ThreatLocker Zero Trust Platform Reviews

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are to isolate machines and make it easier to give elevated permissions.

The features I appreciate most about ThreatLocker Zero Trust Endpoint Protection Platform are definitely the elevated permissions, so we don't have to give everybody local admin to install things. We have a lot of people in the field that need to install programs, so it's easier to have ThreatLocker do that than constantly give out local admin permissions.

The elevated permission feature benefits my company by allowing us to have many field technicians who are out and could be in the middle of nowhere. Instead of constantly remoting in to help them with installing programs, we can do the initial setup, get everything approved for elevated permissions, and then whoever else needs it from there doesn't have to call us or anything. They can just install it and be fine.

My impression of the allow-listing feature of ThreatLocker Zero Trust Endpoint Protection Platform in terms of managing which software, scripts, and libraries run on my devices is that it has been great. It has definitely made our job easier. We do a lot of scripting for automation, and instead of having to go through and run those manually, it allows us to elevate the permissions for that specific script and run it from a remote position and then be fine with it.

ThreatLocker Zero Trust Endpoint Protection Platform is working spectacularly from what I am using it for. I don't have too much input on that because I don't use one hundred percent of the program, unfortunately. From the thirty to forty percent I use, it is running great and doing what is needed. I think it is good now.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for three to six months.

I assess the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform as excellent. I have experienced absolutely no downtime, crashes, or performance issues. Everything has been running as intended. We have only had it three to six months, so we might not have hit that point where something might happen. As of right now, there have been no issues at all.

ThreatLocker Zero Trust Endpoint Protection Platform scales extremely well with the growing needs of my company. We did a small test unit of approximately ten PCs once we started the process of paying for it. We wanted to test deployment and see how that was. Deploying it out was no problem. It was surprising to the end users because they now have a box that randomly pops up when they are trying to run things. The learning aspect is great. We did a full week of learning, and that caught probably ninety-nine percent of the applications that we use and have not had too many issues outside of that. Occasionally, I might have to throw a computer back into learning mode so it relearns some of the newer applications. But other than that, it has been fantastic.

I evaluate the customer service and technical support as fantastic. The Cyber Heroes would probably send somebody on-site if it is something that absolutely needs it. The few issues that we have had, we get a response within ten minutes or so from them, sometimes instantly. That has been fantastic.

Positive

I was not using another solution to address similar needs prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform; ThreatLocker is the first one we have had.

My experience with pricing, setup cost, and licensing is that the setup cost was fair. It was definitely a hit to the leadership team, but other than that, it is fair for what it does. There are so many different things inside the application that you can do. I don't know the pricing off the top of my head, but when we set it up, it was very fair for the price. The support has been great with them, and the setup costs were minimal. Pricing-wise, I think it is just good.

ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs or expenses by freeing up a lot of time on the IT side of the team. Instead of remoting in and manually installing things for people, it released that time from our IT support side to get a little more time on their hands instead of constantly babysitting people to put applications on their computers. Cost-wise, it probably saved us some costs in malicious things that came through that could have potentially been bad. Since it stopped it, we did not have to go down the rabbit hole of getting that fixed.

If I had to give a number, I would estimate that ThreatLocker Zero Trust Endpoint Protection Platform saved approximately thirty thousand to forty thousand dollars.

Before selecting ThreatLocker Zero Trust Endpoint Protection Platform, I did consider one other solution. I cannot remember the name, but we have seen ThreatLocker at a few other conventions that we have been to, and they are always the headliner on this specific area. We went with them first, liked the price, and went forward with them.

My company has not been able to eliminate or consolidate any security tools or solutions by using ThreatLocker Zero Trust Endpoint Protection Platform, so it is more of an addition than trying to replace anything else.

I have used the Ringfencing feature of ThreatLocker vaguely, mainly for a few isolated computers, but I have not gone too far into that myself. Our other team member here is the one who mainly does that.

I have not used the Network Control feature of ThreatLocker Zero Trust Endpoint Protection Platform.

I do use the Elevation Control feature of ThreatLocker Zero Trust Endpoint Protection Platform.

My assessment of its role in facilitating just-in-time administrative access for approved applications is that it is great. The email notifications or text notifications if somebody needs elevated permissions are especially helpful. It helps instead of people constantly having to figure out how to get a hold of us. They can request it, and then it lets us allow them to run the program.

I don't use the Storage Control feature of ThreatLocker Zero Trust Endpoint Protection Platform.

I have not used the DAC dashboard.

I assess the efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites as fair. I don't use that one too often, but it does do a fairly good job. There are a few false positives. I would say probably ninety-five percent are legitimate, and the other five percent might be a dead certificate or something along those lines.

