ThreatLocker Zero Trust Platform Reviews

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform include application elevation. We started using the web portion where you can control ports and filtering. Elevation and application elevation for local administration rights are primarily what we focus on, taking away local admin access.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I like the most include the elevation, which has been huge. We just got the web portal, so I'm starting to like that a lot and I plan to explore it more.

The application elevation feature of ThreatLocker Zero Trust Endpoint Protection Platform benefits my company by reducing help desk tickets and users needing to install software when we can mass enable an installation or mass approve an EXE. I can publish applications and then people can self-install them if they've been added to our repository.

To improve ThreatLocker Zero Trust Endpoint Protection Platform, I think the team is already working on it. One of the things was the ease of application allowlisting. They actually covered this on day one with the approval process, but you get multiple approvals. I think it would be better to have clearer descriptions on what each of the installation modes are.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for two years.

I assess the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform as excellent since I have had no issues at all. It has been very reliable.

ThreatLocker Zero Trust Endpoint Protection Platform scales well to the growing needs of my company as we have expanded a couple of modules. We just added a new one and it was very easy to turn up. We still have some backend development and setting adjustments, but it has been very easy to scale, add and reduce computers.

The customer service and technical support of ThreatLocker Zero Trust Endpoint Protection Platform have been excellent. The Cyber Heroes are phenomenal and are right there with you. They get involved and help you. It has been really easy to access support and they are great people.

Positive

Prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform, we were not using another solution to address similar needs.

ThreatLocker Zero Trust Endpoint Protection Platform has reduced some of the operational costs in my company in terms of time spent on tickets, but nothing major.

My experience with the pricing, setup costs, and licensing of ThreatLocker Zero Trust Endpoint Protection Platform is that it has been very reasonable and very easy to set up. Licensing is through our MSP, so it is not something I deal with directly, but it was very easy to acquire and implement into our industry.

Before choosing ThreatLocker Zero Trust Endpoint Protection Platform, I did consider CyberQP.

In the evaluation process, both positive and negative aspects stood out to me when comparing ThreatLocker Zero Trust Endpoint Protection Platform and CyberQP. Both are excellent programs. CyberQP is a little easier for the elevation piece, but there are far fewer controls and it has a much smaller platform footprint in terms of the security side. Each has their own niche and then they have a little overlap. I was more focused on the elevation portion as our primary problem.

My impression of the allowlisting feature in ThreatLocker Zero Trust Endpoint Protection Platform for managing which software, scripts, and libraries run on my devices is that it is awesome. I think the allowlisting feature in ThreatLocker Zero Trust Endpoint Protection Platform is very intuitive and extremely well done. It is easy to allow and deny certain things and it is a great tool.

I have used the Ringfencing feature in ThreatLocker Zero Trust Endpoint Protection Platform. Ringfencing has opened our eyes to many things and how when you elevate something, it also gets extra access. It has helped us focus and keep things in the wheelhouse that they are supposed to be and helped us eliminate a threat vector that we did not know about or that we knew about but could not control.

I have not used the network control feature in ThreatLocker Zero Trust Endpoint Protection Platform yet. I am not using the storage control feature in ThreatLocker Zero Trust Endpoint Protection Platform. I have not used the DAC Dashboard in ThreatLocker Zero Trust Endpoint Protection Platform.

I do not have extensive insight on the efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites because it is very new to us. I had just demoed it before attending this event and started playing with it here, so I do not have a huge insight into that yet.

My assessment of ThreatLocker Zero Trust Endpoint Protection Platform's role in facilitating Just-In-Time administrative access for approved applications is that it has made life very easy for Just-In-Time accounts and Just-In-Time elevations. It has reduced our local admin footprint and the entry of credentials on end user machines. It has increased our overall security stature and reduced our footprint.

On a scale of one to ten, I would rate ThreatLocker Zero Trust Endpoint Protection Platform an eight or nine. It would be an easy ten, but you really need to have people who know how to use the application. My advice is to really take the time and learn it. It is really easy to put on, really easy to deploy, and really easy to deploy wrong. If you take the time and do it correctly, it is a phenomenal product.

The main use cases for ThreatLocker Zero Trust Endpoint Protection Platform at my company are the Auto-Elevate platform and Application Control. Those were two big priorities for us. We needed something to replace our Just-In-Time admin access. We wanted to find something smoother than having to accept every time someone needed to elevate.

By using ThreatLocker Zero Trust Endpoint Protection Platform, we are considering whether we can eliminate or consolidate any security tools or solutions. We are still wanting to explore everything it can do versus something like a good EDR platform, but we are very interested in what we have seen from ThreatLocker's endpoint protection as well as their Cyber Hero and MDR platform.

