ThreatLocker Zero Trust Platform Reviews

In addition to protecting my own equipment and my own reputation, I use ThreatLocker Zero Trust Endpoint Protection Platform with clients. I have some clients that have really high-risk client data that they store on their machines. One client is a fractional data analysis company that does data analytics for probably 15 or 20 different companies, so they have a lot of sensitive data on their machines, and they want that well protected. They do not want their machines to ever be compromised. I am also using ThreatLocker Zero Trust Endpoint Protection Platform in conjunction with another group where we are developing and deploying our own VDI product, so it is protecting the VDI product as well.

The most valuable feature of ThreatLocker Zero Trust Endpoint Protection Platform is application control, and network control because network control is a key component to how we are protecting the environment in the VDI space. We have one layer of protection at the gateway level, but I prefer a belt and suspenders approach. If your belt fails, the suspenders hold your pants up. I rely on network control even more than the primary control, partially because somebody else is doing the primary control, and I do not trust them. However, I trust what ThreatLocker Zero Trust Endpoint Protection Platform can give me at the network control level.

By using ThreatLocker Zero Trust Endpoint Protection Platform, my company might be able to eliminate or consolidate some security tools or solutions. After hearing the latest announcement, I think I could be eliminating some tools and solutions. There are two SaaS platforms that I use to support the Microsoft 365 environment that are probably gone, as well as the gateway solution to the VDI platform. The capabilities from the new feature probably just obsoleted that platform.

ThreatLocker Zero Trust Endpoint Protection Platform can be improved by what was just announced. That means giving me the ability to essentially implement my own Zero Trust network environment, much like going to someone like Zscaler, but without the hassle of Zscaler. I love the simplicity of the implementation approach that was outlined and the concept of how it works.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for seven months.

Regarding its scalability and reliability, I have never had an issue with performance. ThreatLocker Zero Trust Endpoint Protection Platform did have a brief outage once, but from the standpoint of accessibility and performance, I have never had any issues, and their architecture seems to cover that well.

I assess the customer service and technical support as outstanding.

My experience with the pricing, setup cost, and licensing is remarkable. I have no complaints about that; it is very much appropriate, and the pay-as-you-go model that I am operating under as a reseller works well for my size of business.

In terms of the Allowlisting feature, I am fairly new to this and have just gone through certifications. My impression of the Allowlisting feature in managing which software, scripts, and libraries run is that I use it extensively, and it is really impressive because it has the flexibility I need. There is a developer that works with the client that I mentioned that has the high-risk data, and it has been a little challenging, but he and I have been able to work together to develop a strategy where he can deploy the Python scripts that he needs to in a relatively safe fashion without disrupting his work too much. It has the control I need for most people in their organization; I think I have only done three different approvals in the last four months except for this developer. We have developed a framework where I am not disrupting his life either because he is a high-value employee for this company, and I need to protect the data while letting him do the work he needs to do, so it gives me the flexibility to accomplish that.

I have used the Ringfencing feature. Assessing the impact of the Ringfencing feature on controlling the behavior of approved applications, the fact that I can restrict someone from using Dropbox, for instance, and prevent them from accessing other data related to OneDrive on a machine is actually substantial. I can do a good job of preventing data exfiltration from machines with that and some storage control features, among other things.

I use the Network Control feature. The Network Control feature impacts my ability to manage network traffic across my endpoints and servers by enabling fine-grain control, particularly with the VDI solution I mentioned. It gives me the ability to control where RDP sessions can originate; I only want to receive them through a gateway called Kasm. It also allows me to establish who can have direct connections to it in a support role. Previously, I had limited choices for how admins could connect to the Kasm service, and I did not like the options available for multi-factor authentication on there, but now I can use Network Control with ThreatLocker Zero Trust Endpoint Protection Platform on the Linux server to enable only machines with ThreatLocker Zero Trust Endpoint Protection Platform installed to connect to it.

I have not used the Elevation feature yet. I have used the Storage Control feature. My thoughts on the Storage Control feature in enforcing policy-driven access over various storage devices are that while I am not deeply mature with using it, the instances in which I have used it, I love the concepts, and I came out of an environment where my last job was data security manager for a large enterprise. I wish I had had it there.

I have used the DAC dashboard. Identifying which security and configuration settings need attention is straightforward. That is because ThreatLocker Zero Trust Endpoint Protection Platform not only gives you the controls that you do not have configured properly but also the solution on how to fix it.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform as a 10, and companies that are considering it need to stop considering and just implement it.

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are Application Whitelisting, Elevation Control, and Storage Control.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I find most valuable are the application control and Elevation Control.