I give ThreatLocker Zero Trust Endpoint Protection Platform an overall rating of nine because there is always room for growth and no application is perfect. For other companies, if you have many end users who need things installed or people who are out in the field that need specific applications, it is very beneficial. It saves a lot of time for your team. It is something worth looking into, even if you don't do a full deployment; a scaled deployment to a certain specific audience of your employees would be beneficial.

In terms of use cases, there are quite a few good ones that come to mind. One instance is when people unexpectedly download items, especially in the downloads folder or the documents folder, and try to run them. It is effective at blocking those. We need to vet them to ensure they are legitimate and intended, not just random malicious downloads. 

Another scenario involves items in the Windows folder itself, where sometimes an update might get blocked, requiring us to verify its legitimacy. 

Occasionally, we receive help from Cyber Heroes as well. Those are the three use cases I can think of.

It helps keep track of shadow IT activities. We have more compliance because we know who is doing what. Previously, we did not know who was doing what, especially at the application control level. Some people had some administrative rights that we did not know about. We now have got more into compliance. We have everything in a single pane of glass. Everything has to be approved before it can be run. It helps our company become more secure and more compliant.

We have more consolidated security. We are three to four times more secure than before using the solution. It helps us be more compliant with what we do on a daily basis, even though sometimes it can be confusing, such as a whitelisted app getting blocked. That is probably because of fine-tuning. We will have to fine-tune that policy to make it run more smoothly.

It helped us consolidate security tools. We are now focused on this rather than looking into other tools we had in the past. We just go to ThreatLocker, look at the path, look at the hash, and see whether it is vetted. If yes, we just allow it. We had ManageEngine Application Control, and we thought we did not need that anymore. It was like an add-on. We had Endpoint Central. On top of that, we had Application Control and other things. Now, with ThreatLocker, we do not need them anymore.

I am not the finance person, but I believe it has helped our organization save on operational costs because we got this product with other security products from our managed service provider. They gave us a good rate when we combined multiple solutions together. We purchased Huntress for antivirus and other security tools from them.

I would rate it highly in its ability to block access to unauthorized applications. It works and does its job. It does what it is supposed to do, especially if you train it well. If we fine-tune the policies, it works the best. Some of the policies might be confusing, but it works well.

I am not sure if it has helped reduce help desk tickets. We still get help desk tickets here and there. We are a small company. We do not have a whole lot of applications running in our environment. In a large organization with thousands of employees, it might reduce helpdesk tickets.

We can now shift the gear and focus on other things, such as server logs or security logs, more firewall rules, etc. It saves us at least three hours every day. 

The most valuable feature is its learning capability. Not every application it learns is allowed to run, so my involvement is necessary. Those based on path and certification are particularly important. When an application is on a specific path in our network and has a valid certificate or hash, it assures me that the application is safe to run and offers comfort that it is probably 100% okay to proceed. It locks a threat.

This is my first Zero Trust conference, and so far, it has been good. The only thing I have noticed is that sometimes they encounter technical issues. For example, in one of the demo labs, the laptop trying to connect to the projector was not working, which affected the demonstration of the victim versus attacker laptop scenarios. It would be helpful to fix these issues. 

Additionally, when people come to the hacking lab, presenters should ensure their fonts are larger. With 500 to 600 people in the room, it is difficult to see everything clearly, especially when there are only two projectors. Improving the sound quality and similar aspects would be beneficial.

It has been over three years now since we have been using it. We got it through our MSP. They have given us access as admins, though not with full control, to allow the whitelisting of some applications and paths if needed.

It is pretty stable. It is doing its job well. The algorithms and coding, developed by smart individuals, ensure the app performs its tasks effectively.

It is quite scalable. From what I understand and have learned, we can manage as many environments as we want. It remains scalable and manageable from one portal.

Customer service is pretty good. I would rate it highly. Their response is almost instantaneous when issues arise. I just communicate my concern, and within minutes, I get a response. 

Positive

We previously used ManageEngine Application Control, but we eliminated it. It was doing a similar thing, but it was a little bit different.

By switching, we were getting a better discount, and the consultants or the advisor also said that this solution is better based on the previous experience with the solution. 

We have a cloud version when it comes to the portal. The agents are installed on every machine and server. For the most part, we use the Azure cloud. We also have AWS. 

The initial setup was pretty easy since we received assistance from a third party. Everything is deployed via GPO, so once a computer joins, it installs by itself. However, we have limited access to the portal as of now, and I hope this will change.