ThreatLocker Zero Trust Endpoint Protection Platform has helped our company save on operational costs and expenses. So far, we are still fairly early into using it, but we can already tell from the time that we are starting to save that we are going to get a lot back out of it.

I am a big fan of the Application Control and Ringfencing features of ThreatLocker Zero Trust Endpoint Protection Platform, as well as the elevation capabilities and how fairly easy it is to make a policy based on those elevation requests and all of the built-in protections that they have.

A lot of the value comes from time and speed. Once you make the policy, you are set. You do not have to keep going back to it over and over again. We can definitely see a breakpoint where once we have these policies in place, we will not need to keep going into ThreatLocker Zero Trust Endpoint Protection Platform on a day-to-day basis and monitoring these elements. Once we have all of that in place, it is going to be a huge time-saver for us.

The allow-listing feature of ThreatLocker Zero Trust Endpoint Protection Platform has a steep learning curve at first, but once you understand it, it is very smooth. We are looking forward to reaching that break-even point. It does seem that it is going to be very low hassle and low time management once we have all of those application controls in place.

The Ringfencing feature makes it much more secure. I would assess its impact on controlling the behavior of approved applications very positively. It will help us with things such as auditing down the line, being able to know what PowerShell is actually interacting with and who can and cannot run applications such as PowerShell. We can tell from everything we have seen that it does a great job at ring-fencing everything.

The network control feature impacts my ability to manage network traffic across my endpoints and servers very positively. So far, we have not implemented too much on the network control side, but it is nice having those audit logs and being able to see where people are making those connections. Once we are ready to really go full-in on the network control, we will have a good amount of information and signals in front of us to be able to make those decisions so we can lock that down just as much as the application controls.

The Elevation Control feature is what made us look at ThreatLocker Zero Trust Endpoint Protection Platform to begin with. Our assessment of Elevation Control's role in facilitating Just-In-Time administrative access for approved applications is that we are loving it so far. Our users are loving it. They appreciate the fact that they do not have to continuously ask for elevation on certain programs. Once an elevation is set and once a policy is created for it, they are able to continuously run it as long as we know that it is a good application, which saves us a lot of time and saves them a lot of time too.

I think the storage control feature of ThreatLocker Zero Trust Endpoint Protection Platform is awesome. It is very granular compared to some other solutions that I have seen before. I have used some other vendors in the past for storage control, and a lot of it is just on and off, whereas with ThreatLocker Zero Trust Endpoint Protection Platform, you can build those policies out more comprehensively. It is easier to exclude or allow certain files and programs to run. You can have a specific device be able to talk to a specific host on a specific path, whereas with most others, it seems they can either use a USB or they cannot use a USB. This is great whenever we are dealing with our HR and finance departments that do need to have access to removable storage.

ThreatLocker Zero Trust Endpoint Protection Platform could be improved by being able to consolidate even more with an EDR for deeper scanning as needed. The philosophy for ThreatLocker does not quite seem to head in that direction, but it still would be very beneficial. Additionally, deeper browser control would be beneficial to be able to see DLP mismanagement where people are entering information into an AI platform that we do not want them to be able to enter that information into, or at the very least alert us to that type of activity.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for approximately three months.

My assessment of the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform is very positive. As long as we have had it, we have not had any complaints regarding performance, and we have not seen any downtime accessing the portal or from endpoints.

ThreatLocker Zero Trust Endpoint Protection Platform scales very smoothly with the growing needs of our company. We have expanded usage, and so far, the process has been very smooth with the Application Control learning modes and the baseline scans. It has made it so we can shorten down those learning times where we are not quite as protected as we would prefer to be. At this point, we are able to roll it out to over 300 endpoints very seamlessly.

I would evaluate the customer service and technical support from ThreatLocker as a ten out of ten. They are very good on both sides of that.

Positive

Prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform, we were primarily using ScreenConnect's auto-elevate and Just-In-Time access management for similar needs. One factor that led us to consider a change was the price that we were paying for them for pretty much just that feature was close to what we ended up paying for ThreatLocker Zero Trust Endpoint Protection Platform entirely. So we got a lot more out of ThreatLocker Zero Trust Endpoint Protection Platform. Additionally, the rules that we could build in those platforms just were not as robust as what we can create in ThreatLocker Zero Trust Endpoint Protection Platform, giving us a much more secure platform.

My experience with the pricing, the setup costs, and the licensing for ThreatLocker Zero Trust Endpoint Protection Platform is that they were very flexible with us. They worked with us to give us a good five-year term, starting off at where we needed to be in order to get ThreatLocker Zero Trust Endpoint Protection Platform. Then we were able to slowly adjust over those five years, so we were getting a very good rate upfront and then a solid rate continuing on from there.

