ThreatLocker Zero Trust Platform Reviews

I have a lot of clients, and I am responsible for protecting them by ensuring their environments are safe and up-to-date.

The major benefit is just fewer breaches overall. No one can run anything without it being approved first. ThreatLocker is helping companies protect themselves.

Being able to protect and trust nothing by default, known as zero trust, is the most important feature to me. The major benefit is fewer breaches overall, as nothing can be run without prior approval. This helps my company protect its data and secure itself effectively.

Attack surfaces are easy to control. It's easy to deploy and protects very well.

We've been able to consolidate security tools using ThreatLocker. We used to use SentinelOne and it wasn't doing exactly what we wanted. It wasn't detecting anything. 

It's great at blocking access to unauthorized applications. By default, it trusts nothing. 

We do get more tickets for application requests, however, that's not a bad thing, since it's protecting our environment. 

The user experience could be improved. Most complaints we get are based on users wanting certain functionality. For the most part, built-in applications are pretty good, however, having more would be beneficial.

I have been using it for about two to three years now.

It has great stability without any negative aspects.

I believe it's scalable, whether the client is small or large. It is beneficial regardless of the size.

I have experienced amazing support. Whenever I have an issue, I click the chat button, and someone is always available to assist me. Escalations go smoothly, and I have never encountered support issues.

Positive

I used to use a tool called SentinelOne before switching to ThreatLocker. SentinelOne was not meeting my needs and did not detect issues effectively. I now also use Huntress, but ThreatLocker has been a huge help by blocking anything unapproved.

I deployed it with our RMM, which made it really easy. It was much simpler than it would be with a different program. I set up the tenant, changed a few settings, checked a box, and deployed it. The process was fast and efficient, with the devices appearing quickly and no slowness.

I would stress the importance of saving companies from breaches. The cost versus benefit of ThreatLocker is significant, as its small cost offers great advantages. If something were to happen without ThreatLocker, the cost would be huge, and thus, having it is definitely worth it.

In meetings, they mention 'set it and forget it.' While this can be efficient, it might leave applications unaudited over time, possibly opening vulnerabilities. Regular auditing and reviews would enhance security. 

I give it a nine out of ten overall, recognizing there is room for improvement.

Hybrid Cloud

My main use cases for ThreatLocker Zero Trust Endpoint Protection Platform include Elevation Control, application whitelisting, and Storage Control.

The feature I like the most in ThreatLocker Zero Trust Endpoint Protection Platform is the application control, as we have many users that have their own opinions on what they should run, and it is good to be able to deny by default.

By using ThreatLocker Zero Trust Endpoint Protection Platform, our company has been able to eliminate or consolidate security tools, such as BeyondTrust PAM, and we removed USB-Lock software by adopting ThreatLocker.

ThreatLocker Zero Trust Endpoint Protection Platform scales well with the growing needs of our company, and when we expand it to all 500-odd practices, the learning mode will make it scale and work really well. It has been smooth so far, and our solutions engineer is always on hand and is really good.

I would like them to focus on integrating with our SIEM tools.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for about nine months.

I have not experienced any issues, crashes, or downtimes with the stability and reliability of the platform. The speed of deploying policies and the user receiving the notification that the application request has been approved is really quick.

My experience with customer service and technical support is positive as they are always responsive. We have taken products in the past where it has been an extra thing that you pay for, whereas our solutions engineer or whoever it is, is always there, ready to speak to us and will jump on a call in an instant, which has been really good. I would rate the customer service and technical support a 10.

Positive

Prior to adopting ThreatLocker, I was using BeyondTrust PAM and USB-Lock software.

I believe ThreatLocker Zero Trust Endpoint Protection Platform will save our company on operational costs and expenses in the long run with time and manpower, and it will be invaluable if it does stop that one breach that could happen.

My experience with the pricing, setup cost, and licensing of ThreatLocker Zero Trust Endpoint Protection Platform is that it replaced some tools, making it seem more competitive value-wise, but it is the flagship tool doing what it does, which means it is quite expensive.

We looked at a couple of other solutions in the evaluation process, but I cannot think of anything that did everything that ThreatLocker does, so there was not really a comparison.