My impression of the solution's allow-listing feature in terms of managing which software, scripts, and libraries run on my devices is positive. We can implement it at a global level or a user device level, and it is straightforward to execute. By placing it in learning mode, the system does most of the work automatically, and we only need to address occasional edge cases as they arise.

The role of Elevation in facilitating just-in-time administrative access for approved applications is critical for us. Our industry software is twenty years old, and everything needs to run as local admin. We obviously cannot do that from a security perspective, so having only this application run as admin is essential for us to keep the devices secure.

By using ThreatLocker Zero Trust Endpoint Protection Platform, my company has been able to eliminate or consolidate three solutions: BeyondTrust, USB Lock, and Active Directory Software Restriction Policy for Application Whitelisting.

The benefits of using ThreatLocker Zero Trust Endpoint Protection Platform for my company include removing previous tools that we did not prefer, replacing them with this solution, and enjoying a significantly better user experience. It should reduce some overhead and save time in processes that are now faster.

To improve ThreatLocker Zero Trust Endpoint Protection Platform, I would prefer grouping done in the console rather than in how you deploy the software, so that we can automate that more effectively. Additionally, more integrations with our specific tools, such as Arctic Wolf, which is our SOC, would be beneficial so that it can feed security logs out of ThreatLocker into that system.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for nine months.

Regarding the stability and reliability of the platform, I have experienced no downtime, crashes, or performance issues. It works reliably and performs as quickly as expected.

ThreatLocker Zero Trust Endpoint Protection Platform scales effectively with the growing needs of my company, with expanded usage being primarily about the learning mode, which makes it straightforward to roll out.

I have not yet engaged with customer service or technical support. We are currently working with our Solutions Engineer, who is available when we need assistance.

Negative

The factors that led me to consider a change when switching from three different tools to ThreatLocker Zero Trust Endpoint Protection Platform included usability more than anything else. The previous tools were all very manual and intensive, representing basically a full-time job for one person. Now that everything is in ThreatLocker Zero Trust Endpoint Protection Platform, we have that single pane of glass again where we can do all things in the same console, much more granularly, allowing us to apply controls to just specific devices or whitelist Office for the whole business, which is something we had struggled with.

I eliminated those tools because we wanted that single pane of glass, so everything was done in one console with full visibility. We now have an audit in the unified audit that shows what is happening, which we have never previously had.

I would say ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs or tasks because long-term it will provide savings once we are fully up and running. It should help reduce our team's overhead of approving applications, allowing us to delegate it to other departments or automate the process.

My experience with the pricing, setup cost, and licensing is that it is expensive, but it is what you would expect because it is a comprehensive platform. Obviously, there is some savings there, but overall, the cost has increased, although there are some optimization savings that the business will probably realize long-term that will help offset the investment.

I did not consider any other tools or solutions before choosing ThreatLocker Zero Trust Endpoint Protection Platform. The previous tools we used were ones we switched to initially and then decided we did not prefer, so we were switching again. ThreatLocker Zero Trust Endpoint Protection Platform does everything we need it to do, making it an easy choice.

I believe the long-term impact that Ringfencing has on controlling the behavior of approved applications will be beneficial for us because currently, everything is very open. We can start limiting applications so that they can only communicate with the services they need to access, rather than having the ability to reach everywhere and do whatever it wants. Currently, this represents a significant attack surface for us.

I have not used the Storage Control feature much. I have not used the Ringfencing feature of ThreatLocker Zero Trust Endpoint Protection Platform, but we have seen it somewhat. I have not really engaged with the Network Control feature yet, but it is more of a phase two for us, focusing on Application, Elevation, and the other features as a first step.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform overall as a nine out of ten because I do not give anything a perfect ten, which effectively means it is a ten. My advice to other companies considering it is to proceed with a proof of concept. The POC took less than an hour to complete, we had it running at the site, and the site did not even notice the implementation. It is not difficult to enable, and I recommend seeing what happens and discovering what it can do for your organization. I would rate this solution nine out of ten overall.

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are to prevent applications from running that we do not want to run and to keep our endpoints safe and secure. We have had a breach in the past and so we are really focused on security now. Luckily, that happened before I started. The primary goal is to prevent applications that are not meant to run.

Examples of how those features benefit my company include that we are a small manufacturing company and our engineers have a tendency to think they should have admin rights and be able to download anything they want. Being able to protect the company from this mindset is handy. Being able to prevent them from installing whatever they think they want is beneficial.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I like the most include being able to get alerts from end users when they want to install something. When they are trying to install something and it gets denied, they can click the request this application button. Then we get alerts and we can review it. The sandbox testing is also really nice.