We did not shop around too much for other providers before selecting ThreatLocker Zero Trust Endpoint Protection Platform. I was familiar with ThreatLocker from a previous company, so we were very quick to want to join up with ThreatLocker. They were very nice with the pricing and flexible with working with us, so it made the decision straightforward.

It is very easy to identify which security and configuration settings need fixing using the DAC dashboard. It is pretty much one or two clicks. You can see all of the configuration mismanagements that you have, and then it is another one or two clicks to view a solution.

So far, we have not done too much on the real-time threat intelligence and category controls employed by web control in blocking malicious and non-compliant sites, so I cannot speak to that.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform very highly. The biggest advice I would give to other companies considering this solution is to use the ThreatLocker Academy. Make sure you get the university package so you can really learn. There is a lot that you can do with ThreatLocker Zero Trust Endpoint Protection Platform, but there is a lot of misconfigurations you can put in there and accidentally take some people down for a while while you are trying to troubleshoot it. So definitely work with your solutions engineers and read those knowledge base articles. Overall, I would rate this review as a ten out of ten.

My main use cases for it involve blocking what shouldn't be running or blocking software in our company that's not whitelisted, so people can't use what they want. We also get phishing emails, and people like to click on things and run applications, so ThreatLocker Zero Trust Endpoint Protection Platform has stopped that before in the past as well.

The feature of ThreatLocker Zero Trust Endpoint Protection Platform that I like the most is probably the deny access feature. I find the deny access feature easy to use; you can do it with Microsoft, but ThreatLocker Zero Trust Endpoint Protection Platform just makes it easy, allowing me to go right to the application, set it to deny all, and it's done without having to do anything else.

This deny feature benefits my company by stopping the shadow IT aspect of it; we know what's running on the machines, and we don't have people just installing whatever they want to install on their work machine, so we can manage the endpoints better.

By using ThreatLocker Zero Trust Endpoint Protection Platform, we have been able to eliminate or consolidate some security tools or solutions because there was some overlap, and ThreatLocker Zero Trust Endpoint Protection Platform covered it or the other application we used covered it, so we were able to save money.

I assess the impact of ThreatLocker Zero Trust Endpoint Protection Platform on controlling the behavior of legitimate applications as great since we don't have to worry about logging in to help someone update something that needs admin credentials; you can just whitelist it with ThreatLocker Zero Trust Endpoint Protection Platform, and it will do it, except for UPS WorldShip because that's a monster and a terrible application.

I do use the Elevation Control feature. My assessment of its role in facilitating just-in-time administrative access for approved applications is that it does not take our time to do it; it's set, it can go, and we give it to the end user so they can do it. There's no need to remote in and use my credentials; the credentials are used once and they're gone.

My thoughts on the Storage Control feature in enforcing policy-driven access over various storage devices involve blocking people from being able to use USB drives or thumb drives unless they were approved, especially in finance to prevent them from just plugging something in that they found in the parking lot.

My experience with it is that it's super simple to set up; it's all pretty intuitive on how to use it.

It's easy to identify which security and configuration settings need fixing using the DAC dashboard since it shows, and you can look at per machine to see what's been denied in the past, such as three days, five days, and seven days; you can decide if something should or shouldn't be running with just a two-second process to click approve or deny.

I don't know how ThreatLocker Zero Trust Endpoint Protection Platform can be improved, and I'm happy with how it is now, so I can't think of anything off the top of my head.

There are some programs that, when they update, they hit other folders; it would be nice to be able to see where that application is pointing when it wants to update, especially if it's updating in the AppData folder or C Windows folder since it might be the same application already whitelisted, but it changes around.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for about a year and a half.

I have experienced none in terms of stability and reliability, with no downtime, crashes, or performance issues.

ThreatLocker Zero Trust Endpoint Protection Platform scales with the growing needs of my company by just adding the agent on the machine, which goes into learning mode for about 30 days, and it's done.

The customer service and technical support are great when I've needed them; I've never had to call, just get on the live chat, and someone's there within a minute or so who knows their stuff.

Positive

Prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform, I used Defender a little bit, and it's kind of a bear to set up, but ThreatLocker Zero Trust Endpoint Protection Platform was super simple, especially with setting up; we had Adam, our technical rep from ThreatLocker, who walked us through it from the start, and we meet with him quarterly for usually just a five-minute check-in unless I have a question, but other than that, it's been simple, and he's been great.

ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs since we set it and don't have to spend time updating applications ourselves, giving more control to the user to run the applications they want without managing each and every one.