From a technical perspective, it does its job by saving our team time and reducing confusion. It saves effort working on people who engage in shadow IT by preventing unauthorized applications from running on their computers. The installation of the ThreatLocker agent has ceased such activities. With only three IT personnel, it has proved efficient, assisting us in managing and streamlining our workload.

I do not know about the licensing and price as it comes bundled from our MSP. However, it seems fairly reasonable for us, which is why we chose it.

We did not evaluate other solutions.

It is not easy to use. I am still learning. I highly recommend finishing the Cyber Hero course to understand the solution, the way it works, and the secret behind each tool. This course is available in ThreatLocker University. It has a lot of modules that you can go through. Once you can master those, you will have a good idea of what is going on. After that, it is easy to implement.

I would rate it a nine out of ten. At the Zero Trust conference, eliminating some technical difficulties in future iterations could raise this to ten. Overall, everything is excellent, and everything is well-prepared, from the laptops provided to the overall setup. These minor issues could happen anywhere, not just here. If resolved, it would be a perfect ten. It is not a huge issue.

In addition to protecting my own equipment and my own reputation, I use ThreatLocker Zero Trust Endpoint Protection Platform with clients. I have some clients that have really high-risk client data that they store on their machines. One client is a fractional data analysis company that does data analytics for probably 15 or 20 different companies, so they have a lot of sensitive data on their machines, and they want that well protected. They do not want their machines to ever be compromised. I am also using ThreatLocker Zero Trust Endpoint Protection Platform in conjunction with another group where we are developing and deploying our own VDI product, so it is protecting the VDI product as well.

The most valuable feature of ThreatLocker Zero Trust Endpoint Protection Platform is application control, and network control because network control is a key component to how we are protecting the environment in the VDI space. We have one layer of protection at the gateway level, but I prefer a belt and suspenders approach. If your belt fails, the suspenders hold your pants up. I rely on network control even more than the primary control, partially because somebody else is doing the primary control, and I do not trust them. However, I trust what ThreatLocker Zero Trust Endpoint Protection Platform can give me at the network control level.

By using ThreatLocker Zero Trust Endpoint Protection Platform, my company might be able to eliminate or consolidate some security tools or solutions. After hearing the latest announcement, I think I could be eliminating some tools and solutions. There are two SaaS platforms that I use to support the Microsoft 365 environment that are probably gone, as well as the gateway solution to the VDI platform. The capabilities from the new feature probably just obsoleted that platform.

ThreatLocker Zero Trust Endpoint Protection Platform can be improved by what was just announced. That means giving me the ability to essentially implement my own Zero Trust network environment, much like going to someone like Zscaler, but without the hassle of Zscaler. I love the simplicity of the implementation approach that was outlined and the concept of how it works.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for seven months.

Regarding its scalability and reliability, I have never had an issue with performance. ThreatLocker Zero Trust Endpoint Protection Platform did have a brief outage once, but from the standpoint of accessibility and performance, I have never had any issues, and their architecture seems to cover that well.

I assess the customer service and technical support as outstanding.

Positive

My experience with the pricing, setup cost, and licensing is remarkable. I have no complaints about that; it is very much appropriate, and the pay-as-you-go model that I am operating under as a reseller works well for my size of business.

In terms of the Allowlisting feature, I am fairly new to this and have just gone through certifications. My impression of the Allowlisting feature in managing which software, scripts, and libraries run is that I use it extensively, and it is really impressive because it has the flexibility I need. There is a developer that works with the client that I mentioned that has the high-risk data, and it has been a little challenging, but he and I have been able to work together to develop a strategy where he can deploy the Python scripts that he needs to in a relatively safe fashion without disrupting his work too much. It has the control I need for most people in their organization; I think I have only done three different approvals in the last four months except for this developer. We have developed a framework where I am not disrupting his life either because he is a high-value employee for this company, and I need to protect the data while letting him do the work he needs to do, so it gives me the flexibility to accomplish that.

I have used the Ringfencing feature. Assessing the impact of the Ringfencing feature on controlling the behavior of approved applications, the fact that I can restrict someone from using Dropbox, for instance, and prevent them from accessing other data related to OneDrive on a machine is actually substantial. I can do a good job of preventing data exfiltration from machines with that and some storage control features, among other things.

I use the Network Control feature. The Network Control feature impacts my ability to manage network traffic across my endpoints and servers by enabling fine-grain control, particularly with the VDI solution I mentioned. It gives me the ability to control where RDP sessions can originate; I only want to receive them through a gateway called Kasm. It also allows me to establish who can have direct connections to it in a support role. Previously, I had limited choices for how admins could connect to the Kasm service, and I did not like the options available for multi-factor authentication on there, but now I can use Network Control with ThreatLocker Zero Trust Endpoint Protection Platform on the Linux server to enable only machines with ThreatLocker Zero Trust Endpoint Protection Platform installed to connect to it.

