look at other third-party solutions to do that. It would be nice if they just did it as part of the suite.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for one year. 

Regarding the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform, I have not experienced any downtime, crashes, or performance issues. When it blocks something that you might not want it to block in your environment that's a trusted application, the logging and the interface that it provides is really comprehensive to allow you to see why it might be blocked.

ThreatLocker Zero Trust Endpoint Protection Platform scales very well with the growing needs of my company. It's easy to roll out. It's easy to add more licenses, and so we haven't had any issues with that as we've scaled and gotten bigger.

ThreatLocker's customer service and technical support are, without question, the best I've experienced from any security vendor. It's genuine white-glove service — not just during onboarding, but throughout the entire life of the product. Post-deployment support is just as attentive and responsive as the initial setup experience, which is rare in this space.

Their support chat tool makes opening a ticket effortless, and you're never left waiting. Someone always follows up quickly, and the quality of the help you receive matches the speed. I'd rate their customer service and technical support a 10 out of 10 without hesitation.

Positive

Prior to adopting this product, we were using other solutions for the network control portion of it, and they were terrible. ThreatLocker gives you a lot more ways to control the firewall and the network protection than you would with the traditional Windows firewall. 

By using ThreatLocker Zero Trust Endpoint Protection Platform, I think it has probably saved some time from our help desk team in support costs, but most importantly, it's helped add another layer of protection that we didn't have before that we absolutely needed to better defend our environment. I'm happy spending the money for it because of the protection it provides.

ThreatLocker came in significantly more affordable than I expected — both in terms of licensing and setup costs. Some vendors will hit you with tens of thousands of dollars in implementation fees before you've even gotten the product fully running. ThreatLocker takes a different approach: ongoing onboarding support is built into the cost of the product rather than front-loaded as a one-time deployment charge. That model is far more practical, and frankly more honest — you're not paying a premium just to get through the door.

We did consider other solutions before choosing ThreatLocker Zero Trust Endpoint Protection Platform, but they weren't as comprehensive and they were more expensive.

Security is a top priority for us and for our clients. One of the most significant threats any organization faces is a breach or malware compromise, and ThreatLocker adds a meaningful layer of defense that goes well beyond what a traditional antivirus solution can offer. The zero trust model fundamentally changes how you think about endpoint protection.

ThreatLocker has also influenced how we approach our broader security stack. Rather than sourcing a separate solution for storage device control, we're now evaluating ThreatLocker's built-in Storage Control feature as a natural extension of what we're already running — which would be a much cleaner and more cost-effective path forward.

Overall, I'd give ThreatLocker a 10 out of 10. It's a well-built platform with a pricing model that makes sense, support that actually delivers, and a feature set that continues to grow in relevance as our security needs evolve.

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform include blocking unwanted programs and utilizing the geolocation and network modules to allow connections from client machines to servers through external IP addresses, effectively using it as the broker to allow the connection.

The Network Control feature of ThreatLocker Zero Trust Endpoint Protection Platform impacts my ability to manage network traffic across endpoints and services by allowing me to see who is trying to access, which is key and paramount, as I don't want anyone to connect in; being able to see it in real-time and thwart whoever is trying to infiltrate is a great feature.

Every time I do not have to put in a password is a good day when using the Elevation Control feature of ThreatLocker Zero Trust Endpoint Protection Platform.

In my thoughts on the Storage Control feature, while it adds an extra step where someone has to request access to use a storage device, it's annoying but necessary to control data across devices.

I think that the Learning Mode of ThreatLocker Zero Trust Endpoint Protection Platform needs to be a little bit more hands-off, as most of the time when we install a new program with Learning Mode on, it still requires additional requests after it's been completed.

Using ThreatLocker Zero Trust Endpoint Protection Platform has not eliminated any security tools or solutions, but I would say that the web filtering needs improvement and for patch management, I do most of the work myself by figuring out what works and what does not, then pushing it out to the client, using Auto Admins to vet the patches and send them to our clients, so we don't actually have to do that work ourselves; however, Zorus blocks content such as social media, nudity, and mature websites, which with ThreatLocker Zero Trust Endpoint Protection Platform requires physically inputting the IP addresses and URLs, resulting in a bit more manual labor.

ThreatLocker Zero Trust Endpoint Protection Platform could improve by being a little more hands-off, perhaps by having a team inside ThreatLocker that does all the vetting of patches; having one person hired by ThreatLocker to check out patches means that a million other industries using ThreatLocker Zero Trust Endpoint Protection Platform do not have to vet the same patch, ultimately saving time and money around the world.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for four years.

I have experienced performance issues on Macs when implementing ThreatLocker Zero Trust Endpoint Protection Platform for a client that solely has Macs, and we couldn't necessarily get it to work 100 percent of the time; this may be related to Macs and security and just being a little too much as far as IT tools go, while we've had problems with Macs on Addigy and other programs for our Windows PCs, Macs are fighting us, despite working tirelessly with support, and it is what it is at this moment, though perhaps it will change in the future, as Apple needs to start becoming a team player.