I don't know approximately how much was saved off the top of my head, but I can say we dropped an MSP that was supposed to be helping us and brought more of the security in-house, which was expensive, so we didn't have to pay them to monitor.

I have no idea by how much the operational costs have been saved, but I know we're not cheap and there's definitely a time savings.

My experience with pricing, setup costs, and licensing is that it's super simple and easy; for what it is and what it replaces and can do, it's an easy peace of mind and an easy sell.

We use the Ringfencing feature with ThreatLocker Zero Trust Endpoint Protection Platform on some of the PowerShell scripts just to keep it local.

From 1 to 10, I would rate ThreatLocker Zero Trust Endpoint Protection Platform as a 10; I've been super happy with it, advising other companies to just do it since it's a simple setup, easy to use, intuitive, and worth the money compared to potential losses. I give this review an overall rating of 10.

As the administrator for ThreatLocker Zero Trust Endpoint Protection Platform, I manage it, deploy it for new clients, and if someone installs an application that ThreatLocker stops, I have to allow that. So we can say I am the admin of ThreatLocker in my day-to-day life.

Once, one of our big clients in the US installed a new application, but it was stopped by ThreatLocker. They emailed me that their application was not working, and then I reviewed it. I took approval from their senior managers before allowing that application in their environment, and afterward, I approved it.

I just do daily tasks where I create policies for the applications they use. There are some generic applications which they use, so I create policies for them to ensure new users will not encounter issues. Sometimes, I have to approve applications, but I need to get approval from their manager or some senior engineer before real-time approval.

Ring-Fencing technology helps me day-to-day by monitoring application behavior. If it thinks the application is malicious or has code that shouldn't run in the environment, it stops that. For example, if an SQL application throws some codes, and if the application stops working, we need to check why it stopped, and then we can approve it if it's justified.

The best features of ThreatLocker Zero Trust Endpoint Protection Platform include a deny-by-default approach, ensuring only approved applications and processes can run, which significantly reduces attack surfaces. It provides granular application control that prevents ransomware, unauthorized scripts, and unknown executables from executing. It stops ransomware before executing, which greatly improves endpoint security, along with its unique Ring-Fencing technology that restricts application behavior and prevents trusted applications from being exploited maliciously. Additionally, it provides precise control over USB devices, external storage, and network shares to help prevent data exfiltration.

The easy policy management with a centralized dashboard makes it effortless for IT teams and engineers to manage policies, approval workflows, and endpoint visibility. The real-time approval system allows administrators to approve or deny applications instantly without disrupting endpoint user productivity. Strong visibility of audit logs offers detailed logs and reporting that help with compliance, forensic analysis, and security investigations. The lightweight endpoint performance impact means it operates effectively without noticeable system downtime compared to traditional antivirus solutions, making it a highly scalable platform ideal for MSPs and organizations managing multiple clients or distributed environments.

Overall, ThreatLocker Zero Trust Endpoint Protection Platform has significantly strengthened our endpoint security by enforcing zero trust principles while maintaining operational flexibility and user productivity.

ThreatLocker Zero Trust Endpoint Protection Platform has positively impacted my organization by preventing unknown applications from running in my environment. Many clients cannot run applications without our permissions, and I also have great control over the endpoints, enhancing both productivity and security.

After implementing ThreatLocker Zero Trust Endpoint Protection Platform, we have seen a productive impact, including significantly reduced security incidents. The deny-by-default approach drastically minimizes malware and unauthorized application incidents, which reduces emergency remediation efforts and results in less endpoint downtime. Systems experience fewer disruptions caused by ransomware, malicious scripts, or unwanted software installations, leading to improved uptime for the end user.

Faster troubleshooting and detailed logging allow us to quickly identify blocked processes or unauthorized behavior, significantly reducing troubleshooting time. The real-time approval feature enables our IT team to instantly approve legitimate applications, avoiding long user wait times while maintaining security. Our IT team spends less time handling infections or cleanup tasks and more time on proactive infrastructure improvements. Once policies are properly tuned, users can work without interruption while security remains tight, enforced in the background.

Overall, ThreatLocker Zero Trust Endpoint Protection Platform has shifted our environment from reactive incident handling to proactive security management, leading to a measurable reduction in downtime and support overload.

ThreatLocker Zero Trust Endpoint Protection Platform is already an optimized platform. I have a great experience with this, so I don't think anything needs to be improved.

There might be a small thing, but I would need to assess that further.

I took off one point because sometimes it can be a bit complicated for new engineers, such as my teammates, especially for those who don't have hands-on experience. They occasionally find it difficult to check application approvals. Overall, for me, it's good.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for about three years and I am continuously using it.