My impression of the solution's allow listing feature in terms of managing which software, scripts, and libraries run on my devices is that I really like it because you can set those programs and libraries to an elevated mode. When an end user needs to install the software, IT does not have to get involved. It has already been approved and elevated, so they do not need to call us for administrative credentials to install it.

I do not think I would add or change anything at this time. The only thing that comes to mind would be when I am working on an endpoint trying to install software and I need to move it to application learning mode or maintenance mode. I have to go back to my desktop to do that. It would be nice if I could right-click from the system tray and enter my credentials to enter into application learning mode directly there.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for about eight months.

My assessment of the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform is that it has been up 100% of the time and running well.

I would evaluate the customer service and technical support as excellent because I have not had to use them.

Positive

Before adopting ThreatLocker Zero Trust Endpoint Protection Platform, I was not using anything for application control. I have never seen anything similar to ThreatLocker Zero Trust Endpoint Protection Platform in the past.

From one to ten, I would rate the solution overall as a nine out of ten just because the initial setup was a little confusing. Even though we had an MSP do it for us, we were following along, and it was a little confusing.

ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs and expenses. As I mentioned earlier, the elevated prompt and the allow listing mean we do not have to go around to each user to enter credentials to install software. We just tell them where the software package is and they can install it themselves.

My experience with the pricing, the setup cost, and the licensing of ThreatLocker Zero Trust Endpoint Protection Platform has been fantastic.

My company has not been able to eliminate or consolidate any security tools or solutions. ThreatLocker Zero Trust Endpoint Protection Platform is actually a result of that process. When we moved to an MSP, they consolidated a bunch of our software and tools, and ThreatLocker Zero Trust Endpoint Protection Platform was one of the add-ons, which was nice.

I do not use the Network Control feature, to my knowledge. I do use the Elevation Control feature. My assessment of its role in facilitating just-in-time administrative access for approved applications is that I think it is great. As I said earlier, you do not have to be bothered by the end user to come install a program that is on the allow list. It is elevated, so it allows the end user to install it without IT getting involved, and that saves us time, which is valuable. I do not think we use the Storage Control feature. I do not remember the setup process for that. I think we do use the DAC dashboard, and I think that would be part of the pending approvals section in that dashboard where users ask for approval for software, and we have to go and approve it, use the sandbox and all of that, and either approve or deny it. The ease of identifying which security and configurations settings need fixing using the DAC dashboard is something we have not gotten into because our MSP set it all up and handled all of that for us, which was nice. I have not used the Web Control feature.

We do use the Ring Fencing feature with ThreatLocker Zero Trust Endpoint Protection Platform, but I am not 100% certain on how we do it or how we use it because I know the MSP helped us set that up, but I know we do use it.

I would rate this review a nine out of ten overall.

Our main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are for all of our MSP clients; we use the total package. Every one of our clients gets ThreatLocker Zero Trust Endpoint Protection Platform. We do not have any opt-out or anything of that nature.

I would say I value Application Control the most about ThreatLocker Zero Trust Endpoint Protection Platform.

We operate from a default deny on our firewalls, so why wouldn't we do the same thing within our actual applications? Plus we have Shadow IT we have to worry about and of course, threat actors.

It benefits us by allowing me to sleep at night and having a true inventory of the applications that are in place. I think a lot of other security products overlook that inventory of applications to find out what is actually running in an environment and then being able to control who runs those applications.

By using ThreatLocker Zero Trust Endpoint Protection Platform, we have been able to eliminate some security tools; we did have SentinelOne, and while it is a good product, it was not doing anything because ThreatLocker Zero Trust Endpoint Protection Platform was preemptively taking action.

ThreatLocker Zero Trust Endpoint Protection Platform could be improved by addressing the human identity piece, whether through ThreatLocker Zero Trust Endpoint Protection Platform or another tool. Currently, ThreatLocker Zero Trust Endpoint Protection Platform does not have the human identity, and I would love to see them release something similar to that. Think MGM; everybody knows that a call center password reset was social engineered. A simple end-user verification would have stopped that whole attack, and I would like to see ThreatLocker Zero Trust Endpoint Protection Platform develop something of that nature.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform since 2021, which is five years.

I would assess the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform as being on par or exceeding most uptime; we have not experienced any downtime, crashes, or performance issues.

ThreatLocker Zero Trust Endpoint Protection Platform scales well with the growing needs of my company; I would say we have had 300% growth since the implementation of ThreatLocker Zero Trust Endpoint Protection Platform, and it scaled with no problem. It has actually gotten easier because we are becoming more proficient in the tool.

I evaluate the customer service and technical support as being second to none.

Positive

We were using SentinelOne.