I assess the Elevation feature's role in facilitating just-in-time administrative access for approved applications as really good because a lot of dental software is legacy and written before people cared about security in IT, so it requires being run as admin or it will not work unless the user is admin on the machine. Therefore, it is really good to elevate just the application rather than having everybody at the practice be an admin.

My thoughts on the Storage Control feature in ThreatLocker Zero Trust Endpoint Protection Platform when it comes to enforcing policy-driven access over various storage devices are that we get patient scans, x-rays, and dental notes from other practices or from NHS emergency appointments on USBs and CDs. I would personally love to block and ban all of them, but we cannot, so being able to whitelist by file type or by user group is good.

My impression of the allowlisting feature in ThreatLocker Zero Trust Endpoint Protection Platform in managing which software, scripts, and libraries run on our devices is that there is an initial learning curve, but once you get your head around how it works, it is fairly simple. At the beginning, the learning mode does most of the heavy lifting for you, but when you get to a monthly update that is outside of the learning mode and you have to go back in and do it yourself, I found it difficult to begin with, but now that I have done it a few times, it is really simple.

In regards to the ringfencing feature in ThreatLocker Zero Trust Endpoint Protection Platform, I do not feel like we have used much of that. If it is happening in the background, it is great. I think there was something to do with a user running PowerShell to connect to Azure, which we knew was happening, but it was good to get sight of who did it.

We have not gotten to the Network Control feature stage yet. I have only been using the product for nine months, so we have not gotten around to the DAC Dashboard yet. There are some reds on there. Web Control is not something that we took.

For ThreatLocker Zero Trust Endpoint Protection Platform, I cannot think of any feature improvements that I would like them to add in their next release because for what we use it for at the moment, it is great. I would rate this review a 10.

My main use case for ThreatLocker Zero Trust Endpoint Protection Platform is to secure the server.

A specific example of how I use ThreatLocker Zero Trust Endpoint Protection Platform to secure my server is that nobody can install any application without my permission, which is helpful.

I use ThreatLocker Zero Trust Endpoint Protection Platform by installing it on every server to monitor it from the portal, where I can grant access if an application needs to be installed or deny it if it does not. This approach is helpful for us.

In my opinion, the best features that ThreatLocker Zero Trust Endpoint Protection Platform offers are that it is a zero trust solution that will not trust any application until I give access and will not install a single application without my permission. This is valuable because if any viruses attack my server, it stops them, making it very helpful to prevent ransomware attacks.

ThreatLocker Zero Trust Endpoint Protection Platform has positively impacted my organization by ensuring that as soon as we implement it on the server, new employees or new colleagues cannot install anything without our permission.

It has reduced the number of unauthorized software installations.

ThreatLocker Zero Trust Endpoint Protection Platform can be improved by providing admin rights that allow us to manage it from the server by providing some token IDs or any kind of OTP if someone has rights and is on leave. This would be helpful so we do not need to wait for someone or for admin rights; they can easily generate the OTP, and then we can use it.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for about four years.

I do not have any issues with the stability of ThreatLocker Zero Trust Endpoint Protection Platform.

ThreatLocker Zero Trust Endpoint Protection Platform is definitely scalable and can grow with my organization easily.

Customer support has been awesome; I can reach them by email, and they give me a response very quickly.

We were using McAfee as well, and we replaced it with ThreatLocker Zero Trust Endpoint Protection Platform.

We decided to consolidate those tools because ThreatLocker Zero Trust Endpoint Protection Platform provides EDR, which aligns with the zero trust model.

ThreatLocker Zero Trust Endpoint Protection Platform is deployed in my organization using multiple methods, such as on-premises and hybrid cloud.

The cloud provider I use for my deployment is Microsoft Azure.

My experience with pricing, setup cost, and licensing for ThreatLocker Zero Trust Endpoint Protection Platform is good because it has a nominal price.

I would say ThreatLocker Zero Trust Endpoint Protection Platform offers good value for money because if you are pursuing security, you should consider ThreatLocker Zero Trust Endpoint Protection Platform. Money is saved because it is not costly, and I would suggest it for other companies. I would definitely recommend it to new companies if I had the opportunity.

As soon as someone tries to install an application, ThreatLocker Zero Trust Endpoint Protection Platform quarantines and denies it, blocking it effectively, which is helpful.