In my experience, ThreatLocker Zero Trust Endpoint Protection Platform is stable because we have not encountered any major crashes or reliability issues. The agent runs consistently in the background without causing system instability or performance degradation. Any operational challenges we experienced were mostly related to initial policy tuning or application allowing, which is expected when implementing a zero-trust model. Once policies were properly configured, the environment became very stable. Overall, I have not observed any unexpected agent crashes, minimal impact on endpoint performance, and consistent policy enforcement across devices. ThreatLocker Zero Trust Endpoint Protection Platform has proven to be a dependable and stable security solution for both daily operations and long-term endpoint protection.

Regarding scalability, we have added new endpoints easily, as the policies were already made, and we just copied them to the new organization. So it's not a big deal.

The customer support of ThreatLocker Zero Trust Endpoint Protection Platform is really quick, and they respond very promptly. I've had a good experience with them.

Positive

We have eliminated CrowdStrike because we were using it for security purposes before we started using ThreatLocker Zero Trust Endpoint Protection Platform, which has proven to work for us.

We used CrowdStrike before ThreatLocker Zero Trust Endpoint Protection Platform and switched because CrowdStrike was complicated. There was also a significant security concern last year that led us to make the switch.

My advice for organizations looking into using ThreatLocker Zero Trust Endpoint Protection Platform would be to plan the initial deployment and policy configuration carefully, especially during the early learning phase of adopting a zero-trust model. Since ThreatLocker Zero Trust Endpoint Protection Platform works on a deny-by-default approach, which is extremely powerful for security, organizations should start with learning mode and a staged deployment to understand application behavior.

It's essential to ensure the IT team receives proper training, as policy management and application approvals may feel complex for engineers new to zero trust. Define approval workflows in advance to avoid user disruption by gradually enforcing policies instead of applying strict controls immediately. Once properly configured, ThreatLocker Zero Trust Endpoint Protection Platform becomes a highly effective and low-maintenance security solution that significantly strengthens endpoint protection while maintaining productivity.

I haven't observed specific metrics regarding return on investment, but I am aware of the general impacts.

I haven't noticed any specific benefits in terms of saving time, reducing the need for extra staff, or seeing fewer security incidents since using ThreatLocker Zero Trust Endpoint Protection Platform, so I can't provide numbers.

Before choosing ThreatLocker Zero Trust Endpoint Protection Platform, we did not evaluate any other options.

The allowlisting feature in ThreatLocker Zero Trust Endpoint Protection Platform effectively manages which software, scripts, and libraries run on our devices, as it provides excellent control while enforcing security measures.

I find the allowlisting feature easy to use, and it gives me enough control over which software, scripts, and libraries can run.

I can say it is easy to identify which security and configuration settings need fixing using the DAC dashboard; I would rate it a 10 out of 10 for me.

The efficiency of the real-time threat intelligence and category controls employed by web control is a big plus, as it helps ensure that we are dynamically protected even as new threats emerge.

I would rate this review nine out of ten overall.

I primarily use it on servers. We deal with smaller customers, and they don't always have the money to get it on every endpoint. The main thing exposed to the internet is, of course, the server, RDP, and other functions. 

We have some customers that have it on the endpoint. In the past few years of using ThreatLocker, I haven't experienced ransomware on servers. However, there are small occurrences on endpoints when they're not using ThreatLocker.

With ThreatLocker, we don't have shadow IT, and it has reduced ransomware. 

We have a lot of companies concerned with compliance. They have an application list, and anything outside of that application list is not allowed. ThreatLocker makes that really easy for us since you just allow what they need, and no one can run anything else.

Ringfencing is a valuable feature. If someone gains access to something or some end user attempts to run malicious PowerShell commands to download malware, it simply doesn't allow it. It's like saying, I'm not permitted to reach out to this. 

ThreatLocker eliminates shadow IT and reduces ransomware. We have many companies that need compliance. They have an application list, and anything outside of that list is not allowed. ThreatLocker makes this easy by allowing only what we need, preventing us from running anything else. 

Previously, I used AppLocker, a Windows tool, which is a lot of work to manage. ThreatLocker reduced work, allowing us to hire fewer people for this job. The time saved from not having to do recovery when malware runs, which can't happen with ThreatLocker, also saves money.

It's fairly easy to use. It has a learning curve. However, if you go to the university, you should be fine. And if you don't know something, you can just click the chat button. You'll be chatting with someone in 30 seconds.

It reduces work. It helps us save on operational costs that way. You can hire fewer people or move people onto other stuff. People can be moved to other tasks. We likely save one FTE a year, so it saves us around 30,000 euros.

We can block access very well. They are doing their job. 

