ThreatLocker Zero Trust Platform Reviews

I use ThreatLocker at a bank and at a trucking company mainly because one has been hit with ransomware a few dozen times, and for the other, we just wanted to ensure it never got hit. It has actually stopped threats in their tracks at the trucking company. We haven't had a problem yet, so thankfully, nobody randomly clicks on things. 

At the other company, there are 300 employees in a warehouse, and only two of them are computer literate, so they click on everything. It has been very helpful in reducing the madness that comes with phishing and random malware or ransomware.

ThreatLocker has been excellent for reducing the issues with ransomware and malware, keeping end users in check, and ensuring they have to request access for certain actions. This process involves verification for necessity, particularly when considering VPN bypasses.

The application control has been great so far, and while I am still exploring the network access controls, I unfortunately don't have access to one module I would love to have due to licensing restrictions. 

It's easy to use in regard to reducing attack surfaces. For me, it's a piece of cake. We can have something approved within 30 seconds, thanks to the mobile app.

We haven't eliminated security solutions. We just add to it, and ThreatLocker has been a great addition. We also have Kaseya and ThreatLocker as a supplement to that. It's useful. They have overlap, and we look at the overlap as a good thing.

It's helped your organization save on operational costs or expenses by ensuring that many fewer hours are spent dealing with ransomware nonsense. I cannot count the amount of hours that I personally have not had to put in to recovering an environment from a ransomware event. The last big one took us about three weeks to completely recover from. Since we've grouped ThreatLocker in, the management of that whole setup has gone down to just daily help desk tasks and general server maintenance instead of having the whole system on fire. There are probably thousands of hours of saved time between our teams. It's been great so far. 

ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications is great. It's my biggest protection, the blocked applications. In a lot of cases, you go to install something yourself that you need for management, and it comes in and says, nope. And then I have to log into the portal and approve it. I get our other guys saying, hey, why are you trying to approve something? Any of the tools that I'm using on a day-to-day basis that haven't been in the environment during the whole learning mode initially, I could go through and set extensions and all that. So, while it's a headache on that end, the amount of saved time I can't even count. It is a little frustrating on my end since I like to go as quickly as I possibly can, and it slows me down. However, that's a really good thing.

Depending on the site, it can save a lot of time and cut down headaches. It's likely saved a week's worth of time. 

It's cut down the amount of sever help desk tickets. Those have become minimal. 

Identifying areas of improvement is challenging, however, perhaps adding a few more built-ins could help. There are items updated a couple of times a year, especially in the banking industry, where some applications could benefit from built-ins. While it's understandable why they aren't available, manually building rules and adding hashes takes extra time. Some built-ins are reportedly in progress and should eventually be available.

Unfortunately, I lack access to one component due to licensing requirements, however, it is what it is.

I have used the solution for almost two years now.

I have yet to encounter any problems with it, apart from end users complaining that they can't install whatever they want, which is exactly the desired outcome.

I have not had any issues at all. At one site, I started off with just the servers, and within a month and a half, I set up the entire company with ThreatLocker. I expanded from maybe ten to fifteen initial installs to well over one hundred in two weeks. It was super simple.

I joined a conference call with a colleague and asked a question. The detailed explanation provided by the representative was impressive, showing features I was unaware of. It encouraged me to explore the training materials in ThreatLocker University. 

I have been researching various options, and if I remember correctly, Kaseya recommended ThreatLocker. I have contacts at Kaseya, and there are ongoing discussions about new solutions. The suggestion to try ThreatLocker led us to run a trial, initially planned for thirty or ninety days. However, within two weeks, I decided to license it for the entire company due to its impressive performance.

The initial deployment took me about a day to figure out how to do the initial deployment correctly and it has been solid since. In terms of implementation, I have no complaints at all.

We've got data RMM that we can use to push it out. We can use the VSA RMM to push it out. We can push it via GPO. So it's super easy to do. The only time we have to manually install it is on systems that we haven't plugged into a network yet.

The return on investment is significant as I am now recommending it to all our clients, even those with just one or two servers. It keeps malware, Trojans, and ransomware at bay. It is a worthy investment, reducing management headaches and cutting down on hours for minimal investment.

We probably looked at about a dozen options.

Overall, I would rate it probably a nine out of ten. I don't like to give a perfect score if it doesn't directly benefit someone within the company. It should be a ten since I've had no problems with it, and it is as rock-solid as expected. 