The factors that led me to consider a change from SentinelOne included the performance; SentinelOne was a good tool, but we just did not see it performing any duties because ThreatLocker Zero Trust Endpoint Protection Platform was on the proactive side, and SentinelOne was not taking any actions.

ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs by allowing us to remove some tools that had overlaps, which obviously leads to overall savings; I cannot tell you the exact amount though.

My experience with the pricing, the setup cost, and the licensing of ThreatLocker Zero Trust Endpoint Protection Platform is that we have very good pricing. I think if you take the sum of the tools, they are very competitive, if not more affordable than most solutions out there.

Before choosing ThreatLocker Zero Trust Endpoint Protection Platform, we actually shopped around; there was no other solution out there that did what ThreatLocker Zero Trust Endpoint Protection Platform did. It was an obvious choice. We did pair that with SentinelOne initially, but then when ThreatLocker Zero Trust Endpoint Protection Platform became a full EDR/MDR solution, which honestly was performing those functions before they even branded it that way, we were able to let go of SentinelOne.

The impact of the Ringfencing feature on controlling the behavior of approved applications is significant. You can take something that is not malicious, such as 7-Zip, which is used by a lot of users, but because it is maintained by Russia, you would not want to allow that call-out over the internet calling back home; you can Ringfence that internet connection entirely. Other tools of that nature can be used for encryption, and we do not want a non-malicious tool used for malicious purposes. Another good example is PowerShell; since PowerShell is built into every Windows computer, you have to let PowerShell do its job but nothing else.

The Network Control feature makes it much easier to manage network traffic across endpoints and servers because you do it without running VLANs and in some cases, rewiring a building. You can actually segment that network based on use need and the risk of that particular vertical.

My assessment of the Elevation Control feature in ThreatLocker Zero Trust Endpoint Protection Platform is that just-in-time elevation allows us to give the applications or the user that limited administrative privilege without posing a long-term threat.

My thoughts on the Storage Control feature when enforcing policy-driven access over various storage devices are that we can actually enforce control that HIPAA mandates with basically two policies. A lot of the HIPAA environments we walk into say they are doing it, but they are not. We can set that with two policies within Storage Control. We can also use Storage Control to do some data loss prevention, mandate encryption on removable storage, and we can even get a little bit more granular and alert based on activity around the particular storage area.

Identifying which security and configuration settings need fixing using the DAC dashboard is made much easier because we can go at the client's board level and see if there are any improper configurations or adjustments that could make a broader control overall.

The efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites can be very valuable, especially in a newly registered domain. A lot of phishing emails are linked to newly registered domains, so that is going to flag and block that potential phishing attempt or social engineering that leads inevitably to credential harvesting.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform a 10 out of 10. Overall, I rate ThreatLocker Zero Trust Endpoint Protection Platform a 10, and I would advise other companies considering the solution that they should have done it yesterday. Most of my time here is talking to other MSPs about why they are not doing this yet, but it is a phenomenal solution. On the recovery side, we work active recoveries for people that are not our clients, and we have yet to see ThreatLocker Zero Trust Endpoint Protection Platform in place in any of those environments. I think that attests to how strong the solution is.

I would say the leadership at ThreatLocker Zero Trust Endpoint Protection Platform, from the C-suite all the way down to the Tier 1 cyber hero, is remarkable; they create a sense of family and partnership that really resonates with using ThreatLocker Zero Trust Endpoint Protection Platform.

I use ThreatLocker Zero Trust Endpoint Protection Platform for application control, network control, storage, ringfencing, policy, deployments, and cloud security.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I appreciate the most are Application Control and ThreatLocker Detect. Application Control locks things down and isolates the machines very well. For ThreatLocker Detect, if a user gets compromised and their email is exposed through a login from overseas in Europe, that would have gotten blocked by default, and then we would be alerted. That is why I value that feature significantly.

These features benefit our company primarily because of our scale. We do not have as many technicians under an MSP compared to how many clients we have. We handle well over 1,500 users at any given time.

ThreatLocker Zero Trust Endpoint Protection Platform can be improved by exploring ways of ensuring it is deployed deeper in the device rather than through an extension on the browser and finding ways to integrate all browsers.

My company has been using ThreatLocker Zero Trust Endpoint Protection Platform for quite a long time, since ThreatLocker was just in application mode. I have been using it since working at our company.

I assess the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform as very good. With the agents, there have been a couple of versions that have had some minor issues with blue screens that have been fixed. Every so often, the portal might go down, but it is down for a very small amount of time. Otherwise, it has been a very smooth and seamless experience with probably 99.5% uptime.