Now that we've worked out the kinks from our first couple of installs, expanding the usage of ThreatLocker Zero Trust Endpoint Protection Platform is just easy, using the template and rinsing, lathering, and repeating.

The customer service and technical support of ThreatLocker Zero Trust Endpoint Protection Platform are phenomenal, top-notch and top drawer, always willing to help and showing exactly where we need to look to ensure we can have the tools we need for the next time, reducing the need to call into support.

Positive

I was not using another solution to address similar needs before deploying ThreatLocker Zero Trust Endpoint Protection Platform.

ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs, as we actually make a little bit of money off reselling it.

We save about $15-$20 per PC through ThreatLocker Zero Trust Endpoint Protection Platform.

The saving process happens because it's not just saving, but actually increasing our net revenue by adding an additional fee for managing it, so it helps.

I have used Deep Freeze in the past, but that is kind of older technology; it puts the computer back into its main state after it has been used and rebooted, going back to system defaults or whatever you set it to, so it is not the same thing as ThreatLocker Zero Trust Endpoint Protection Platform, which I think is probably the most unique company out there right now, allowing them to put on such a big expo.

In my opinion, it is a love-hate relationship with ThreatLocker Zero Trust Endpoint Protection Platform; everybody hates it because it causes so much need for user input to request to allow applications, but it is a necessary evil because security is paramount and it is the most important feature of ThreatLocker Zero Trust Endpoint Protection Platform.

Anytime a user clicks on an email received from a trusted client that they were not expecting, and it installs something, if ThreatLocker Zero Trust Endpoint Protection Platform blocks it, it is doing its job.

I have used the Ringfencing feature with ThreatLocker Zero Trust Endpoint Protection Platform.

I do use the Elevation Control feature in ThreatLocker Zero Trust Endpoint Protection Platform.

To be honest, I don't think I've actually used the DCA dashboard to identify which security and configuration settings need fixing.

It is doing the job that no other company I have seen yet could do by stopping the layman person from allowing intruders into their network and organization, which is why I think they are doing the best job possible.

I advise other companies considering getting ThreatLocker Zero Trust Endpoint Protection Platform for themselves to do it now and install it now, as you have nothing to lose. I would rate this product 9.8 out of 10.

Our main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are on all of our endpoints for all of our clients as well as using it for containment for incident responses.

The feature I appreciate most about ThreatLocker Zero Trust Endpoint Protection Platform is Application Allowlisting.

With Application Allowlisting, ThreatLocker Zero Trust Endpoint Protection Platform's features benefit my company by allowing our clients to only allow the applications they need to run their business and to ultimately shut the door on any other outside threats. Especially on the recovery side of things, we see recoveries happen with many other solutions in place, and what we have not seen to date is anything with a true Application Allowlisting feature that has been enabled on all of the endpoints. We are very much 100% supportive of the application portion.

My impression of ThreatLocker Zero Trust Endpoint Protection Platform's Allowlisting feature in managing which software, scripts, and libraries run on our devices is that it only allows certain applications to run, which ultimately means that the things that are not allowed do not run. That is where we are seeing a lot of lateral movement on the incident response side of things. From the Allowlisting perspective, only the things that are allowed can run, giving us the most confidence in us being an MSP for our end users and our clients.

We have used the Ringfencing feature with ThreatLocker Zero Trust Endpoint Protection Platform.

Since we have the entire unified suite, we use everything, including the Network Control feature.

Using the Network Control feature impacts our ability to manage network traffic across our endpoints and servers by highlighting anything that we should know and stopping anything that we should not. Ultimately, it gives us the most confidence in not letting those lateral movements happen, regardless of whether certain scripts and certain applications talk to each other. Overall, it gives us the confidence that we know that nothing is occurring that we do not approve.

With the Elevation Control feature, I assess its role in facilitating just-in-time administrative access for approved applications as crucial. An example is that everyone should get access to some level of QuickBooks within an environment, but not everyone should have the same level of access. What we have noticed is groups going in and toggling back and forth, forgetting that someone has higher credentials than they should or higher access. The ability to perform Elevation Control for a certain period of time allows those groups and those policies to be written to give us the most protection, giving us again the confidence that we need knowing that nothing inappropriate is occurring behind the scenes.

I assess the efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites as very effective. The real-time intelligence, especially on the recovery side of things, gives us updates on those web domains, indicating that one day they might seem fine and other days they might not. Being able to control that from a Web Control perspective ultimately gives us the ability to deny new domains that come out that might not have as much background or experience and provide confidence that they are not malicious. It allows us to compare it against millions and millions of other data points that I do not think another solution can achieve.