The time saved from dealing with ransomware nonsense is invaluable. We spent about three weeks recovering from the last significant attack; however, since implementing ThreatLocker, management has been reduced to daily help desk tasks and server maintenance, saving our team thousands of hours.

As a managed services provider, my use case involves monitoring when managed users attempt to install any kind of file, whether malicious or benign. ThreatLocker Zero Trust Platform generates an alert whenever this occurs. After checking whether the file is malicious or benign, I as an admin will approve or disapprove the request. I check whether the file, application, or whatever the path is, is benign before we allow the user to install it.

I appreciate how ThreatLocker Zero Trust Platform can specify the exact path that you want to give access to for the user. Rather than just a file, you can specify an entire path in the folder, straight from the folder to the file, pinpointing the exact file that you want to install. You can pinpoint that and only give access to the user to install that, and nothing else in the folder.

The allow list feature in ThreatLocker Zero Trust Platform is very handy. When you specify an exact path, it will only allow you to go there, and you cannot go anywhere else in the folder to install any other file but that exact file that we have specified. This is where the allow list feature is particularly useful.

The elevation feature in ThreatLocker Zero Trust Platform is basically approving the user to elevate to local admin mode, wherein they can do whatever they want in the software. Depending on the kind of software, if it is an in-company, company-made software that is bound to the company, only then do we allow the elevate feature. Otherwise, for external software, downloads, and installations, we do not allow elevation. We do not elevate the users and give them local admin access.

I do not see any improvements needed for ThreatLocker Zero Trust Platform. I think perhaps they could make the dashboard a little more appealing, but other than that, I do not see any issues with the software and how you use it.

To be honest, I have not actually explored the entire ThreatLocker Zero Trust Platform dashboard. I do not think I am qualified enough to tell you if there can be improvements or if I want to see something new, because I myself have not explored the entire dashboard. I just recently discovered the different features that were explained to me. I just recently found out that those features are also there. I do not think I am qualified to tell you that this should be added or that should be removed.

I have been using ThreatLocker Zero Trust Platform for a year and a half.

I have never had an issue with ThreatLocker Zero Trust Platform being down or not being accessible or any problems. I have not encountered any sort of problems with ThreatLocker Zero Trust Platform where it is not accessible or it is not doing something that I want it to do.

There are no specific issues or complaints regarding ThreatLocker Zero Trust Platform's scalability. The deployment and scalability process appears to be straightforward.

Before using ThreatLocker Zero Trust Platform, I have only used Defender for Endpoint, which is Microsoft's solution.

For all the deployments, I push it through Intune. You make a hash file and push it through Intune and I do not think there is a lot of fuss. It is just as simple as every other application or software that we make policies for in Intune.

I think the biggest expense that you can save is an attack from an outsider. If your data is not going outside and if you cannot be bullied or your data is not being kidnapped by external attackers, I think that is the biggest benefit of ThreatLocker Zero Trust Platform. I do not think you can ask for any more than that.

I have not used an exact alternate to ThreatLocker Zero Trust Platform. If you could ask me about the closest technology or software that I have used to ThreatLocker Zero Trust Platform, it would be Cisco Umbrella, wherein you can specify the links, websites, and data that you do not want your users to access. I think the closest thing to ThreatLocker Zero Trust Platform that I have used is Cisco Umbrella.

Again, just as mentioned, if you are pushing it through Intune, it is just another application or software that you are pushing.

If you are implementing ThreatLocker Zero Trust Platform, I would suggest you to explore everything. I am sure that it is inclusive of everything from endpoint management to where the user is trying to install something or trying to delete something. The entire managed endpoint, I think the company that is implementing it should utilize all and explore all the aspects of whatever ThreatLocker Zero Trust Platform has to offer. I would rate this product a ten out of ten.

I work for an architecture firm. We use ThreatLocker Protect to protect the company's systems from unknown malware by blocking unapproved applications. We encounter a lot of malware and ThreatLocker has been able to help with that.

As an architecture firm, we rely on TAISE’s Cybersecurity-as-a-Service (CaaS) to keep our systems safe from malware threats. TAISE introduced us to ThreatLocker, which has become essential in safeguarding our infrastructure by blocking unapproved applications and defending against unknown malware. Given our exposure to frequent malware, ThreatLocker, through TAISE's expert implementation, has proven invaluable

ThreatLocker Protect is very simple and easy to understand. You do not need much technical knowledge to be able to use it. It is very good. Anybody with a bit of IT knowledge is able to handle it.