I have not used the Elevation feature yet. I have used the Storage Control feature. My thoughts on the Storage Control feature in enforcing policy-driven access over various storage devices are that while I am not deeply mature with using it, the instances in which I have used it, I love the concepts, and I came out of an environment where my last job was data security manager for a large enterprise. I wish I had had it there.

I have used the DAC dashboard. Identifying which security and configuration settings need attention is straightforward. That is because ThreatLocker Zero Trust Endpoint Protection Platform not only gives you the controls that you do not have configured properly but also the solution on how to fix it.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform as a 10, and companies that are considering it need to stop considering and just implement it.

I deploy it on every endpoint that I can, primarily focusing on application control, ring-fencing, and elevation control.

The ring-fencing and elevation control are the most valuable features for my use cases. The benefits, specifically regarding elevation control, allow me to enable an end user to complete tasks independently. They can install the software by requesting access, saving time and empowering them while maintaining necessary controls.

It's very easy to use, implement, and deploy. The caveat is that you do need to dedicate resources and effort that are focused on the product, and you need to truly understand it. You can't just deploy it and forget about it. 

The tickets that we get are more actionable. When ThreatLocker blocks something or when there is an elevation request, we can do more with the request. We are more actionable. The requests come with more data and information about what's going on so that we can react. If it's a proactive request like installing software, we can provide access to the person without having to manually do it ourselves.

ThreatLocker helps with cost saving. It's not an operational cost. It saves on reactive and recovery costs by preventing it in the first place.

ThreatLocker Zero Trust Endpoint Protection Platform has helped us protect our environments and have more meaningful requests for access as well as meaningful logging for response.

I don't see ThreatLocker as a time-saving platform. The caveat is specifically with things like control. It allows us to save time on the elevation controls allows or helps us to save time when it comes to monitoring and getting on a user's computer and watching them install something or going through the steps with them when they are capable on their own. We can empower them to have that access as needed in a controlled way. That saves our time by giving them the access rather than having to go do the action for them.

For the space that it's in, it's already there. I don't know of another product that compares to its level. Even recently, with the addition of the detect module is a very nice add-on to the packet we already have. We have all that auditing, logging, and visibility for which we don't need to go to an endpoint. 

Adding more direct integrations with cloud platforms and services would greatly improve it. When managing file control or storage control, having the capability to manage more granular access within platforms such as SharePoint or OneDrive would be beneficial. Controlling the cloud environment, not just endpoints, is crucial.

I have been using it for about two months. Previously, in a different company, I used it for one or two years.

I have not encountered any issues with the stability of the platform. I have not experienced any failure, degraded service, or functionality. It has been very stable, reliable, and accessible.

Scalability is challenging, not due to the platform. Scaling ThreatLocker Zero Trust Endpoint Protection Platform usage requires dedicated resources for maintenance. Improper management can complicate scalability, though the platform retains its functionality and performance. It is well-structured to handle scaling.

The support and service from the team for ThreatLocker Zero Trust Endpoint Protection Platform are excellent. Their cyber hero team is very responsive and knowledgeable, and all the engineers and team members I worked with have been great.

Neutral

I did not use other solutions for application and network control. I have used other solutions for tasks like firewall management, policy management, and maybe even data loss prevention. ThreatLocker Zero Trust Endpoint Protection Platform fills those gaps. I moved control of those functions to this platform.

Deploying the ThreatLocker Zero Trust Endpoint Protection Platform offers several methods to deploy the software. It is well integrated, with excellent instructions for specific use cases, and the guidelines and guides are very clear.

I haven’t, thankfully, encountered a situation where significant cost or response was prevented, and hopefully never will. I know what it does for my endpoints daily. Honestly, the return on investment is the peace of mind that it provides.

Pricing, setup costs, and licensing have been pretty accessible and manageable. It was not too expensive to get started, especially at a small scale for a smaller MSP. It is very accessible, easy to enter into, and scalable. As the product scales out, my ROI can also increase. ThreatLocker teams have worked with me to make it fit.

I didn’t switch to ThreatLocker Zero Trust Endpoint Protection Platform for this specific function. However, for functions I adopted from it, outside of application whitelisting, I evaluated it against other products and chose to use ThreatLocker Zero Trust Endpoint Protection Platform for those purposes.