I would suggest further developing the Web Control aspect of ThreatLocker Zero Trust Endpoint Protection Platform and also having better compatibility with Apple devices and mobile devices. It is important because not every group is going to be Lenovo or PC driven. Knowing that there is a bit more usability on the Apple side helps us. We work with groups that have ten endpoints or five thousand, and it would be interesting to see how we can then use ThreatLocker Zero Trust Endpoint Protection Platform to also manage our clients' endpoints from a cell phone perspective because that could open up more revenue.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for two years.

I have full confidence in the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform. While there are a couple of bugs here and there, of course, there are always bugs everywhere. The support system has been great whenever I have questions; they are always there to answer them. I never have to wait long for a response. Overall, clearly no company is perfect, and they are not supposed to be, and I think they do a really good job of answering all the questions when they arise.

Regarding scalability, ThreatLocker Zero Trust Endpoint Protection Platform scales well to the growing needs of my company. We started with Allowlisting and then built off of that, eventually getting the full scope of everything. It actually gives us a full scalability approach because every single one of our endpoints has it installed, regardless of whether they are a fully IT managed client or not. It also allows us to go upmarket into the five hundred to one thousand to five thousand employee range where those clients might not necessarily be looking for fully managed IT but definitely need help from a managed security provider. This allows us to fill those needs and use ThreatLocker Zero Trust Endpoint Protection Platform as the application to pair with our other security tools from spam filter to Microsoft management, keeping costs low while adding value to groups that would otherwise be overpriced if we priced them at a total endpoint cost.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform's support at a ten range because I get answers almost immediately. I do not believe I have ever had this level of support from other companies, especially as evidenced by being here at this conference.

Positive

Prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform, we were using SentinelOne.

This solution has helped my company save on operational costs and expenses. I estimate we save roughly thirty percent off of other security tools because we were using a pretty advanced version of SentinelOne. Being able to move off of that and utilize ThreatLocker Zero Trust Endpoint Protection Platform for our PAM as well has brought our costs down by about thirty percent, ultimately allowing us to reap more of the benefits of the enterprise value.

My experience with pricing, setup cost, and licensing for ThreatLocker Zero Trust Endpoint Protection Platform is that it is very fair based off the current market rate, especially as I aggregate costs on other applications. What I get is very comparable to what I am going to be paying for other applications, and it is under a single platform, making it much easier to use instead of managing three or four different systems. I think it is very fair for what is out there.

This solution has helped my company save on operational costs and expenses. We did not purchase this product through AWS Marketplace. Cyber and Lyra have been using ThreatLocker Zero Trust Endpoint Protection Platform for five years, and I have only been there for two. I would rate ThreatLocker Zero Trust Endpoint Protection Platform at a nine to ten range overall for our company. We have full support in the application, and we believe in zero trust. I would advise other companies, either MSPs or companies considering this solution, not to be afraid of managing the product and not to think that zero trust is complicated and inefficient. They should actually look at it through the lens of how it protects their clients and truly understand it. At first, it might be a big lift, but over time, we have seen tickets drastically decrease and our margins drastically increase because of that. I encourage others not to be afraid of the initial challenges because ultimately, I think it is going to be a huge payoff. Overall, I would rate ThreatLocker Zero Trust Endpoint Protection Platform a nine out of ten.

Our main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are application control, for the most part, and we also use it to give certain users their own rights to elevate apps. We also have the Cyber Heroes feature where we have some clients that work 24/7, and since we cannot monitor everything at all times, we use that feature as well. Additionally, we use the feature where you can confirm that there is not a virus on the app by using the virtual environment inside of it, which is very effective. Checking with VirusTotal allows us to cross all our T's and dot all our I's.

ThreatLocker Zero Trust Endpoint Protection Platform has helped our company save on operational costs and expenses significantly. There are many issues we would have dealt with previously. Simply looking at it in basic terms, a tech spending too much time trying to figure out what application some user installed would cost a considerable amount in labor expenses. The cost of paying that technician to spend that time on just one application that some user decided to install alone is an incredible gain in having ThreatLocker Zero Trust Endpoint Protection Platform.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I find most valuable are definitely the application control feature, which is the one we mostly use. It gives us peace of mind for the most part. We do monitor it and keep our eyes on it, but overall, it makes our job much easier, especially when we have a new client that we know we can deploy this into the environment and immediately put guardrails on what is occurring.

ThreatLocker Zero Trust Endpoint Protection Platform provides features that benefit our company by showcasing our value as an MSP. Many times it provides value that clients do not understand. We had a client who was complaining for a while because we had all these security guardrails in place, and we told them they needed this protection. Then someone tried installing something on their computer and ThreatLocker Zero Trust Endpoint Protection Platform blocked it, and it turned out to be an actual virus. They were downloading a fake application from a website they found on Google, where someone had spoofed the website to look like a legitimate app. This person was the CEO of that company, so he had significant access to the rest of the company. This was the biggest win when we were able to provide protection and show them what we had prevented.