Ringfencing adds an extra layer of defense. If an application is compromised, you can just exclude the computer and do your troubleshooting and find out what the problem was. It goes hand in hand with application whitelisting. It has been very helpful. It adds an extra security system which is very much needed for our infrastructure.

ThreatLocker Protect has improved my organization greatly. Before using ThreatLocker Protect, we experienced a malware attack that caused significant damage, corrupting many of our files. Since implementing ThreatLocker Protect, we have not faced any such issues, and our operations have been smooth.

We were able to realize its benefits immediately. No user can install any unknown applications or unauthorized applications on their own. I have been able to manage my systems effectively without any malware.

ThreatLocker Protect has reduced our help desk tickets by about 40%, as every software they use is approved by me before use, limiting unauthorized installations.

ThreatLocker Protect has freed up a lot of time. I do not have to do much with the help desk because our systems are protected with ThreatLocker Protect.

The application whitelisting feature allows us to block and manage approved applications effectively. It ensures that no one can install an application on our systems unless it is approved by me, which is very efficient.

It is very easy to use. When a user sends a request, you can go to the dashboard to view the application that the user wants you to approve. If you are okay with the application, you just click the Approve button to approve. It is very easy.

The support could be quicker. There are times when there is a delay in getting a response. This is problematic when immediate attention is needed.

The stability can also be better.

I have been using ThreatLocker Protect for the past three years.

Stability can be improved as there are times it goes down or requires management to adjust policies. I would rate stability a six out of ten.

It is scalable to an extent, depending on where it is used. I would rate scalability a seven out of ten.

We have one location but multiple departments. Overall, we have 25 users.

Our company is small. I know which applications each user is supposed to use and what they need. Once I get a request, I go over to the application they need to install. If it aligns with the work they do, I approve it.

I would rate their support a five out of ten. It could be better, especially with response times.

Neutral

We did not use another solution before.

The initial setup was straightforward. Its deployment took about a week.

Our return on investment with ThreatLocker is about 20%.

Its time to value was immediate.

The pricing is reasonable and normal. I do not have any problems with the cost.

I would recommend ThreatLocker Protect to other users as it is a very important tool for IT administrators like me. It helps manage user access and secures the system efficiently.

I would rate ThreatLocker Protect an eight out of ten.

I primarily use it on servers. We deal with smaller customers, and they don't always have the money to get it on every endpoint. The main thing exposed to the internet is, of course, the server, RDP, and other functions. 

We have some customers that have it on the endpoint. In the past few years of using ThreatLocker, I haven't experienced ransomware on servers. However, there are small occurrences on endpoints when they're not using ThreatLocker.

With ThreatLocker, we don't have shadow IT, and it has reduced ransomware. 

We have a lot of companies concerned with compliance. They have an application list, and anything outside of that application list is not allowed. ThreatLocker makes that really easy for us since you just allow what they need, and no one can run anything else.

Ringfencing is a valuable feature. If someone gains access to something or some end user attempts to run malicious PowerShell commands to download malware, it simply doesn't allow it. It's like saying, I'm not permitted to reach out to this. 

ThreatLocker eliminates shadow IT and reduces ransomware. We have many companies that need compliance. They have an application list, and anything outside of that list is not allowed. ThreatLocker makes this easy by allowing only what we need, preventing us from running anything else. 

Previously, I used AppLocker, a Windows tool, which is a lot of work to manage. ThreatLocker reduced work, allowing us to hire fewer people for this job. The time saved from not having to do recovery when malware runs, which can't happen with ThreatLocker, also saves money.

It's fairly easy to use. It has a learning curve. However, if you go to the university, you should be fine. And if you don't know something, you can just click the chat button. You'll be chatting with someone in 30 seconds.

It reduces work. It helps us save on operational costs that way. You can hire fewer people or move people onto other stuff. People can be moved to other tasks. We likely save one FTE a year, so it saves us around 30,000 euros.

We can block access very well. They are doing their job. 

It reduces the amount of time a ticket takes to action. 

It doesn't really have to do with ThreatLocker as a company. It's really annoying when other companies don't sign their executables with a certificate, requiring new rules for new files. It would be beneficial if it became more recognized in the EU to gain respect. That's about the only issue I can think of.