My tasks and job function within the company focus on cybersecurity, managed IT services, and overall platform support for customers. The ThreatLocker Zero Trust Endpoint Protection Platform has helped me control client environments and prevent unauthorized applications and access. It does not cut costs but saves on reactive and recovery costs by preventing issues initially. It has not reduced help desk tickets significantly, but it has helped protect environments and foster more meaningful requests for access and comprehensive logging for response. Elevation control allows me to save time by granting users controlled access as needed. The overall product rating is ten out of ten.

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are Application Whitelisting, Elevation Control, and Storage Control.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I find most valuable are the application control and Elevation Control.

My impression of the solution's allow-listing feature in terms of managing which software, scripts, and libraries run on my devices is positive. We can implement it at a global level or a user device level, and it is straightforward to execute. By placing it in learning mode, the system does most of the work automatically, and we only need to address occasional edge cases as they arise.

The role of Elevation in facilitating just-in-time administrative access for approved applications is critical for us. Our industry software is twenty years old, and everything needs to run as local admin. We obviously cannot do that from a security perspective, so having only this application run as admin is essential for us to keep the devices secure.

By using ThreatLocker Zero Trust Endpoint Protection Platform, my company has been able to eliminate or consolidate three solutions: BeyondTrust, USB Lock, and Active Directory Software Restriction Policy for Application Whitelisting.

The benefits of using ThreatLocker Zero Trust Endpoint Protection Platform for my company include removing previous tools that we did not prefer, replacing them with this solution, and enjoying a significantly better user experience. It should reduce some overhead and save time in processes that are now faster.

To improve ThreatLocker Zero Trust Endpoint Protection Platform, I would prefer grouping done in the console rather than in how you deploy the software, so that we can automate that more effectively. Additionally, more integrations with our specific tools, such as Arctic Wolf, which is our SOC, would be beneficial so that it can feed security logs out of ThreatLocker into that system.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for nine months.

Regarding the stability and reliability of the platform, I have experienced no downtime, crashes, or performance issues. It works reliably and performs as quickly as expected.

ThreatLocker Zero Trust Endpoint Protection Platform scales effectively with the growing needs of my company, with expanded usage being primarily about the learning mode, which makes it straightforward to roll out.

I have not yet engaged with customer service or technical support. We are currently working with our Solutions Engineer, who is available when we need assistance.

Negative

The factors that led me to consider a change when switching from three different tools to ThreatLocker Zero Trust Endpoint Protection Platform included usability more than anything else. The previous tools were all very manual and intensive, representing basically a full-time job for one person. Now that everything is in ThreatLocker Zero Trust Endpoint Protection Platform, we have that single pane of glass again where we can do all things in the same console, much more granularly, allowing us to apply controls to just specific devices or whitelist Office for the whole business, which is something we had struggled with.

I eliminated those tools because we wanted that single pane of glass, so everything was done in one console with full visibility. We now have an audit in the unified audit that shows what is happening, which we have never previously had.

I would say ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs or tasks because long-term it will provide savings once we are fully up and running. It should help reduce our team's overhead of approving applications, allowing us to delegate it to other departments or automate the process.

My experience with the pricing, setup cost, and licensing is that it is expensive, but it is what you would expect because it is a comprehensive platform. Obviously, there is some savings there, but overall, the cost has increased, although there are some optimization savings that the business will probably realize long-term that will help offset the investment.

I did not consider any other tools or solutions before choosing ThreatLocker Zero Trust Endpoint Protection Platform. The previous tools we used were ones we switched to initially and then decided we did not prefer, so we were switching again. ThreatLocker Zero Trust Endpoint Protection Platform does everything we need it to do, making it an easy choice.

I believe the long-term impact that Ringfencing has on controlling the behavior of approved applications will be beneficial for us because currently, everything is very open. We can start limiting applications so that they can only communicate with the services they need to access, rather than having the ability to reach everywhere and do whatever it wants. Currently, this represents a significant attack surface for us.

I have not used the Storage Control feature much. I have not used the Ringfencing feature of ThreatLocker Zero Trust Endpoint Protection Platform, but we have seen it somewhat. I have not really engaged with the Network Control feature yet, but it is more of a phase two for us, focusing on Application, Elevation, and the other features as a first step.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform overall as a nine out of ten because I do not give anything a perfect ten, which effectively means it is a ten. My advice to other companies considering it is to proceed with a proof of concept. The POC took less than an hour to complete, we had it running at the site, and the site did not even notice the implementation. It is not difficult to enable, and I recommend seeing what happens and discovering what it can do for your organization. I would rate this solution nine out of ten overall.