ThreatLocker Zero Trust Endpoint Protection Platform scales well with the growing needs of our company. Last year, from 24 to 25, we scaled over 1,000 endpoints through a ramp process, and the process was smooth. We were able to audit devices, ensure devices were not being billed that were inactive, and identify new devices that we were missing. It was very seamless and on ThreatLocker's side, the billing, accountability, and device tracking was easy to do.

Regarding customer service and technical support, I would evaluate ThreatLocker's side as very efficient and fast. They are able to get an answer through their ticketing system, their call center, or their help desk. I would say they are efficient and they know how to resolve problems usually.

Positive

Prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform, we used Sophos as an antivirus and we used Huntress as the EDR solution. ThreatLocker replaced both of those items.

We replaced Huntress because it does endpoint detection and will identify if there is any ransomware or risk on a device. ThreatLocker does the exact same thing with ThreatLocker Detect. We found that we did not need to pay for two of the same products when we could have an all-in-one solution using ThreatLocker.

We replaced Sophos because it is just an antivirus, similar to Windows Defender, McAfee, and other applications. We noticed that because ThreatLocker integrates with Windows Defender or Windows Security, Sophos was too high of a cost for us, whereas ThreatLocker offered some of what Sophos does offer at a much more affordable option.

I would say ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs or expenses. I am more on the technical side of things, so I cannot really speak to operational costs, but with the MDR team at ThreatLocker, it does help us prevent having to have a 24/7 technician because the MDR team handles that for us.

My experience with the pricing, setup costs, and licensing of ThreatLocker Zero Trust Endpoint Protection Platform is that we are a very legacy customer, so pricing is extremely cheap and affordable. Setup has been very seamless. We can make an organization instantly and set up as many devices as we need. It has very easy scalability.

I have used the Ringfencing feature with ThreatLocker, and I would say the behavior it can control is very broad and restrictive because it blocks internet access and can block PowerShell and command prompts. It does a very good job if you want to isolate a program from accessing anything else. It is helpful.

The Network Control feature of ThreatLocker Zero Trust Endpoint Protection Platform impacts my ability to manage network traffic across my endpoints and servers in a way that is not frequently utilized because we use isolated networks and firewalls already. We have not had the need to use Network Control apart from disabling the ability for RDP.

I use the Elevation Control feature in ThreatLocker with specific privileges. Elevation Control is very good when it comes to letting a standard user launch something as an admin for a temporary period of time, provided we allow it. My assessment of the Elevation Control feature's role in facilitating just-in-time administrative access for approved applications is that it works well provided we have the staff available to take that request. Because it does restrict users from being able to access their work if they need to launch something with administrative privileges, it could use some more automation.

My thoughts on the Storage Control feature when it comes to enforcing policy-driven access over various storage devices are definitely excellent with restricting USB access or remote hard drive access. Being able to monitor and ensure with Storage Control that data exfiltration is prevented has been a very useful feature.

The DAC dashboard is something that seems still relatively new and not too purposeful for what we currently do as an MSP in terms of identifying which security and configuration settings need fixing.

I assess the efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites as very effective. Those work very well. However, it does not work in Firefox. It only works in Chrome and Edge. It also needs to be able to throw an extension onto a browser, so it is not a surefire way of blocking websites.

My impression of ThreatLocker Zero Trust Endpoint Protection Platform's Allowlisting feature in terms of managing which software, scripts, and libraries run on our devices is very good. ThreatLocker has many built-in policies or default denies that help us with scalability for devices, and being able to isolate them per device and per organization is very helpful simply because we work with many different clientele in accounting, medical, construction, and other industries. It is very helpful when it comes to isolating and grouping organizations with application control.

My advice for other companies that are considering ThreatLocker Zero Trust Endpoint Protection Platform is to try it out and demo it. It is really easy to install and very difficult to remove, so you should make sure you know how to remove it before demoing the product. I would rate ThreatLocker Zero Trust Endpoint Protection Platform a nine on a scale of one to ten.

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform include application elevation. We started using the web portion where you can control ports and filtering. Elevation and application elevation for local administration rights are primarily what we focus on, taking away local admin access.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I like the most include the elevation, which has been huge. We just got the web portal, so I'm starting to like that a lot and I plan to explore it more.

The application elevation feature of ThreatLocker Zero Trust Endpoint Protection Platform benefits my company by reducing help desk tickets and users needing to install software when we can mass enable an installation or mass approve an EXE. I can publish applications and then people can self-install them if they've been added to our repository.

To improve ThreatLocker Zero Trust Endpoint Protection Platform, I think the team is already working on it. One of the things was the ease of application allowlisting. They actually covered this on day one with the approval process, but you get multiple approvals. I think it would be better to have clearer descriptions on what each of the installation modes are.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for two years.