I have used the solution for a little bit more than three years now.

It's really stable. Once deployed, it downloads the policies locally, so even if the computer doesn't have internet, it doesn't matter. It still works.

The scalability is great. I can put as many endpoints in it as I like.

The customer service is very good. If I need someone, I hit the chat button, and 30 seconds later, there is someone there to help me.

Neutral

I used the Windows built-in AppLocker, and that was it.

We use RMM to deploy the agent.

The initial setup had its ups and downs. That was all on us. We tried to roll it out for everyone at the same time. I'd advise against that.

I had a Solutions Engineer help me. He was from ThreatLocker.

I would estimate savings equivalent to one person per year, which is about 30,000 euros in our country. Not dealing with recovery when malware runs, as it can't run, saves a lot of time and money. The subscription includes help desk time, saving us even more.

The setup is quite cheap, considering what it does.

I didn't evaluate a different solution before choosing this one. Afterwards, I looked at Cyberfox for the elevation control, however, it was unsatisfactory.

I rate the solution a ten out of ten. 

If something isn't working, you get a helpdesk ticket. If they don't know the answer, they escalate and eventually hop on a call with you without automatically closing tickets. It's been great. My Solutions Engineer has been fantastic. Even as he's moved up within the company, I can still call him.

Many of our firms are currently using ThreatLocker, and they have been very happy with it. It can block unauthorized software from being downloaded. 

A few years back, we had an attack on one of our biggest clients. After that, we implemented ThreatLocker. For the last couple of years, there have been no issues or attacks. This has been really helpful.

Currently, we are not using the full range of modules, however, we are using ThreatLocker elevation. That's really good. 

The deployment is very easy.

We've been able to save some operational costs and expenses by using this product. However, the main thing is that it protects our customers. 

The zero-trust endpoint availability is good. It can block unknown applications straight away.

We have reduced help desk tickets. It helps with management. We have a good team in place. 

Some reporting areas need improvement. We need to generate more reports. That area should be improved. We'd like reporting on if someone tried to install software, we'd like to be able to generate reports on what was blocked.

I have been using ThreatLocker for the past four years.

Stability is good; it is a growing business. Over the last four years, it has grown significantly.

Scalability is good. There has been no impact in the last couple of years.

Support is good, with very quick support from Cyber Heroes if any staff requires help. From our side, they are really helpful.

Neutral

We did not use another solution previously.

The initial setup is good; deploying is very easy.

We are managing the implementation ourselves.

It's protecting our customers. That is the main thing. That's our ROI.

In the last couple of years, the price has remained the same. Nothing has changed, and it's good. I hope it will not increase soon.

We did not evaluate other options. 

The overall rating of the solution is eight out of ten. We need to improve the reporting side, including reporting and generating reports. That area needs to be improved.

We're currently deploying 15,000 machines. For us, it is quite easy, however, the problem is that our environment is complicated to deploy due to many customizations. That said, with ThreatLocker, it is not a problem. 

It's getting better in terms of cost and transparency. We can see security improving and can show our evolution. 

The control list is the best feature. For our company, it provides value to our customers since they can see we are improving our security. It also helps us understand what is happening in the machines with notify audits. The solution shows evolution and helps us troubleshoot, even when installed on only some machines.

We can reduce attack surface. We have over 1500 sysadmins, and without it, it was hard to control permissions.

We hope in the future it will help us reduce costs.

We can block access to unauthorized applications. With all of the sysadmins, it had been quite difficult to block everything manually. We have more control over our environment now.

It helps us to see what's happening in the environment and can help us troubleshoot. Once we install across all machines, we can see better what's happening. 

There could be options for handling a bulk amount of machines simultaneously. Randomizing the actions instead of executing everything at once would be beneficial. This would apply to our policies, particularly for the container and Linux versions.

We have been using it for about one year and six months, almost two years.

I have encountered some problems with stabilitiy, however, they are resolved quickly. It is not really a significant issue for me, as they are solved very fast.

The scalability is okay for us. We do not have any problems.

The customer service is very good and very fast.

Neutral

Previously, we used another solution, including a solution from ManageEngine. We switched to ThreatLocker because we felt secure using it, especially with Cyber Heroes and the learning mode.

The implementation was done in-house by me.

We are seeing a return on investment, especially with our managers and customers. We are protecting them and enhancing our security. They all feel safer with this solution.