It reduces the amount of time a ticket takes to action. 

It doesn't really have to do with ThreatLocker as a company. It's really annoying when other companies don't sign their executables with a certificate, requiring new rules for new files. It would be beneficial if it became more recognized in the EU to gain respect. That's about the only issue I can think of.

I have used the solution for a little bit more than three years now.

It's really stable. Once deployed, it downloads the policies locally, so even if the computer doesn't have internet, it doesn't matter. It still works.

The scalability is great. I can put as many endpoints in it as I like.

The customer service is very good. If I need someone, I hit the chat button, and 30 seconds later, there is someone there to help me.

Neutral

I used the Windows built-in AppLocker, and that was it.

We use RMM to deploy the agent.

The initial setup had its ups and downs. That was all on us. We tried to roll it out for everyone at the same time. I'd advise against that.

I had a Solutions Engineer help me. He was from ThreatLocker.

I would estimate savings equivalent to one person per year, which is about 30,000 euros in our country. Not dealing with recovery when malware runs, as it can't run, saves a lot of time and money. The subscription includes help desk time, saving us even more.

The setup is quite cheap, considering what it does.

I didn't evaluate a different solution before choosing this one. Afterwards, I looked at Cyberfox for the elevation control, however, it was unsatisfactory.

I rate the solution a ten out of ten. 

If something isn't working, you get a helpdesk ticket. If they don't know the answer, they escalate and eventually hop on a call with you without automatically closing tickets. It's been great. My Solutions Engineer has been fantastic. Even as he's moved up within the company, I can still call him.

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are endpoint and server security. We have a lot of niche applications, many of which come from GitHub. ThreatLocker's ringfencing capabilities make us feel confident that if any of those niche, obscure applications were to be compromised, our endpoints would stay secure.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I have found most valuable include Application Control. We really appreciate the new DAST component of their Health Center and those vulnerability scans with results coming out.

The benefits of those features for my company are significant. My company has a lot of scientists using very specific applications that are not well-known, and VirusTotal has probably never inspected them before. ThreatLocker's VDI environment, coupled with the ringfencing capabilities of policies, gives us confidence.

My impression of ThreatLocker Zero Trust Endpoint Protection Platform's Allowlisting feature in terms of managing which software, scripts, and libraries run on my device is that it works great. We have lots of scripts that run on servers, and we use hash-based rules on them. If a user changes their script and does not let me know, their script will not run, which ensures I can review it. We have scientists who want random, obscure software to be installed, but it will not be installed even if the help desk agrees to assist with the installation until I approve it. This is a great all-around product.

I assess its impact on controlling the behavior of approved applications as very positive. It works really well, and I have nothing to add to that.

If I had one feature I would like added to ThreatLocker Zero Trust Endpoint Protection Platform, it would be the ability to clone a policy to a new machine. Right now, I have to manually clone it. If it is just a basic policy, its not a big deal. However, if there is one that is very specific with ringfencing rules and user-based rules, I do not have a way to just copy that to a new machine. I would either have to manually add all those same rules. That would be the one feature I think is needed.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for one year.

My evaluation of the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform is that the portal sometimes seems to crash. I can get logged in, but I cannot load anything and it will kick me out in about five minutes. There is no apparent pattern to it, and there is not a particular time when this happens. However, occasionally there are days where the portal has issues.

I would assess how well ThreatLocker Zero Trust Endpoint Protection Platform scales with the growing needs of my company positively. We recently went through a replacement project of approximately 600 computers, and it went very smoothly. I did not hear any complaints about it.

I would evaluate the customer service and technical support as great, with no complaints. They are all very responsive.

I have not dropped any products since obtaining Threatlocker. Threatlocker is the most recent addition. I do not wish to disclose the other products I am using.

I would guess that ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs or expenses, but I would not be able to give specific numbers.

There was no other consideration in the evaluation process for another solution.

By using ThreatLocker Zero Trust Endpoint Protection Platform, my company has an option now to eliminate or consolidate any security tools or solutions. We could get rid of a couple of things, but we have not gone down that path.

The reason we have not gone down that path is because we are in contracts with quite a few things right now.

Regarding the Network Control feature, we are still in audit mode. We have it purchased but have not enabled it.

For Elevation Control, we use that for a few things. Our developers do web app development, and if they need to debug, it opens in IIS, which is an admin-level feature. Elevation Control lets us automatically elevate Visual Studio, which is really useful there. We were able to get rid of admin accounts for that by using Elevation Control.

Concerning the Storage Control feature, we are still starting to use it.

I am using the DAST dashboard and we are reviewing it. We have enabled some policies based off of its recommendations.