I assess the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform as excellent since I have had no issues at all. It has been very reliable.

ThreatLocker Zero Trust Endpoint Protection Platform scales well to the growing needs of my company as we have expanded a couple of modules. We just added a new one and it was very easy to turn up. We still have some backend development and setting adjustments, but it has been very easy to scale, add and reduce computers.

The customer service and technical support of ThreatLocker Zero Trust Endpoint Protection Platform have been excellent. The Cyber Heroes are phenomenal and are right there with you. They get involved and help you. It has been really easy to access support and they are great people.

Positive

Prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform, we were not using another solution to address similar needs.

ThreatLocker Zero Trust Endpoint Protection Platform has reduced some of the operational costs in my company in terms of time spent on tickets, but nothing major.

My experience with the pricing, setup costs, and licensing of ThreatLocker Zero Trust Endpoint Protection Platform is that it has been very reasonable and very easy to set up. Licensing is through our MSP, so it is not something I deal with directly, but it was very easy to acquire and implement into our industry.

Before choosing ThreatLocker Zero Trust Endpoint Protection Platform, I did consider CyberQP.

In the evaluation process, both positive and negative aspects stood out to me when comparing ThreatLocker Zero Trust Endpoint Protection Platform and CyberQP. Both are excellent programs. CyberQP is a little easier for the elevation piece, but there are far fewer controls and it has a much smaller platform footprint in terms of the security side. Each has their own niche and then they have a little overlap. I was more focused on the elevation portion as our primary problem.

My impression of the allowlisting feature in ThreatLocker Zero Trust Endpoint Protection Platform for managing which software, scripts, and libraries run on my devices is that it is awesome. I think the allowlisting feature in ThreatLocker Zero Trust Endpoint Protection Platform is very intuitive and extremely well done. It is easy to allow and deny certain things and it is a great tool.

I have used the Ringfencing feature in ThreatLocker Zero Trust Endpoint Protection Platform. Ringfencing has opened our eyes to many things and how when you elevate something, it also gets extra access. It has helped us focus and keep things in the wheelhouse that they are supposed to be and helped us eliminate a threat vector that we did not know about or that we knew about but could not control.

I have not used the network control feature in ThreatLocker Zero Trust Endpoint Protection Platform yet. I am not using the storage control feature in ThreatLocker Zero Trust Endpoint Protection Platform. I have not used the DAC Dashboard in ThreatLocker Zero Trust Endpoint Protection Platform.

I do not have extensive insight on the efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites because it is very new to us. I had just demoed it before attending this event and started playing with it here, so I do not have a huge insight into that yet.

My assessment of ThreatLocker Zero Trust Endpoint Protection Platform's role in facilitating Just-In-Time administrative access for approved applications is that it has made life very easy for Just-In-Time accounts and Just-In-Time elevations. It has reduced our local admin footprint and the entry of credentials on end user machines. It has increased our overall security stature and reduced our footprint.

On a scale of one to ten, I would rate ThreatLocker Zero Trust Endpoint Protection Platform an eight or nine. It would be an easy ten, but you really need to have people who know how to use the application. My advice is to really take the time and learn it. It is really easy to put on, really easy to deploy, and really easy to deploy wrong. If you take the time and do it correctly, it is a phenomenal product.

The main use cases for ThreatLocker Zero Trust Endpoint Protection Platform at my company are the Auto-Elevate platform and Application Control. Those were two big priorities for us. We needed something to replace our Just-In-Time admin access. We wanted to find something smoother than having to accept every time someone needed to elevate.

By using ThreatLocker Zero Trust Endpoint Protection Platform, we are considering whether we can eliminate or consolidate any security tools or solutions. We are still wanting to explore everything it can do versus something like a good EDR platform, but we are very interested in what we have seen from ThreatLocker's endpoint protection as well as their Cyber Hero and MDR platform.

ThreatLocker Zero Trust Endpoint Protection Platform has helped our company save on operational costs and expenses. So far, we are still fairly early into using it, but we can already tell from the time that we are starting to save that we are going to get a lot back out of it.

I am a big fan of the Application Control and Ringfencing features of ThreatLocker Zero Trust Endpoint Protection Platform, as well as the elevation capabilities and how fairly easy it is to make a policy based on those elevation requests and all of the built-in protections that they have.

A lot of the value comes from time and speed. Once you make the policy, you are set. You do not have to keep going back to it over and over again. We can definitely see a breakpoint where once we have these policies in place, we will not need to keep going into ThreatLocker Zero Trust Endpoint Protection Platform on a day-to-day basis and monitoring these elements. Once we have all of that in place, it is going to be a huge time-saver for us.