The setup cost is good, but money in Brazil is quite expensive. Despite the Brazilian economic issues, it is manageable when considering the dollar.

We just have one alternate solution in mind, which includes control mechanisms. We tested some others but liked this one a lot. We need to finish the first part.

My overall product rating is nine out of ten.

I have a lot of clients, and I am responsible for protecting them by ensuring their environments are safe and up-to-date.

The major benefit is just fewer breaches overall. No one can run anything without it being approved first. ThreatLocker is helping companies protect themselves.

Being able to protect and trust nothing by default, known as zero trust, is the most important feature to me. The major benefit is fewer breaches overall, as nothing can be run without prior approval. This helps my company protect its data and secure itself effectively.

Attack surfaces are easy to control. It's easy to deploy and protects very well.

We've been able to consolidate security tools using ThreatLocker. We used to use SentinelOne and it wasn't doing exactly what we wanted. It wasn't detecting anything. 

It's great at blocking access to unauthorized applications. By default, it trusts nothing. 

We do get more tickets for application requests, however, that's not a bad thing, since it's protecting our environment. 

The user experience could be improved. Most complaints we get are based on users wanting certain functionality. For the most part, built-in applications are pretty good, however, having more would be beneficial.

I have been using it for about two to three years now.

It has great stability without any negative aspects.

I believe it's scalable, whether the client is small or large. It is beneficial regardless of the size.

I have experienced amazing support. Whenever I have an issue, I click the chat button, and someone is always available to assist me. Escalations go smoothly, and I have never encountered support issues.

Positive

I used to use a tool called SentinelOne before switching to ThreatLocker. SentinelOne was not meeting my needs and did not detect issues effectively. I now also use Huntress, but ThreatLocker has been a huge help by blocking anything unapproved.

I deployed it with our RMM, which made it really easy. It was much simpler than it would be with a different program. I set up the tenant, changed a few settings, checked a box, and deployed it. The process was fast and efficient, with the devices appearing quickly and no slowness.

I would stress the importance of saving companies from breaches. The cost versus benefit of ThreatLocker is significant, as its small cost offers great advantages. If something were to happen without ThreatLocker, the cost would be huge, and thus, having it is definitely worth it.

In meetings, they mention 'set it and forget it.' While this can be efficient, it might leave applications unaudited over time, possibly opening vulnerabilities. Regular auditing and reviews would enhance security. 

I give it a nine out of ten overall, recognizing there is room for improvement.

My main use case for ThreatLocker Zero Trust Endpoint Protection Platform was Application Control, but now I use it as a full suite of protection tools.

A specific example of how I use ThreatLocker Zero Trust Endpoint Protection Platform as a full suite of protection tools in my organization is that it helps us perform compliance needs for companies and also Web Control, Application Control, and Network Control as a true zero-trust platform.

It has made a positive impact by consolidating our tools; we used to have too many tools and now we really only need ThreatLocker Zero Trust Endpoint Protection Platform, a backup solution, and our RMM.

I have seen benefits from consolidating my security tools down to just ThreatLocker Zero Trust Endpoint Protection Platform, a backup solution, and my RMM, as it has saved me time, saved my clients money, and saved us headaches.

The best features ThreatLocker Zero Trust Endpoint Protection Platform offers are Network Control, Application Control, and Storage Control.

Network Control, Application Control, and Storage Control impact my daily workflow significantly, as they give me operational freedom with cyber hero support, reduce the anxiety I have day-to-day, and have improved my overall general mental health because of all of the never feeling alone being reduced to near zero, with a whole team of cyber heroes that are just jumping to help me, and the turnaround is literally a minute in most cases.

ThreatLocker Zero Trust Endpoint Protection Platform can be improved by addressing issues with Network Control better.

I have several clients in the last few months that have definitely caused a problem where a domain controller completely destroyed replication once Network Control was put in place, and now our AVD servers in Azure also lose domain trust occasionally and it is intermittent, making it rather hard to prove to ThreatLocker Zero Trust Endpoint Protection Platform that they really need to look at when there is a VPN in the middle of a domain controller.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for almost three years.

I do not wish to add anything else about the features or the support I receive.

Positive

I would rate ThreatLocker Zero Trust Endpoint Protection Platform a nine out of ten, but it would be ten stars if they would just get this last thing solved for us. My overall rating for this product is nine out of ten.