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are to prevent applications from running that we do not want to run and to keep our endpoints safe and secure. We have had a breach in the past and so we are really focused on security now. Luckily, that happened before I started. The primary goal is to prevent applications that are not meant to run.

Examples of how those features benefit my company include that we are a small manufacturing company and our engineers have a tendency to think they should have admin rights and be able to download anything they want. Being able to protect the company from this mindset is handy. Being able to prevent them from installing whatever they think they want is beneficial.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I like the most include being able to get alerts from end users when they want to install something. When they are trying to install something and it gets denied, they can click the request this application button. Then we get alerts and we can review it. The sandbox testing is also really nice.

My impression of the solution's allow listing feature in terms of managing which software, scripts, and libraries run on my devices is that I really like it because you can set those programs and libraries to an elevated mode. When an end user needs to install the software, IT does not have to get involved. It has already been approved and elevated, so they do not need to call us for administrative credentials to install it.

I do not think I would add or change anything at this time. The only thing that comes to mind would be when I am working on an endpoint trying to install software and I need to move it to application learning mode or maintenance mode. I have to go back to my desktop to do that. It would be nice if I could right-click from the system tray and enter my credentials to enter into application learning mode directly there.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for about eight months.

My assessment of the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform is that it has been up 100% of the time and running well.

I would evaluate the customer service and technical support as excellent because I have not had to use them.

Positive

Before adopting ThreatLocker Zero Trust Endpoint Protection Platform, I was not using anything for application control. I have never seen anything similar to ThreatLocker Zero Trust Endpoint Protection Platform in the past.

From one to ten, I would rate the solution overall as a nine out of ten just because the initial setup was a little confusing. Even though we had an MSP do it for us, we were following along, and it was a little confusing.

ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs and expenses. As I mentioned earlier, the elevated prompt and the allow listing mean we do not have to go around to each user to enter credentials to install software. We just tell them where the software package is and they can install it themselves.

My experience with the pricing, the setup cost, and the licensing of ThreatLocker Zero Trust Endpoint Protection Platform has been fantastic.

My company has not been able to eliminate or consolidate any security tools or solutions. ThreatLocker Zero Trust Endpoint Protection Platform is actually a result of that process. When we moved to an MSP, they consolidated a bunch of our software and tools, and ThreatLocker Zero Trust Endpoint Protection Platform was one of the add-ons, which was nice.

I do not use the Network Control feature, to my knowledge. I do use the Elevation Control feature. My assessment of its role in facilitating just-in-time administrative access for approved applications is that I think it is great. As I said earlier, you do not have to be bothered by the end user to come install a program that is on the allow list. It is elevated, so it allows the end user to install it without IT getting involved, and that saves us time, which is valuable. I do not think we use the Storage Control feature. I do not remember the setup process for that. I think we do use the DAC dashboard, and I think that would be part of the pending approvals section in that dashboard where users ask for approval for software, and we have to go and approve it, use the sandbox and all of that, and either approve or deny it. The ease of identifying which security and configurations settings need fixing using the DAC dashboard is something we have not gotten into because our MSP set it all up and handled all of that for us, which was nice. I have not used the Web Control feature.

We do use the Ring Fencing feature with ThreatLocker Zero Trust Endpoint Protection Platform, but I am not 100% certain on how we do it or how we use it because I know the MSP helped us set that up, but I know we do use it.

I would rate this review a nine out of ten overall.

Our main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are for all of our MSP clients; we use the total package. Every one of our clients gets ThreatLocker Zero Trust Endpoint Protection Platform. We do not have any opt-out or anything of that nature.

I would say I value Application Control the most about ThreatLocker Zero Trust Endpoint Protection Platform.

We operate from a default deny on our firewalls, so why wouldn't we do the same thing within our actual applications? Plus we have Shadow IT we have to worry about and of course, threat actors.

It benefits us by allowing me to sleep at night and having a true inventory of the applications that are in place. I think a lot of other security products overlook that inventory of applications to find out what is actually running in an environment and then being able to control who runs those applications.

By using ThreatLocker Zero Trust Endpoint Protection Platform, we have been able to eliminate some security tools; we did have SentinelOne, and while it is a good product, it was not doing anything because ThreatLocker Zero Trust Endpoint Protection Platform was preemptively taking action.

ThreatLocker Zero Trust Endpoint Protection Platform could be improved by addressing the human identity piece, whether through ThreatLocker Zero Trust Endpoint Protection Platform or another tool. Currently, ThreatLocker Zero Trust Endpoint Protection Platform does not have the human identity, and I would love to see them release something similar to that. Think MGM; everybody knows that a call center password reset was social engineered. A simple end-user verification would have stopped that whole attack, and I would like to see ThreatLocker Zero Trust Endpoint Protection Platform develop something of that nature.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform since 2021, which is five years.