The biggest thing I would like to see improved in ThreatLocker Zero Trust Endpoint Protection Platform is reporting. I am hoping that ThreatLocker can improve the reporting capabilities. The main reason I am saying this is because much of the reporting is very text-based, such as lists of this or that. If they could create an executive report that looks very polished and professional, that would be ideal. Clients, usually CEOs, are not really interested in an Excel file. They want to see how their protection is going in nice, visually appealing graphs, which is what they are accustomed to. It would be beneficial to have improved reporting inside the platform without having to use an external tool to accomplish these things.

We have been using ThreatLocker Zero Trust Endpoint Protection Platform for a couple of years now, so I would say almost four years, most likely.

I would assess the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform as very good. There have been glitches, but most of them have been on the portal. The ThreatLocker team is quick to resolve issues and at least notifies us. The most important thing is getting ahead of it and letting our clients know that we are having an issue and working on it. As long as we communicate that, I think it is acceptable. We have only had issues with the portal sometimes. Many times they are not really platform issues, but rather the back end where it is hosted. When AWS was having issues, ThreatLocker had issues as well. There is not much you can do about that. In terms of the app itself, I cannot think of a time we have had serious issues, which is a good thing.

ThreatLocker Zero Trust Endpoint Protection Platform scales with the growing needs of our company very well. Since we started using it, we have doubled the amount of endpoints that we are protecting, and it has been extremely smooth. We have not had any issues. It is one of the easiest applications to deploy and configure because you can set it to learning mode for a week or two, even on servers where it is a bit more nerve-wracking to install something. We do not have issues with this approach. It just auto-learns the environment.

I would evaluate the customer service and technical support of ThreatLocker Zero Trust Endpoint Protection Platform as great. We love it and have not had any issues. The technical support is good, responsive, and their team is smart.

By using ThreatLocker Zero Trust Endpoint Protection Platform, we have not consolidated or replaced any other security tools. ThreatLocker was our first venture into endpoint Zero Trust, and we have not looked anywhere else. We are committed to security stacking, so we have not removed anything else in terms of EDR, MDR, or antivirus. We keep all of that because those are different levels of security when protecting a client. We did not have something else that was anything like ThreatLocker Zero Trust Endpoint Protection Platform. ThreatLocker is pretty unique to us, and it filled a gap that did not exist in our company.

We have used the Ringfencing feature with ThreatLocker Zero Trust Endpoint Protection Platform before, but to be honest, I do not have experience with it. Our team is the one who has experience with it, and I have not heard any complaints.

ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs and expenses significantly.

My experience with the pricing, setup costs, and licensing of ThreatLocker Zero Trust Endpoint Protection Platform is that the pricing is fair for the work that Zero Trust does. I think it is fair pricing, in my honest opinion.

ThreatLocker Zero Trust Endpoint Protection Platform is the first platform of its kind that we are using. I can tell you we always look at a minimum of three applications when we are making a decision. I do not remember what the other two were, but ThreatLocker was just obvious to us. Since then, we have not even had a need to look at anything else.

My impression of the allowlisting feature of ThreatLocker Zero Trust Endpoint Protection Platform in terms of managing which software, scripts, and libraries run on our devices is that it is amazing. I appreciate the fact that there are many pre-built applications in the system, which makes our job quicker. If an application already exists in the database, our technicians have less work to do. The team has less work to do when allowlisting some of these applications. It makes the process very intuitive for the team, as they do not need to know all the intricacies of an application to figure out how to block it and protect the client or allow it. Overall, we do not have any issues with it, and we love it.

Regarding the Network Control feature of ThreatLocker Zero Trust Endpoint Protection Platform, we are not using the module right now.

We do use the Elevation Control feature. My assessment of the Elevation Control feature's role in facilitating just-in-time administrative access for approved applications is that it makes it easy for us to allow what can be called shadow IT to do their work without opening up their computer to install anything they want. They can allow themselves and assume the risk that they are installing something, but we have a log of the applications they allowed to be installed. It is a really good auditing tool to keep track of what is getting installed. At the same time, it makes it easier for power users to take control of what they are doing while allowing us to keep an eye on what is being installed.

We have not really used the Storage Control feature of ThreatLocker Zero Trust Endpoint Protection Platform very much. We do not really control how users use their storage, so it is not something we have used.

I do not remember using the DAC Dashboard of ThreatLocker Zero Trust Endpoint Protection Platform. The feature we use is the URL control. We have a client where we control what websites they can access to. We are able to block all that. This other feature we are using has worked amazingly because it does not matter where the user is around the world. We are able to control what they can access without requiring a firewall to restrict them. Typically we use a firewall, but that only works for those on the VPN or on-premises. For many of our clients, which are spread across locations, we have a client who has many users in airports working, and using this feature has been invaluable because we are able to control what websites and what web traffic they can access right from within ThreatLocker Zero Trust Endpoint Protection Platform.