It is helpful for us to find out which application is being blocked or which user is trying to install something using the DAC dashboard, as it is clear and helpful.

We have not used the storage control feature for enforcing policy-driven access over various storage devices because we are using Wasabi storage.

I would advise someone that if they need a zero trust platform, they can switch to ThreatLocker Zero Trust Endpoint Protection Platform.

My impression of the allow-listing feature in ThreatLocker Zero Trust Endpoint Protection Platform is that we can add the application .exe file or the path so it will not block useful applications, such as the call recording application, track applications, and sometimes the Wasabi cloud platform.

I already explained why we are switching to ThreatLocker Zero Trust Endpoint Protection Platform; it gives quick resolution and quick action. I would rate this review a 10.

Hybrid Cloud

Microsoft Azure

I have a security service that I sell to my customers, which I provide along with ThreatLocker to deploy one of the essential eight controls.

We've helped to reduce overhead while managing at a large scale. 

The application control is a key feature of ThreatLocker. By using ThreatLocker, I have reduced the overhead of managing application control, eliminating the need for my engineers to manually add applications. 

ThreatLocker automates this process efficiently, allowing me to manage it on a large scale for all of my clients, as well as internally. It helps me produce greater efficiency.

It's easy for IT teams to use regarding reducing attack surfaces. It's easy for us. We can manage everything quite easily.

It's been able to help us eliminate and consolidate security tools. We were using a lot of Windows components and have since gotten rid of them.

We have saved on operational costs. We were spending about four to six hours a week managing requests and now were down to about two hours. 

ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications has been excellent. It's also helped us to provide efficiencies elsewhere and, therefore, invest our time in other things that could benefit us tremendously. It has freed up time by 10% to 20%.

Initially, the learning curve was slightly high for me, however, that has been resolved now. They made a lot of improvements. When I first came on board, it was trickier to learn. Besides that, I can't see much else needing improvement at this stage. ThreatLocker University might offer more now, with additional learning and certifications. Previously, I only had a few demo and engineering sessions and had to learn the rest by myself.

It would be nice if they provided more than an EDR and have an antivirus component to go along with it.

I have been using the solution for about a year and a half now.

The stability had a few hiccups at the start, however, they've worked through a lot of their issues and are pretty responsive in fixing them.

I find scalability quite good.

Customer service has been great. I don't have much experience directly with them, however, I would rate it a nine out of ten.

Positive

I used just Windows Defender Application Guard control.

My experience with deployment was straightforward, easy to do, and worked well. I initially rolled it out to one or two clients as a trial and then expanded it to all clients. 

I did not use an integrator, reseller, or consultant for deployment.

The time efficiency I gained has allowed me to invest in other areas of the business. Additionally, I provide a lot of compliance services and communicate my processes to customers efficiently and safely.

The setup cost has been great. I had a really good deal at the time, and it continues to be cost-effective.

I considered Blackpoint as one of the options.

The overall product rating is nine out of ten. 

It's for Application Control and Elevation requests, so just locking down computers.

The application allowlisting feature of ThreatLocker Zero Trust Endpoint Protection Platform has been the most valuable to us, so Application Control.

The application allowlisting feature prevents random software from running. If a user clicks a link or downloads something malicious or potentially an unwanted program that could give away sensitive information or is inappropriate for them to have on their computer, it just prevents it from even running in the first place.

The Ringfencing feature of ThreatLocker Zero Trust Endpoint Protection Platform stops applications from being able to open up other applications and do things beyond what they were controlled to do. A great example is with PowerShell scripts or web browsers opening up a command prompt or something. It stops all of that.

We do use the Elevation Control feature of ThreatLocker Zero Trust Endpoint Protection Platform. That allows us to create a policy. If we know that a user needs to be able to install a program themselves or update a program themselves, we can give them the rights to do that without having to get a hold of IT. The Elevation Control, even for a brand new user on a brand new computer, if they have the policy, they can install it without having to contact IT as well. Then we can get rid of local admin, even on the IT side, so we are not running around as local admins ourselves.

The Just-in-Time administrative access feature of ThreatLocker Zero Trust Endpoint Protection Platform is a great way to have it work. It only works for running the application it has been approved for, and it just gives them the permission to run it with those elevated permissions. Then there's a built-in expiration, so either the user has to request it again or rerun the program. They don't just keep the admin rights.