The allow-listing feature of ThreatLocker Zero Trust Endpoint Protection Platform has a steep learning curve at first, but once you understand it, it is very smooth. We are looking forward to reaching that break-even point. It does seem that it is going to be very low hassle and low time management once we have all of those application controls in place.

The Ringfencing feature makes it much more secure. I would assess its impact on controlling the behavior of approved applications very positively. It will help us with things such as auditing down the line, being able to know what PowerShell is actually interacting with and who can and cannot run applications such as PowerShell. We can tell from everything we have seen that it does a great job at ring-fencing everything.

The network control feature impacts my ability to manage network traffic across my endpoints and servers very positively. So far, we have not implemented too much on the network control side, but it is nice having those audit logs and being able to see where people are making those connections. Once we are ready to really go full-in on the network control, we will have a good amount of information and signals in front of us to be able to make those decisions so we can lock that down just as much as the application controls.

The Elevation Control feature is what made us look at ThreatLocker Zero Trust Endpoint Protection Platform to begin with. Our assessment of Elevation Control's role in facilitating Just-In-Time administrative access for approved applications is that we are loving it so far. Our users are loving it. They appreciate the fact that they do not have to continuously ask for elevation on certain programs. Once an elevation is set and once a policy is created for it, they are able to continuously run it as long as we know that it is a good application, which saves us a lot of time and saves them a lot of time too.

I think the storage control feature of ThreatLocker Zero Trust Endpoint Protection Platform is awesome. It is very granular compared to some other solutions that I have seen before. I have used some other vendors in the past for storage control, and a lot of it is just on and off, whereas with ThreatLocker Zero Trust Endpoint Protection Platform, you can build those policies out more comprehensively. It is easier to exclude or allow certain files and programs to run. You can have a specific device be able to talk to a specific host on a specific path, whereas with most others, it seems they can either use a USB or they cannot use a USB. This is great whenever we are dealing with our HR and finance departments that do need to have access to removable storage.

ThreatLocker Zero Trust Endpoint Protection Platform could be improved by being able to consolidate even more with an EDR for deeper scanning as needed. The philosophy for ThreatLocker does not quite seem to head in that direction, but it still would be very beneficial. Additionally, deeper browser control would be beneficial to be able to see DLP mismanagement where people are entering information into an AI platform that we do not want them to be able to enter that information into, or at the very least alert us to that type of activity.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for approximately three months.

My assessment of the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform is very positive. As long as we have had it, we have not had any complaints regarding performance, and we have not seen any downtime accessing the portal or from endpoints.

ThreatLocker Zero Trust Endpoint Protection Platform scales very smoothly with the growing needs of our company. We have expanded usage, and so far, the process has been very smooth with the Application Control learning modes and the baseline scans. It has made it so we can shorten down those learning times where we are not quite as protected as we would prefer to be. At this point, we are able to roll it out to over 300 endpoints very seamlessly.

I would evaluate the customer service and technical support from ThreatLocker as a ten out of ten. They are very good on both sides of that.

Positive

Prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform, we were primarily using ScreenConnect's auto-elevate and Just-In-Time access management for similar needs. One factor that led us to consider a change was the price that we were paying for them for pretty much just that feature was close to what we ended up paying for ThreatLocker Zero Trust Endpoint Protection Platform entirely. So we got a lot more out of ThreatLocker Zero Trust Endpoint Protection Platform. Additionally, the rules that we could build in those platforms just were not as robust as what we can create in ThreatLocker Zero Trust Endpoint Protection Platform, giving us a much more secure platform.

My experience with the pricing, the setup costs, and the licensing for ThreatLocker Zero Trust Endpoint Protection Platform is that they were very flexible with us. They worked with us to give us a good five-year term, starting off at where we needed to be in order to get ThreatLocker Zero Trust Endpoint Protection Platform. Then we were able to slowly adjust over those five years, so we were getting a very good rate upfront and then a solid rate continuing on from there.

We did not shop around too much for other providers before selecting ThreatLocker Zero Trust Endpoint Protection Platform. I was familiar with ThreatLocker from a previous company, so we were very quick to want to join up with ThreatLocker. They were very nice with the pricing and flexible with working with us, so it made the decision straightforward.

It is very easy to identify which security and configuration settings need fixing using the DAC dashboard. It is pretty much one or two clicks. You can see all of the configuration mismanagements that you have, and then it is another one or two clicks to view a solution.