I would definitely rate ThreatLocker Zero Trust Endpoint Protection Platform a ten out of ten. We do not have any issues, so as long as they take care of us, it is a perfect score. My overall rating of ThreatLocker Zero Trust Endpoint Protection Platform is a ten out of ten. My advice is always to do a proof of concept. It does not hurt. Talk to ThreatLocker and see if you can get a free trial that you can deploy somewhere and see how it works. Get your hands on it and do not be afraid of it. It is not really hard to deploy, so it is easy to test and see if it is something you will appreciate. I think most people who try it are going to appreciate it. The biggest hurdle is convincing the client that this needs to be in their environment because this tool works so well that people are not accustomed to having to submit a ticket or wait to get the application that they need. However, I think once they realize the security benefits and if you present use cases such as specific incidents that happened in their company or to other clients, most clients will be satisfied with having this in their environment. The bottom line is to try it out and see if you love it.

I use ThreatLocker Zero Trust Endpoint Protection Platform to secure our clients, primarily utilizing the Application Control and the Network Control to restrict the network traffic and the applications and programs our clients are allowed to run.

I am not incredibly familiar with the Ringfencing feature of ThreatLocker Zero Trust Endpoint Protection Platform, but I do know it is active and used for our clients, although I am not too experienced with that aspect.

By using ThreatLocker Zero Trust Endpoint Protection Platform, we have been able to consolidate our security tools; for instance, by starting to use the Microsoft 365 module, we canceled a couple of other subscriptions for other services. We are also hoping to start using the Configuration Manager soon, which could help us move away from using Intune and Group Policy for device management.

ThreatLocker Zero Trust Endpoint Protection Platform impacts our ability to manage network traffic across endpoints and servers effectively. Sometimes it does block new things we try to run, but once we get them approved, it works perfectly and successfully blocks the things we want to be hindered.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I like the most are the Application Control and the Network Control, which we use the most, and I am also going to start using the Microsoft 365 module to protect the email identities.

The Application Control and Network Control features of ThreatLocker Zero Trust Endpoint Protection Platform benefit our company because the Application Control does not allow any unauthorized software to run on our clients' computers, meaning they can only run the programs they need to use daily, blocking malware and unnecessary applications that could bloat the computers. Additionally, the Network Control helps us deny any traffic from computers that aren't running ThreatLocker to our clients' computers, providing enhanced security.

We use the Network Control feature of ThreatLocker Zero Trust Endpoint Protection Platform extensively, as it helps deny any traffic to our computers that isn't coming from non-approved or non-ThreatLocker devices.

We use the Elevation Control feature in ThreatLocker Zero Trust Endpoint Protection Platform sometimes; we try to prevent our users and endpoints from having local admin access, so the Elevation Control assists with that. Furthermore, we have many computers on local domains, so the Elevation Control helps with the UAC prompts that arise from those situations.

The Elevation Control feature in ThreatLocker Zero Trust Endpoint Protection Platform facilitates just-in-time administrative access for approved applications quite effectively, especially because we use Cyber Heroes, as requests from users are approved quickly, within minutes, as one of the Cyber Heroes will handle it if we do not.

We have deployed the Storage Control feature of ThreatLocker Zero Trust Endpoint Protection Platform for a couple of our clients, and I hope to extend its use further. Right now, we use it primarily to prevent writing to any external drives, ensuring no one can copy data off a computer using a USB drive, and we also block execution from a USB, protecting against potential malicious activities from devices such as Rubber Ducky USBs.

One improvement I would like to see in ThreatLocker Zero Trust Endpoint Protection Platform is the addition of a SIEM solution, as they currently do not offer one, but aside from that, I love everything ThreatLocker Zero Trust Endpoint Protection Platform has to offer.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for around two and a half years.

In terms of the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform, I think I have only experienced one or two very brief periods of downtime, if any, but it has remained a very reliable service.

ThreatLocker Zero Trust Endpoint Protection Platform scales excellently with the growing needs of my company. I already use multiple modules and plan to use more, making it easy to expand capabilities. I find it very beneficial to create child tenants and organizations to help organize everything as we grow.

I evaluate the customer service and technical support of ThreatLocker Zero Trust Endpoint Protection Platform as a 10 out of 10. Whenever I have an issue, I always open a chat with the Cyber Heroes, and they are extremely helpful.

Positive

Before using ThreatLocker Zero Trust Endpoint Protection Platform, I utilized SAS Alerts, which I did not particularly favor, and most recently, I used Huntress ITDR, which works well, but I believe it is better to have everything consolidated under ThreatLocker.

While I would not say ThreatLocker Zero Trust Endpoint Protection Platform has helped us save on operational costs, it has definitely assisted in generating more revenue, as we have been able to offer more services to our clients due to ThreatLocker. There is an expense on our part for the service, but we manage to recoup that money by selling services to our clients.

My experience with the pricing, setup costs, and licensing for ThreatLocker Zero Trust Endpoint Protection Platform is positive. I think the pricing is very good and competitive, and since we have been with the company for a while, we enjoy a favorable price per endpoint without complaints, finding everything to be seamless and cost-efficient.