Now that we've been learning a lot more about what all the other modules of ThreatLocker Zero Trust Endpoint Protection Platform can do, the modules we don't have right now could be eliminated and help us consolidate costs and tooling. So we are considering it, but we're in the middle of contracts, we just got it, and we're just getting used to it. So we're not at that stage yet.

The allowlisting feature of ThreatLocker Zero Trust Endpoint Protection Platform is really good. It's very, very strict. So in some ways, it can be frustrating because you have to explicitly allow each individual thing. Some applications are actually five applications in one, so each little component you have to allow. There has been some friction with the end-users and ourselves just trying to use our computers. But that level of control and granularity really increases my confidence that this is keeping us safe.

I've been using ThreatLocker Zero Trust Endpoint Protection Platform for about six months.

ThreatLocker Zero Trust Endpoint Protection Platform has been really stable. I haven't noticed any issues.

ThreatLocker Zero Trust Endpoint Protection Platform scales pretty well with the growing needs of my company. We rolled it out division by division, group by group, so it was pretty smooth on that end.

ThreatLocker Zero Trust Endpoint Protection Platform's customer service and technical support has been pretty solid.

Positive

It is the first solution of this kind that I'm using.

I'm not in purchasing or managing contracts. From the setup side, ThreatLocker Zero Trust Endpoint Protection Platform rolled out pretty smooth, as smooth as blocking people from running a bunch of applications can go. You get a lot of users complaining that things aren't working, but it turns out they were just using some weird browsers or apps they maybe shouldn't have been. So I don't have too much sympathy for those complaints, but there was a flood of tickets for support, and it was hands-on. But I would say ThreatLocker themselves, onboarding us, were very hands-on.

There have been tons of meetings, and they still meet with us regularly.

We do not use the Network Control feature of ThreatLocker Zero Trust Endpoint Protection Platform. We don't have that.

We have not used the Storage Control feature of ThreatLocker Zero Trust Endpoint Protection Platform. It's not a module we have.

We have peeked into the DAC dashboard. We have the Configuration Manager, but we have not fully deployed all of that. I get a monthly and weekly report on configurations, but we haven't deep-dived into it and started cleaning up some of that.

The only thing we do with Web Control is the browser add-ons. We are not using ThreatLocker Zero Trust Endpoint Protection Platform to filter web traffic.

I would like a feature in the next release of ThreatLocker Zero Trust Endpoint Protection Platform, but I don't know because of a lot of the modules we don't have. So maybe what I'm asking for is a module we would just need to add.

If we were going to consolidate tools, we would want to get ThreatLocker Detect, and then we would need the Network Control so you could lock down the network. If you detect a virus or something malicious actually happening on the computer, you can lock it down just using ThreatLocker. But we don't have that. We're not set up to do that yet. We have other things that do that at this time. So we're not necessarily missing that feature, but if I was going to consolidate, I would want to make sure ThreatLocker Zero Trust Endpoint Protection Platform could do that.

I would give ThreatLocker Zero Trust Endpoint Protection Platform a rating of nine out of ten. I would consider, from the start, figuring out how much you want ThreatLocker Zero Trust Endpoint Protection Platform to do for you because I think it could really take over a lot of security functionality in our company. But between renewals and contract length terms when we picked up ThreatLocker Zero Trust Endpoint Protection Platform, it kind of fell in between all of that, and we could have maybe really optimized our costs and deployment. But also, there is something to be said because of how complicated it is, how much it can do, and how much there is to master about it. Doing a more limited Application Control, Ringfencing, Elevation Control, and then slowly expanding as you learn and become more comfortable with it, there is some value to be said there.

I deploy ThreatLocker to my clients who sign up with my service agreement. I coordinate the deployment and monitoring of the software and programs. 

Periodically, I manage the alerts and respond to requests by either approving or denying them, depending on the case.

ThreatLocker provides a lot of peace of mind. We don't have to worry something is going to get in and run in the background in the night hours. It's more so for our control and monitoring purposes.

The application control is highly valued by me. The ring fencing and storage management are also important, however application control is my go-to feature. The solution helps provide me with peace of mind and control. It assists me in reducing help desk tickets by automating processes and allows IT teams to focus on other projects. 