I would assess the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform as being on par or exceeding most uptime; we have not experienced any downtime, crashes, or performance issues.

ThreatLocker Zero Trust Endpoint Protection Platform scales well with the growing needs of my company; I would say we have had 300% growth since the implementation of ThreatLocker Zero Trust Endpoint Protection Platform, and it scaled with no problem. It has actually gotten easier because we are becoming more proficient in the tool.

I evaluate the customer service and technical support as being second to none.

Positive

We were using SentinelOne.

The factors that led me to consider a change from SentinelOne included the performance; SentinelOne was a good tool, but we just did not see it performing any duties because ThreatLocker Zero Trust Endpoint Protection Platform was on the proactive side, and SentinelOne was not taking any actions.

ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs by allowing us to remove some tools that had overlaps, which obviously leads to overall savings; I cannot tell you the exact amount though.

My experience with the pricing, the setup cost, and the licensing of ThreatLocker Zero Trust Endpoint Protection Platform is that we have very good pricing. I think if you take the sum of the tools, they are very competitive, if not more affordable than most solutions out there.

Before choosing ThreatLocker Zero Trust Endpoint Protection Platform, we actually shopped around; there was no other solution out there that did what ThreatLocker Zero Trust Endpoint Protection Platform did. It was an obvious choice. We did pair that with SentinelOne initially, but then when ThreatLocker Zero Trust Endpoint Protection Platform became a full EDR/MDR solution, which honestly was performing those functions before they even branded it that way, we were able to let go of SentinelOne.

The impact of the Ringfencing feature on controlling the behavior of approved applications is significant. You can take something that is not malicious, such as 7-Zip, which is used by a lot of users, but because it is maintained by Russia, you would not want to allow that call-out over the internet calling back home; you can Ringfence that internet connection entirely. Other tools of that nature can be used for encryption, and we do not want a non-malicious tool used for malicious purposes. Another good example is PowerShell; since PowerShell is built into every Windows computer, you have to let PowerShell do its job but nothing else.

The Network Control feature makes it much easier to manage network traffic across endpoints and servers because you do it without running VLANs and in some cases, rewiring a building. You can actually segment that network based on use need and the risk of that particular vertical.

My assessment of the Elevation Control feature in ThreatLocker Zero Trust Endpoint Protection Platform is that just-in-time elevation allows us to give the applications or the user that limited administrative privilege without posing a long-term threat.

My thoughts on the Storage Control feature when enforcing policy-driven access over various storage devices are that we can actually enforce control that HIPAA mandates with basically two policies. A lot of the HIPAA environments we walk into say they are doing it, but they are not. We can set that with two policies within Storage Control. We can also use Storage Control to do some data loss prevention, mandate encryption on removable storage, and we can even get a little bit more granular and alert based on activity around the particular storage area.

Identifying which security and configuration settings need fixing using the DAC dashboard is made much easier because we can go at the client's board level and see if there are any improper configurations or adjustments that could make a broader control overall.

The efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites can be very valuable, especially in a newly registered domain. A lot of phishing emails are linked to newly registered domains, so that is going to flag and block that potential phishing attempt or social engineering that leads inevitably to credential harvesting.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform a 10 out of 10. Overall, I rate ThreatLocker Zero Trust Endpoint Protection Platform a 10, and I would advise other companies considering the solution that they should have done it yesterday. Most of my time here is talking to other MSPs about why they are not doing this yet, but it is a phenomenal solution. On the recovery side, we work active recoveries for people that are not our clients, and we have yet to see ThreatLocker Zero Trust Endpoint Protection Platform in place in any of those environments. I think that attests to how strong the solution is.

I would say the leadership at ThreatLocker Zero Trust Endpoint Protection Platform, from the C-suite all the way down to the Tier 1 cyber hero, is remarkable; they create a sense of family and partnership that really resonates with using ThreatLocker Zero Trust Endpoint Protection Platform.

I use ThreatLocker Zero Trust Endpoint Protection Platform for application control, network control, storage, ringfencing, policy, deployments, and cloud security.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I appreciate the most are Application Control and ThreatLocker Detect. Application Control locks things down and isolates the machines very well. For ThreatLocker Detect, if a user gets compromised and their email is exposed through a login from overseas in Europe, that would have gotten blocked by default, and then we would be alerted. That is why I value that feature significantly.

These features benefit our company primarily because of our scale. We do not have as many technicians under an MSP compared to how many clients we have. We handle well over 1,500 users at any given time.