We considered a few other solutions before selecting ThreatLocker Zero Trust Endpoint Protection Platform, having previously used several antiviruses, but we never found anything comparable to ThreatLocker, which has become our main piece of the security stack and we have not looked elsewhere since.

My impression of ThreatLocker Zero Trust Endpoint Protection Platform's allowlisting feature is that I really like how it works. While it can get a little hard to digest with a lot of tenants and clients, it is easy to understand due to its priority system even with the management demands.

Regarding enforcing policy-driven access over various storage devices with ThreatLocker Zero Trust Endpoint Protection Platform, we do not have extensive experience with the Storage Control feature.

I was introduced to the DAC dashboard a few months ago because we recently started using ThreatLocker Detect and the EDR, which provides more data for that dashboard. It contains a lot of information, and I have really liked what I have seen so far.

We do not use the Web Control feature of ThreatLocker Zero Trust Endpoint Protection Platform. It is something I hope to consider in the future, but many of our clients, particularly small to medium businesses, prefer not to be constrained by Web Control.

For companies that are considering ThreatLocker Zero Trust Endpoint Protection Platform, my advice would be to go for it. It truly changes how you secure your clients and offers more opportunities to provide services to clients that were not feasible before. I give this product a rating of 10 out of 10.

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are to isolate machines and make it easier to give elevated permissions.

The features I appreciate most about ThreatLocker Zero Trust Endpoint Protection Platform are definitely the elevated permissions, so we don't have to give everybody local admin to install things. We have a lot of people in the field that need to install programs, so it's easier to have ThreatLocker do that than constantly give out local admin permissions.

The elevated permission feature benefits my company by allowing us to have many field technicians who are out and could be in the middle of nowhere. Instead of constantly remoting in to help them with installing programs, we can do the initial setup, get everything approved for elevated permissions, and then whoever else needs it from there doesn't have to call us or anything. They can just install it and be fine.

My impression of the allow-listing feature of ThreatLocker Zero Trust Endpoint Protection Platform in terms of managing which software, scripts, and libraries run on my devices is that it has been great. It has definitely made our job easier. We do a lot of scripting for automation, and instead of having to go through and run those manually, it allows us to elevate the permissions for that specific script and run it from a remote position and then be fine with it.

ThreatLocker Zero Trust Endpoint Protection Platform is working spectacularly from what I am using it for. I don't have too much input on that because I don't use one hundred percent of the program, unfortunately. From the thirty to forty percent I use, it is running great and doing what is needed. I think it is good now.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for three to six months.

I assess the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform as excellent. I have experienced absolutely no downtime, crashes, or performance issues. Everything has been running as intended. We have only had it three to six months, so we might not have hit that point where something might happen. As of right now, there have been no issues at all.

ThreatLocker Zero Trust Endpoint Protection Platform scales extremely well with the growing needs of my company. We did a small test unit of approximately ten PCs once we started the process of paying for it. We wanted to test deployment and see how that was. Deploying it out was no problem. It was surprising to the end users because they now have a box that randomly pops up when they are trying to run things. The learning aspect is great. We did a full week of learning, and that caught probably ninety-nine percent of the applications that we use and have not had too many issues outside of that. Occasionally, I might have to throw a computer back into learning mode so it relearns some of the newer applications. But other than that, it has been fantastic.

I evaluate the customer service and technical support as fantastic. The Cyber Heroes would probably send somebody on-site if it is something that absolutely needs it. The few issues that we have had, we get a response within ten minutes or so from them, sometimes instantly. That has been fantastic.

Positive

I was not using another solution to address similar needs prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform; ThreatLocker is the first one we have had.

My experience with pricing, setup cost, and licensing is that the setup cost was fair. It was definitely a hit to the leadership team, but other than that, it is fair for what it does. There are so many different things inside the application that you can do. I don't know the pricing off the top of my head, but when we set it up, it was very fair for the price. The support has been great with them, and the setup costs were minimal. Pricing-wise, I think it is just good.

ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs or expenses by freeing up a lot of time on the IT side of the team. Instead of remoting in and manually installing things for people, it released that time from our IT support side to get a little more time on their hands instead of constantly babysitting people to put applications on their computers. Cost-wise, it probably saved us some costs in malicious things that came through that could have potentially been bad. Since it stopped it, we did not have to go down the rabbit hole of getting that fixed.

If I had to give a number, I would estimate that ThreatLocker Zero Trust Endpoint Protection Platform saved approximately thirty thousand to forty thousand dollars.

Before selecting ThreatLocker Zero Trust Endpoint Protection Platform, I did consider one other solution. I cannot remember the name, but we have seen ThreatLocker at a few other conventions that we have been to, and they are always the headliner on this specific area. We went with them first, liked the price, and went forward with them.

My company has not been able to eliminate or consolidate any security tools or solutions by using ThreatLocker Zero Trust Endpoint Protection Platform, so it is more of an addition than trying to replace anything else.