ThreatLocker saves me a couple of hours per day dealing with threats and encrypting efforts elsewhere. It helps me run reports ahead of time to avoid wasting time.

It's easy for IT teams to use. Cyber Hero Support is always there is we get stuck.

We've been able to save operation costs. With the automation and policies that are in place for application control, we're not finding ourselves wasting time monitoring or resolving issues. Our efforts are now being deployed elsewhere. 

It's very good at blocking unauthorized applications. We had to manage policies through the server and it was more tedious. With ThreatLocker, we definitely see the benefits.

We have reduced our help desk tickets with the help of automation. There's a lot of reporting to help us block and avoid wasting time. Our IT teams can use the time on other projects. Agents can handle other phone calls. We have more resources available. 

Without ThreatLocker, responding to threats might take an hour or two. With the solution, this is sped up. We can save hours a day since threat response has been sped up.

It's only been a short amount of time. We do need more time with it and be more acquainted with the software. 

We use other vendors for other components. I'd like one vendor to control all aspects of the business, including backup, EDR solutions, email monitoring, and control, rather than using multiple vendors.

I have been using it for about ten months.

It is stable.

It is scalable.

Customer service is excellent, with Cyber Hero Support being responsive within a minute or two. There are regular communications with an account manager and a support agent.

Positive

There was no Zero Trust solution before this, however, I had other EDRs and vendors.

The setup was pretty easy for me. I use another tool, an RMM tool, that helps me automate deployment. Setting up the organization on the portal was straightforward due to built-in applications and policies.

The deployment was supported by an RMM vendor. I found no issues.

It frees up my time for technicians to focus on other projects, providing me with an overall definite benefit.

The cost is very competitive. The pricing model works for me and can be passed to clients as part of their monthly service agreement.

I did not evaluate other solutions before picking this one.

ThreatLocker's modules, knowledge base, ThreatLocker University, and resources are very helpful for me. Policies and policy auditing formats are clear and easy to use. 

The overall product is rated ten out of ten.

On-premises

My use case for ThreatLocker Zero Trust Endpoint Protection Platform involves monitoring about 2,000 endpoints as an MSP, using it as the default deny on the workstations to prevent malicious applications from being downloaded and run.

My favorite features about ThreatLocker Zero Trust Endpoint Protection Platform are that it gives us so much specific control, especially in application policy creation. The ability to make policies for just a single user, a single computer, a work group, or however wide or narrow I want it to be allows me to narrow in on precisely what I need.

ThreatLocker Zero Trust Endpoint Protection Platform benefits my company by allowing us to be preventative instead of being retroactive or reactive. Instead of having thousands of untrained or minimally trained users downloading and running whatever they come across, things that are already allowed go through, and things that need to be vetted can be looked at before they get run.

To improve ThreatLocker Zero Trust Endpoint Protection Platform, I think the biggest addition would be to ThreatLocker University. Training has been our biggest hurdle, and getting people on board or having active integration with modules that maybe we don't have access to would help. We don't use the web control or the network control, but having a sandbox to get an idea of what they could do for us would not only potentially lead us to purchasing more of the suite, but it would make us more confident in our ability to train those using it.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for about six months.

I have experienced no downtime, crashes, or performance issues with ThreatLocker Zero Trust Endpoint Protection Platform. It has always been operational, with no issues with maintenance or anything of that nature. It has always been available to us.

ThreatLocker Zero Trust Endpoint Protection Platform scales very well with the growing needs of my company. We have been expanding usage, and it has been very easy. As an MSP, our child organizations are increasing constantly, and onboarding or offboarding has been very easy to get new devices and endpoints into the fold.

I evaluate the customer service and technical support as very helpful. The Cyber Hero and the support online have been great. I have not used it very much personally, but people that I work with have had need for it. Whenever they have a question, by the time I get there, Cyber Hero is already chatting with them and helping them through their issue.

Positive

Prior to adopting ThreatLocker Zero Trust Endpoint Protection Platform, we were overlapping in our use of Huntress. It was not exactly the same thing, but it was in a similar vein. We use that now more for just training purposes rather than monitoring or getting ahead of potential threats.

I purchase ThreatLocker Zero Trust Endpoint Protection Platform directly from ThreatLocker.