Identifying which security and configuration settings need fixing using the DAST dashboard is pretty good at outlining what needs to happen. There have been some quirks. I understand it is still in its infancy. There are some quirks with its actual reporting. There was a period where it was saying we were 100% secured, and then a week later it showed we had a bunch of vulnerabilities. We are not fully relying on it, but as far as presenting vulnerabilities it has found and where to go to change things, it is pretty easy to understand.

I would rate this review overall as a 10.

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform are Application Control and Endpoint Protection.

The feature I like the most about ThreatLocker Zero Trust Endpoint Protection Platform is Application Control. It keeps things secure by ensuring only trusted programs run, and it does not matter that the user has local admin because they cannot run untrusted software.

ThreatLocker Zero Trust Endpoint Protection Platform benefits my company by preventing serious incidents. A few months ago, someone called one of our users and pretended to be helpdesk. They remoted into their computer and tried to run Node.js. The hackers could not get it to run. They tried several times and even sent me a ThreatLocker request for it, which is how I found out about the attempted compromise. I was wondering why this person was running a script. I called them up and discovered what was going on. I told them to hang up immediately. The attackers were not able to run anything. They tried PowerShell and command prompt, but nothing worked.

ThreatLocker Zero Trust Endpoint Protection Platform should focus more on the application allow listing feature, which shows whether a program has been recognized but not necessarily whether it has been trusted. It would be helpful to have categorization to let me know which programs are not trustworthy. For example, GoToMeeting is a known screen sharing program that shows as high risk, but that does not necessarily mean it is not trustworthy. A little more clarification on that would be beneficial.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for two years.

There were some concerns about the stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform regarding memory usage, but we found that the concerns were out of proportion. I think we probably need more communication on our IT front because whenever something glitches, people would assume it is ThreatLocker. We would investigate and see that ThreatLocker is not blocking anything and the issue is something else. A little more transparency would be beneficial.

ThreatLocker Zero Trust Endpoint Protection Platform scales well with the growing needs of my company. At first, we deployed it to normal laptops. Then we expanded to developer laptops and our technicians because they need more programs. This year, we are going to expand to servers that are mission critical in our company. We want to make sure nothing gets blocked, so we are taking our time with those. We do a lot of turnover with laptops because we buy and sell assets, and it has scaled very well with that. I have not had any issues integrating new laptops or decommissioning old ones.

I evaluate the customer service and technical support of ThreatLocker Zero Trust Endpoint Protection Platform as very good. They are very responsive. I am able to get in touch with a chat person usually within a minute.

Positive

Before adopting ThreatLocker Zero Trust Endpoint Protection Platform, we did not have a platform like this.

ThreatLocker Zero Trust Endpoint Protection Platform has definitely saved us on operational costs and expenses by preventing incidents. The one I mentioned before involved an attempted ransomware infection. It has saved us on two other occasions besides that. Talking to our CIO, he said that ThreatLocker more than paid for itself during those incidents.

The other solutions that came under consideration in our process include ConnectWise for scripting and patching. We also have SentinelOne for detection. For endpoint elevation and control, we were looking for a solution and ThreatLocker was really the only one that met our needs.

I have used the Ringfencing feature.

The Ringfencing feature of ThreatLocker Zero Trust Endpoint Protection Platform impacts controlling the behavior of approved applications positively. Ringfencing keeps programs that are potentially running as admin, and they might need to run as admin, but it does not give that admin access to other programs. We are able to limit them from talking to the internet. It gives us a lot of peace of mind.

We do not use the Network Control feature.

I do use the Elevation Control feature.

The Elevation Control feature of ThreatLocker Zero Trust Endpoint Protection Platform facilitates just-in-time administrative access for approved applications effectively. We used to have every user as a local admin on their machine because some programs had to run as admin. This feature lets us run just that program without having to elevate the whole machine. So it is much safer.

We do not use the Storage Control feature.

I have used the DAC Dashboard.

Identifying which security and configuration settings need fixing using the DAC Dashboard is very easy. It shows you right there on the home screen without having to do an extra scan. There is nothing you have to configure for it to work. It shows you the top vulnerabilities right there.

We do not use the Web Control feature.

I give ThreatLocker Zero Trust Endpoint Protection Platform an overall rating of 10 out of 10. It works perfectly for what we use it for.

My main use case for ThreatLocker Zero Trust Endpoint Protection Platform is Application Whitelisting.

The features of ThreatLocker Zero Trust Endpoint Protection Platform that I like the most is the Application Whitelist, which is mostly what I use, but their customer service is the best of the best. I deal with over 100 vendors. I'm over vendor management for the bank, and I never dread a call with ThreatLocker, with Andrew and Jordan. They're pros. They're so helpful and understanding and they're the best, out of any company. Their customer service is number one, without a doubt.