I have used the Ringfencing feature of ThreatLocker vaguely, mainly for a few isolated computers, but I have not gone too far into that myself. Our other team member here is the one who mainly does that.

I have not used the Network Control feature of ThreatLocker Zero Trust Endpoint Protection Platform.

I do use the Elevation Control feature of ThreatLocker Zero Trust Endpoint Protection Platform.

My assessment of its role in facilitating just-in-time administrative access for approved applications is that it is great. The email notifications or text notifications if somebody needs elevated permissions are especially helpful. It helps instead of people constantly having to figure out how to get a hold of us. They can request it, and then it lets us allow them to run the program.

I don't use the Storage Control feature of ThreatLocker Zero Trust Endpoint Protection Platform.

I have not used the DAC dashboard.

I assess the efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites as fair. I don't use that one too often, but it does do a fairly good job. There are a few false positives. I would say probably ninety-five percent are legitimate, and the other five percent might be a dead certificate or something along those lines.

I give ThreatLocker Zero Trust Endpoint Protection Platform an overall rating of nine because there is always room for growth and no application is perfect. For other companies, if you have many end users who need things installed or people who are out in the field that need specific applications, it is very beneficial. It saves a lot of time for your team. It is something worth looking into, even if you don't do a full deployment; a scaled deployment to a certain specific audience of your employees would be beneficial.

In addition to protecting my own equipment and my own reputation, I use ThreatLocker Zero Trust Endpoint Protection Platform with clients. I have some clients that have really high-risk client data that they store on their machines. One client is a fractional data analysis company that does data analytics for probably 15 or 20 different companies, so they have a lot of sensitive data on their machines, and they want that well protected. They do not want their machines to ever be compromised. I am also using ThreatLocker Zero Trust Endpoint Protection Platform in conjunction with another group where we are developing and deploying our own VDI product, so it is protecting the VDI product as well.

The most valuable feature of ThreatLocker Zero Trust Endpoint Protection Platform is application control, and network control because network control is a key component to how we are protecting the environment in the VDI space. We have one layer of protection at the gateway level, but I prefer a belt and suspenders approach. If your belt fails, the suspenders hold your pants up. I rely on network control even more than the primary control, partially because somebody else is doing the primary control, and I do not trust them. However, I trust what ThreatLocker Zero Trust Endpoint Protection Platform can give me at the network control level.

By using ThreatLocker Zero Trust Endpoint Protection Platform, my company might be able to eliminate or consolidate some security tools or solutions. After hearing the latest announcement, I think I could be eliminating some tools and solutions. There are two SaaS platforms that I use to support the Microsoft 365 environment that are probably gone, as well as the gateway solution to the VDI platform. The capabilities from the new feature probably just obsoleted that platform.

ThreatLocker Zero Trust Endpoint Protection Platform can be improved by what was just announced. That means giving me the ability to essentially implement my own Zero Trust network environment, much like going to someone like Zscaler, but without the hassle of Zscaler. I love the simplicity of the implementation approach that was outlined and the concept of how it works.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for seven months.

Regarding its scalability and reliability, I have never had an issue with performance. ThreatLocker Zero Trust Endpoint Protection Platform did have a brief outage once, but from the standpoint of accessibility and performance, I have never had any issues, and their architecture seems to cover that well.

I assess the customer service and technical support as outstanding.

Positive

My experience with the pricing, setup cost, and licensing is remarkable. I have no complaints about that; it is very much appropriate, and the pay-as-you-go model that I am operating under as a reseller works well for my size of business.

In terms of the Allowlisting feature, I am fairly new to this and have just gone through certifications. My impression of the Allowlisting feature in managing which software, scripts, and libraries run is that I use it extensively, and it is really impressive because it has the flexibility I need. There is a developer that works with the client that I mentioned that has the high-risk data, and it has been a little challenging, but he and I have been able to work together to develop a strategy where he can deploy the Python scripts that he needs to in a relatively safe fashion without disrupting his work too much. It has the control I need for most people in their organization; I think I have only done three different approvals in the last four months except for this developer. We have developed a framework where I am not disrupting his life either because he is a high-value employee for this company, and I need to protect the data while letting him do the work he needs to do, so it gives me the flexibility to accomplish that.

I have used the Ringfencing feature. Assessing the impact of the Ringfencing feature on controlling the behavior of approved applications, the fact that I can restrict someone from using Dropbox, for instance, and prevent them from accessing other data related to OneDrive on a machine is actually substantial. I can do a good job of preventing data exfiltration from machines with that and some storage control features, among other things.

I use the Network Control feature. The Network Control feature impacts my ability to manage network traffic across my endpoints and servers by enabling fine-grain control, particularly with the VDI solution I mentioned. It gives me the ability to control where RDP sessions can originate; I only want to receive them through a gateway called Kasm. It also allows me to establish who can have direct connections to it in a support role. Previously, I had limited choices for how admins could connect to the Kasm service, and I did not like the options available for multi-factor authentication on there, but now I can use Network Control with ThreatLocker Zero Trust Endpoint Protection Platform on the Linux server to enable only machines with ThreatLocker Zero Trust Endpoint Protection Platform installed to connect to it.