My impression of the solution's allowlisting feature is that it is a powerful tool, but it requires either considerable practice or training to get it right because you can set it up so specifically, and it is then also susceptible to making a mistake, having to re-allow something on a different person's computer when I really wanted it on everybody's. This comes down to training and experience, and it has its pitfalls, but it has been positive.

I have used the ringfencing feature with ThreatLocker Zero Trust Endpoint Protection Platform. I assess the impact of the ringfencing feature on controlling the behavior of approved applications as very positive. We had a specific user who had to run software through a storage device, and we were able to use the ringfencing feature to allow that specific storage to run that specific program and interact with nothing else. It was an older program that had to be from a CD, so we were able to use the ringfencing to allow it through instead of having to approve it every time it came in.

Regarding the storage control feature when it comes to enforcing policy-driven access across various storage devices, we have found it to be very positive. We only have the restrictions for specific customers, so much of it is just the default deny to read and write off of the admin or the C shares. When it is enforced, we have seen it make protections against people who obtained something they should not have and possibly something personal, tried to connect it, and it disallows them from being able to run that.

It is very easy to identify which security and configuration settings need fixing using the DAC Dashboard. The DAC Dashboard shows what is out of date or what is misaligned, and it gives you the specific ones that need changing, so I am not going through looking for it manually. It does a good job of gathering what it already can find, and then I can make the adjustments if I see fit.

I rate this solution an 8 overall.

We have been using the solution for about five years now. We started shortly after our company was acquired by an ISP that was looking for a managed services provider solution. I was looking at our stack and deciding which one would answer the pressing questions, which usually involved cyber insurance questions, such as if we have application whitelisting. I happened to call ThreatLocker and fell in love with the offerings. At the time, it had application control, ringfencing, and elevation. They have, of course, advanced their platform a lot since then.

The biggest benefit is application whitelisting. We have customers who have a set of products that they expect their users to use, and we have the ability to enforce that policy by restricting them from adding additional software on their own. It helps reduce the risk of the shadow IT type of solutions being brought in by users who think they know better or do not realize the risks.

In the beginning, it was almost an augmentation to antivirus, but now, antivirus is almost an augmentation to Zero Trust. If the applications do not run, the antivirus does not have to block them, so the antivirus is almost the second layer. With the layered protection approach, it is one of our key layers at the endpoint to keep the endpoint from running ransomware or unknown software packages.

A number of times, we have had customers who did not see the need for it until the first time we called them and said, "Hey, did you realize so-and-so wants to run this application?" and they went, "Why would they be doing that?" The ability for us to let the end-users or customers know the things going on in their environment and to stop attacks dead in their tracks has been great. We have seen it multiple times where a bad actor would have gotten a whole lot further along if they had been able to run the software they wanted to. ThreatLocker stopped that.

It is not hard to use, but it also depends on the customer base that you are working with. It can be a challenge to educate the end user and the customer with regard to why this is the right answer. A lot of times, if you have customers who have older applications, custom-written applications, and things like that, dealing with updates and dealing with changes can be time-consuming. It is not hard. None of it is particularly difficult, but it can be a bit of a draw on time.

We have been able to do consolidation primarily in the antivirus realm. Because of the fact that the applications are never allowed to run, we have been able to reduce some of our costs by not having to go to top-line AVs. We can go to Windows Defender, which is a good antivirus, but it is not centrally-managed SentinelOne or something like that. We have been able to see some big advantages in cutting back. Some of the other tools do not have to carry the heavy load. ThreatLocker carries a heavier load of protection.

I do not know if it has helped our organization save on operational costs or expenses. It has to be manned by people. We are not using the functionality where ThreatLocker Cyber Heroes respond to the tickets. Instead of hiring two people, if we let ThreatLocker manage that, we would see some definite advantages cost-wise.

It is priceless in its ability to block access to unauthorized applications. We have had everything from attacks on financial institutions to shutdown holds where the attacker was about to exfiltrate four years of data, but the PowerShell script was still sitting on the screen, unable to run because ThreatLocker blocked it. It is well worth it.

It has helped reduce help desk tickets because we get a lot fewer situations where end users are running software that they should not be and are causing conflicts with the business protection software. There are a lot fewer situations where someone is compromising the machine.