ThreatLocker Zero Trust Endpoint Protection Platform can be improved by exploring ways of ensuring it is deployed deeper in the device rather than through an extension on the browser and finding ways to integrate all browsers.

My company has been using ThreatLocker Zero Trust Endpoint Protection Platform for quite a long time, since ThreatLocker was just in application mode. I have been using it since working at our company.

I assess the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform as very good. With the agents, there have been a couple of versions that have had some minor issues with blue screens that have been fixed. Every so often, the portal might go down, but it is down for a very small amount of time. Otherwise, it has been a very smooth and seamless experience with probably 99.5% uptime.

ThreatLocker Zero Trust Endpoint Protection Platform scales well with the growing needs of our company. Last year, from 24 to 25, we scaled over 1,000 endpoints through a ramp process, and the process was smooth. We were able to audit devices, ensure devices were not being billed that were inactive, and identify new devices that we were missing. It was very seamless and on ThreatLocker's side, the billing, accountability, and device tracking was easy to do.

Regarding customer service and technical support, I would evaluate ThreatLocker's side as very efficient and fast. They are able to get an answer through their ticketing system, their call center, or their help desk. I would say they are efficient and they know how to resolve problems usually.

Positive

Prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform, we used Sophos as an antivirus and we used Huntress as the EDR solution. ThreatLocker replaced both of those items.

We replaced Huntress because it does endpoint detection and will identify if there is any ransomware or risk on a device. ThreatLocker does the exact same thing with ThreatLocker Detect. We found that we did not need to pay for two of the same products when we could have an all-in-one solution using ThreatLocker.

We replaced Sophos because it is just an antivirus, similar to Windows Defender, McAfee, and other applications. We noticed that because ThreatLocker integrates with Windows Defender or Windows Security, Sophos was too high of a cost for us, whereas ThreatLocker offered some of what Sophos does offer at a much more affordable option.

I would say ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs or expenses. I am more on the technical side of things, so I cannot really speak to operational costs, but with the MDR team at ThreatLocker, it does help us prevent having to have a 24/7 technician because the MDR team handles that for us.

My experience with the pricing, setup costs, and licensing of ThreatLocker Zero Trust Endpoint Protection Platform is that we are a very legacy customer, so pricing is extremely cheap and affordable. Setup has been very seamless. We can make an organization instantly and set up as many devices as we need. It has very easy scalability.

I have used the Ringfencing feature with ThreatLocker, and I would say the behavior it can control is very broad and restrictive because it blocks internet access and can block PowerShell and command prompts. It does a very good job if you want to isolate a program from accessing anything else. It is helpful.

The Network Control feature of ThreatLocker Zero Trust Endpoint Protection Platform impacts my ability to manage network traffic across my endpoints and servers in a way that is not frequently utilized because we use isolated networks and firewalls already. We have not had the need to use Network Control apart from disabling the ability for RDP.

I use the Elevation Control feature in ThreatLocker with specific privileges. Elevation Control is very good when it comes to letting a standard user launch something as an admin for a temporary period of time, provided we allow it. My assessment of the Elevation Control feature's role in facilitating just-in-time administrative access for approved applications is that it works well provided we have the staff available to take that request. Because it does restrict users from being able to access their work if they need to launch something with administrative privileges, it could use some more automation.

My thoughts on the Storage Control feature when it comes to enforcing policy-driven access over various storage devices are definitely excellent with restricting USB access or remote hard drive access. Being able to monitor and ensure with Storage Control that data exfiltration is prevented has been a very useful feature.

The DAC dashboard is something that seems still relatively new and not too purposeful for what we currently do as an MSP in terms of identifying which security and configuration settings need fixing.

I assess the efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites as very effective. Those work very well. However, it does not work in Firefox. It only works in Chrome and Edge. It also needs to be able to throw an extension onto a browser, so it is not a surefire way of blocking websites.

My impression of ThreatLocker Zero Trust Endpoint Protection Platform's Allowlisting feature in terms of managing which software, scripts, and libraries run on our devices is very good. ThreatLocker has many built-in policies or default denies that help us with scalability for devices, and being able to isolate them per device and per organization is very helpful simply because we work with many different clientele in accounting, medical, construction, and other industries. It is very helpful when it comes to isolating and grouping organizations with application control.

My advice for other companies that are considering ThreatLocker Zero Trust Endpoint Protection Platform is to try it out and demo it. It is really easy to install and very difficult to remove, so you should make sure you know how to remove it before demoing the product. I would rate ThreatLocker Zero Trust Endpoint Protection Platform a nine on a scale of one to ten.