I have not used the Elevation feature yet. I have used the Storage Control feature. My thoughts on the Storage Control feature in enforcing policy-driven access over various storage devices are that while I am not deeply mature with using it, the instances in which I have used it, I love the concepts, and I came out of an environment where my last job was data security manager for a large enterprise. I wish I had had it there.

I have used the DAC dashboard. Identifying which security and configuration settings need attention is straightforward. That is because ThreatLocker Zero Trust Endpoint Protection Platform not only gives you the controls that you do not have configured properly but also the solution on how to fix it.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform as a 10, and companies that are considering it need to stop considering and just implement it.

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are Application Whitelisting, Elevation Control, and Storage Control.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I find most valuable are the application control and Elevation Control.

My impression of the solution's allow-listing feature in terms of managing which software, scripts, and libraries run on my devices is positive. We can implement it at a global level or a user device level, and it is straightforward to execute. By placing it in learning mode, the system does most of the work automatically, and we only need to address occasional edge cases as they arise.

The role of Elevation in facilitating just-in-time administrative access for approved applications is critical for us. Our industry software is twenty years old, and everything needs to run as local admin. We obviously cannot do that from a security perspective, so having only this application run as admin is essential for us to keep the devices secure.

By using ThreatLocker Zero Trust Endpoint Protection Platform, my company has been able to eliminate or consolidate three solutions: BeyondTrust, USB Lock, and Active Directory Software Restriction Policy for Application Whitelisting.

The benefits of using ThreatLocker Zero Trust Endpoint Protection Platform for my company include removing previous tools that we did not prefer, replacing them with this solution, and enjoying a significantly better user experience. It should reduce some overhead and save time in processes that are now faster.

To improve ThreatLocker Zero Trust Endpoint Protection Platform, I would prefer grouping done in the console rather than in how you deploy the software, so that we can automate that more effectively. Additionally, more integrations with our specific tools, such as Arctic Wolf, which is our SOC, would be beneficial so that it can feed security logs out of ThreatLocker into that system.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for nine months.

Regarding the stability and reliability of the platform, I have experienced no downtime, crashes, or performance issues. It works reliably and performs as quickly as expected.

ThreatLocker Zero Trust Endpoint Protection Platform scales effectively with the growing needs of my company, with expanded usage being primarily about the learning mode, which makes it straightforward to roll out.

I have not yet engaged with customer service or technical support. We are currently working with our Solutions Engineer, who is available when we need assistance.

Negative

The factors that led me to consider a change when switching from three different tools to ThreatLocker Zero Trust Endpoint Protection Platform included usability more than anything else. The previous tools were all very manual and intensive, representing basically a full-time job for one person. Now that everything is in ThreatLocker Zero Trust Endpoint Protection Platform, we have that single pane of glass again where we can do all things in the same console, much more granularly, allowing us to apply controls to just specific devices or whitelist Office for the whole business, which is something we had struggled with.

I eliminated those tools because we wanted that single pane of glass, so everything was done in one console with full visibility. We now have an audit in the unified audit that shows what is happening, which we have never previously had.

I would say ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs or tasks because long-term it will provide savings once we are fully up and running. It should help reduce our team's overhead of approving applications, allowing us to delegate it to other departments or automate the process.

My experience with the pricing, setup cost, and licensing is that it is expensive, but it is what you would expect because it is a comprehensive platform. Obviously, there is some savings there, but overall, the cost has increased, although there are some optimization savings that the business will probably realize long-term that will help offset the investment.

I did not consider any other tools or solutions before choosing ThreatLocker Zero Trust Endpoint Protection Platform. The previous tools we used were ones we switched to initially and then decided we did not prefer, so we were switching again. ThreatLocker Zero Trust Endpoint Protection Platform does everything we need it to do, making it an easy choice.

I believe the long-term impact that Ringfencing has on controlling the behavior of approved applications will be beneficial for us because currently, everything is very open. We can start limiting applications so that they can only communicate with the services they need to access, rather than having the ability to reach everywhere and do whatever it wants. Currently, this represents a significant attack surface for us.

I have not used the Storage Control feature much. I have not used the Ringfencing feature of ThreatLocker Zero Trust Endpoint Protection Platform, but we have seen it somewhat. I have not really engaged with the Network Control feature yet, but it is more of a phase two for us, focusing on Application, Elevation, and the other features as a first step.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform overall as a nine out of ten because I do not give anything a perfect ten, which effectively means it is a ten. My advice to other companies considering it is to proceed with a proof of concept. The POC took less than an hour to complete, we had it running at the site, and the site did not even notice the implementation. It is not difficult to enable, and I recommend seeing what happens and discovering what it can do for your organization. I would rate this solution nine out of ten overall.