We run on a very lean team, and we have been able to maintain that status reasonably well because, with ThreatLocker, we do not have to chase things that cannot happen.

All the features are very useful. The biggest one that we focus on is the application control with ringfencing. That combination is very beneficial. We have had some recent benefits. Especially with the elevation functionality, we could remove the local admin requirement for applications that constantly required us to make users local admins on their machines. We take that risk away with elevation control, where we can elevate applications that need elevation instead of all of them. 

Their product is solid. I have a hard time complaining much about it because when we do find little things, they are usually interface-related or related to things that would be nice to have. Their idea portal, unlike so many other vendors we deal with, shows movement. At least four to eight features of ThreatLocker exist because I made a request in the last five years, and it became a feature of the actual product. When it comes to improvements, we moved the product as customers, and we got to move the product by making suggestions. They seem to be very reactive to it, so there is not a whole lot that they actively need to change right now. It is one of those situations where when we run into something that would be nice to have, it happens. They make it work.

We have used the solution for about five years.

The product is highly stable. Obviously, as they add features, every once in a while, there is something that catches us off guard, and we will have to get support. They have the answers right then and there. As a result, it has never been something that has brought us down. We have never had a customer who is down because ThreatLocker is not working. By the nature of what it does, it could be a big problem for a customer, but we have never had it. It has been stable. For five years, we have not had a problem. Customers cannot do what they want to be able to do within reason, and we have never had ThreatLocker be the cause of that.

The solution is very scalable. We started with just our office, and now we have over 3,000 endpoints on it. It scales up very easily. Once again, cloud deployment of the agents and everything else makes it very easy to add new computers to it. It is literally a matter of buying licenses, and it does not seem to care how big our environment is for the most part. The product just handles it.

Their support is world-class. You cannot beat ThreatLocker support. I started a request at eleven at night, and someone started to chat within 30 seconds to a minute. They can easily go to Zoom for conferences and have conversations. Their answers are usually immediate, and if not, it is because they have to go to the engineering team for answers or solutions. If it is an actual feature problem or something like that, it is very fast. We have said more than once that if all of our vendors would act and support us like ThreatLocker does, we would be happy. It would be a perfect world. I would rate them a ten out of ten.

Positive

This is the first time we have done application whitelisting. We brought it in about five years ago looking for an application whitelisting solution, so it was the start of our experience.

We use our own RMM solution for deployment. The setup was definitely easy. Tech support provided us with the scripts and resources needed to push it. It is all pushed from PowerShell scripts, and that downloads straight from ThreatLocker, so we do not have to ever be on-site to do anything. When we are offboarding customers, it is just as easy. We can turn off the self-defense in ThreatLocker and run scripts to uninstall it. Generally, there is no on-premises requirement for it. From an MSP standpoint, it is truly cloud-managed.

We contacted ThreatLocker directly.

From the reputation capability or the ability to show customers that we are doing what we say we do, the return on investment is immense. We also have customers who are frustrated because they cannot do what they used to do, which was run anything they wanted to. However, the first time we save them from something that would have been really bad had we not been there, that instantly changes.

We have not had any real issues with the pricing. As they have added more features, due to the way our contracts are structured with our customers, we have had to hold off on adopting the new features because they do add costs. We have to be able to price them into our contracts. That has probably been our biggest challenge. Once we are in with a customer for one to three years on a contract, bringing in those new features at an additional cost is a challenge. 

We are moving towards the Unified solution, where they basically bundle everything together, providing us better stability with the ability to bring in new product offerings without having to go back to the customer and say, "This is going to cost you."

We looked at a few others. A customer we had many years ago had brought a solution that I helped them with to some degree. I do not remember the name of it, as it was fifteen years ago. It was one of the early ones and was a management nightmare. The amount of effort and work it took to make it work and keep it working was a lot. Compared to that, ThreatLocker is amazing.

Overall, I would rate it a solid nine out of ten. It is a complex solution if you are like me and do not necessarily want to call for help frequently. They have help available all the time and will walk you through the process of setting it up if you are trying to figure it out on your own. That is not going away, in my opinion. It is not really a bash against it; it is just a fact about ThreatLocker Zero Trust Endpoint Protection Platform.

Public Cloud

Other