I'm just overall impressed with the solution's allow-listing feature in ThreatLocker Zero Trust Endpoint Protection Platform. Being relatively new to IT, but not technology, it was a feature that I didn't know existed. Obviously it makes sense that it's needed, but the capabilities and how much it can protect you on the end, it's not surprising how useful it is.

The customer service features of ThreatLocker Zero Trust Endpoint Protection Platform just make everything so easy. I can pick up the phone and call them or set up a Zoom call. There's no question too dumb or that I feel stupid for asking. They're responsive and on top of it. Most of the time, I can email Andrew about an issue and he'll schedule a call and have it fixed before we even have a call. He goes through and tells me what he did, and then he actively monitors the situation or policy, even after the call, just to ensure we don't have any problems, and we just don't get that anywhere else. It's amazing.

Nothing comes to mind regarding how ThreatLocker Zero Trust Endpoint Protection Platform can be improved. I would suggest keeping customer service up and the Application Whitelist feature, which is what I primarily use, just keep advancing in that. Perhaps make some of it a little more user-friendly as far as the interface because it can get confusing at times, but the customer service makes up for any confusion or doubts within myself because I know that it's going to get done right and it's going to protect the bank as much as possible.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for one year since April 1st. The organization onboarded ThreatLocker about six months prior to me, before I joined. We're still kind of starting to get everything, our Ringfencing and all our policies, starting to get them all ironed out now, but we really enjoy it.

The stability and reliability of ThreatLocker Zero Trust Endpoint Protection Platform have been great. We haven't had any issues. I can't think of one time where it's been down or caused any internal conflicts.

From my understanding, regarding the scalability of ThreatLocker Zero Trust Endpoint Protection Platform, we pretty much set it company-wide and it's been a smooth process with Andrew helping us along the way, working with my supervisor, the ISO. We jumped in, and he was still in the learning phase when I joined on April 1st, but he pretty much figured it out. Through the help of the Cyber Heroes and the customer support, we've been rocking and rolling with it and are confident. It's been great.

If you have any issues or questions, the support team is right there at a drop of a hat, with no questions asked. The team will help you and walk you through it. As for the customer service and technical support of ThreatLocker Zero Trust Endpoint Protection Platform, I would rate them from one to 10 as a 20. They're great, fantastic.

Positive

As far as operational expenses, ThreatLocker Zero Trust Endpoint Protection Platform has not helped my company save money; however, it helps us sleep at night knowing that our company and our customers' financials are protected, just by making sure that we don't have any vulnerabilities through bad actors and applications.

I'm in charge of information security when using ThreatLocker Zero Trust Endpoint Protection Platform. Whenever any employee tries to download or install any application on any work device, it sends a notification directly to me, and then I have to approve or reject the request and set up policies and Ringfences to make sure that if we approve the product, it doesn't come up flagged or get kicked or ask for permission under certain circumstances. We can also change the groups with different departments if they need access to certain applications. I approve installations of software and programs.

I have used the Ringfencing feature in ThreatLocker Zero Trust Endpoint Protection Platform. I assess the impact of the Ringfencing feature on controlling the behavior of approved applications as really helpful, as far as elevating certain things, setting up policies, and fine-tuning. It may not be so much about the application; it's about who's accessing it and where it's going and who installs it. It's been really helpful as far as the elevation of said application.

We're working on implementing the Network Control features of ThreatLocker Zero Trust Endpoint Protection Platform. We haven't really deep-dived into it, but we have a call set up with Andrew and Jordan next week to deep-dive into that and try to start implementing it because it's very well needed.

I do not use the Elevation Control feature in ThreatLocker Zero Trust Endpoint Protection Platform a whole lot, but I've worked with Andrew and he's walked me through some things where we've had issues.

I'm not familiar with the Storage Control feature of ThreatLocker Zero Trust Endpoint Protection Platform when it comes to enforcing policy-driven access over various systems.

It's pretty self-explanatory to identify which security and configuration settings need fixing using the DAC dashboard of ThreatLocker Zero Trust Endpoint Protection Platform. It has a lot of nice graphs and charts and explanations for everything. It's very helpful. I like the new dashboard.

We don't use ThreatLocker Zero Trust Endpoint Protection Platform for blocking site control and other content filtering that I'm aware of.

I would rate ThreatLocker Zero Trust Endpoint Protection Platform as fantastic, 10 out of 10. I'd highly recommend them. It's a great platform. It's fairly simple to use, and if you have any questions, customer service is just top-notch. Make the jump. It'll be worth it.