So far, we have not done too much on the real-time threat intelligence and category controls employed by web control in blocking malicious and non-compliant sites, so I cannot speak to that.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform very highly. The biggest advice I would give to other companies considering this solution is to use the ThreatLocker Academy. Make sure you get the university package so you can really learn. There is a lot that you can do with ThreatLocker Zero Trust Endpoint Protection Platform, but there is a lot of misconfigurations you can put in there and accidentally take some people down for a while while you are trying to troubleshoot it. So definitely work with your solutions engineers and read those knowledge base articles. Overall, I would rate this review as a ten out of ten.

My main use cases for it involve blocking what shouldn't be running or blocking software in our company that's not whitelisted, so people can't use what they want. We also get phishing emails, and people like to click on things and run applications, so ThreatLocker Zero Trust Endpoint Protection Platform has stopped that before in the past as well.

The feature of ThreatLocker Zero Trust Endpoint Protection Platform that I like the most is probably the deny access feature. I find the deny access feature easy to use; you can do it with Microsoft, but ThreatLocker Zero Trust Endpoint Protection Platform just makes it easy, allowing me to go right to the application, set it to deny all, and it's done without having to do anything else.

This deny feature benefits my company by stopping the shadow IT aspect of it; we know what's running on the machines, and we don't have people just installing whatever they want to install on their work machine, so we can manage the endpoints better.

By using ThreatLocker Zero Trust Endpoint Protection Platform, we have been able to eliminate or consolidate some security tools or solutions because there was some overlap, and ThreatLocker Zero Trust Endpoint Protection Platform covered it or the other application we used covered it, so we were able to save money.

I assess the impact of ThreatLocker Zero Trust Endpoint Protection Platform on controlling the behavior of legitimate applications as great since we don't have to worry about logging in to help someone update something that needs admin credentials; you can just whitelist it with ThreatLocker Zero Trust Endpoint Protection Platform, and it will do it, except for UPS WorldShip because that's a monster and a terrible application.

I do use the Elevation Control feature. My assessment of its role in facilitating just-in-time administrative access for approved applications is that it does not take our time to do it; it's set, it can go, and we give it to the end user so they can do it. There's no need to remote in and use my credentials; the credentials are used once and they're gone.

My thoughts on the Storage Control feature in enforcing policy-driven access over various storage devices involve blocking people from being able to use USB drives or thumb drives unless they were approved, especially in finance to prevent them from just plugging something in that they found in the parking lot.

My experience with it is that it's super simple to set up; it's all pretty intuitive on how to use it.

It's easy to identify which security and configuration settings need fixing using the DAC dashboard since it shows, and you can look at per machine to see what's been denied in the past, such as three days, five days, and seven days; you can decide if something should or shouldn't be running with just a two-second process to click approve or deny.

I don't know how ThreatLocker Zero Trust Endpoint Protection Platform can be improved, and I'm happy with how it is now, so I can't think of anything off the top of my head.

There are some programs that, when they update, they hit other folders; it would be nice to be able to see where that application is pointing when it wants to update, especially if it's updating in the AppData folder or C Windows folder since it might be the same application already whitelisted, but it changes around.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for about a year and a half.

I have experienced none in terms of stability and reliability, with no downtime, crashes, or performance issues.

ThreatLocker Zero Trust Endpoint Protection Platform scales with the growing needs of my company by just adding the agent on the machine, which goes into learning mode for about 30 days, and it's done.

The customer service and technical support are great when I've needed them; I've never had to call, just get on the live chat, and someone's there within a minute or so who knows their stuff.

Positive

Prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform, I used Defender a little bit, and it's kind of a bear to set up, but ThreatLocker Zero Trust Endpoint Protection Platform was super simple, especially with setting up; we had Adam, our technical rep from ThreatLocker, who walked us through it from the start, and we meet with him quarterly for usually just a five-minute check-in unless I have a question, but other than that, it's been simple, and he's been great.

ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs since we set it and don't have to spend time updating applications ourselves, giving more control to the user to run the applications they want without managing each and every one.

I don't know approximately how much was saved off the top of my head, but I can say we dropped an MSP that was supposed to be helping us and brought more of the security in-house, which was expensive, so we didn't have to pay them to monitor.

I have no idea by how much the operational costs have been saved, but I know we're not cheap and there's definitely a time savings.

My experience with pricing, setup costs, and licensing is that it's super simple and easy; for what it is and what it replaces and can do, it's an easy peace of mind and an easy sell.

We use the Ringfencing feature with ThreatLocker Zero Trust Endpoint Protection Platform on some of the PowerShell scripts just to keep it local.

From 1 to 10, I would rate ThreatLocker Zero Trust Endpoint Protection Platform as a 10; I've been super happy with it, advising other companies to just do it since it's a simple setup, easy to use, intuitive, and worth the money compared to potential losses. I give this review an overall rating of 10.