ThreatLocker Zero Trust Platform Reviews

We mostly use ThreatLocker Zerto Trust Endpoint Protection Platform when we install new software and any additional new features in our environment. That's why we monitor it daily as well.

We're using it for four or five clients, and they are still in the testing phase. I'd like to use it for all of our clients. It's brilliant. There's good support and transparency. We've been able to find all of the information we need about threats so we can stop them effectively.

Blocking is done comprehensively. I would say about 70% to 80% of the time, it is mostly effective. 

When we started using ThreatLocker, some of our clients experienced a high volume of installation-related tickets. However, since we moved to ThreatLocker and after utilizing the learning mode, the number of tickets from those clients has decreased significantly. 

It's easy to use, even for someone who's not necessarily in IT. They just need some knowledge of computers.

We're saving a lot of time uncovering solutions and finding threats - and time is the most important aspect.

It's very good at blocking access to unauthorized applications. If there's an unknown device trying to connect, for example, we immediately get an alert.

It helps us reduce help desk tickets by 70% to 80%. This has helped us free up IT teams for other tasks. I would estimate that it saves at least 50% to 60% of our time by eliminating repetitive tasks, allowing us to focus on different things rather than performing the same tasks repeatedly.

I was discussing with someone the other day, and it seems there is currently no solution for mobile users. If ThreatLocker can design or build something for mobile devices, that would be brilliant.

We have been using ThreatLocker for the last few years.

It is stable. Its architecture deals directly with the kernel. This makes it more secure and stable. The kernel is the heart of a computer, so it is really stable.

You just need to install the agent, and that's it. You can deploy the agent through different methods, such as through your ID, your RMM, or your GPO. There are multiple ways, and it's just a matter of installing the agent and placing the computer or device in learning mode for 21 days, and ThreatLocker will handle the rest.

I only have one example, as I only had to discuss a matter with someone from CyberHero. The interaction was extremely quick. I opened the ticket, and within seconds, I received a reply.

Neutral

We did not use previous solutions.

The setup occurred a long time ago, about two and a half years. Initially, access to the portal was limited to senior colleagues; however, for the last two years, I have had access. I have not encountered any difficulties in using ThreatLocker.

I am not very technical, however, everything revolves around time. If a solution saves time and reduces manpower consumption, then ThreatLocker achieves that. There is nothing else we can evaluate.

There were no alternate solutions. It was the only one considered.

I would rate it a ten out of ten. There is no alternative solution currently. It is the best we have right now, although some competition would encourage faster innovation. The zero-trust architecture is impressive. It is an approach opposite to usual systems. 

My main use case for ThreatLocker Zero Trust Endpoint Protection Platform is to block unwanted software that we have. There are a lot of randomness that people have on their laptops, so we get control over that and make sure they are not doing what they are not supposed to be doing.

My favorite feature of ThreatLocker Zero Trust Endpoint Protection Platform is the approval to elevate a system for an amount of time, which is a nice feature. We can say, 'Hey, we're going to let you elevate this, so if you need to run something you can do that,' without having to have any kind of in-between for IT.

The feature benefits our company by saving us time at the end of the day. If it is something that we know that they can install on their own, it is something that we do not have to worry about. We can just have them do it on their own and save us time. Overall, I am not exactly sure how much time it has been saving with ThreatLocker Zero Trust Endpoint Protection Platform, but it could save up to an hour of time by scheduling meetings to get availability and have it installed.

My impression of ThreatLocker Zero Trust Endpoint Protection Platform's Allowlisting feature in terms of managing which software, scripts, and libraries run on our devices is that it makes it easier overall to have it in a place where you can go and see it all. It is just easier for IT.

We do use the Elevation Control feature. My assessment of the Elevation Control feature's role in facilitating just-in-time administrative access for approved applications is that it is good. If there are things that we know that are safe to have, we can save ourselves time by just having them go out and install it on their own. It definitely makes it easier on us.

We have used the Ringfencing feature of ThreatLocker Zero Trust Endpoint Protection Platform, though I have not personally used it yet. I am still kind of getting into it.

We have partially used the Web Control feature of ThreatLocker Zero Trust Endpoint Protection Platform. Once we got it, we went through and blocked the extensions. There were a lot of random third-party extensions people had installed on their browsers, so we did a full block on all extensions and made people come ask about what extensions they need.

I think the efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant elements has done its job. It is good to see what they have and what they can request, and we can dig down and see what the actual extension is doing and determine if it is good or not.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for a couple of months now, probably about six to eight months. So not too long.

The stability of ThreatLocker Zero Trust Endpoint Protection Platform has been good. I have not experienced any downtime, crashes, or performance issues. Most of the issues we have had have been on our side, such as internet-based issues. Connection and everything else has been good.

The scalability of ThreatLocker Zero Trust Endpoint Protection Platform has been good. It definitely benefits us to have that extra layer of protection and to be able to be more flexible when it comes to the software and approvals.

Customer service and technical support for ThreatLocker Zero Trust Endpoint Protection Platform are good. They make it really easy to submit a ticket or do a quick chat with them to get in contact with somebody quickly and make it easy.

Positive

By using ThreatLocker Zero Trust Endpoint Protection Platform, I do not think we have looked into eliminating or consolidating any security tools or solutions yet. We are just still kind of testing it out and making sure it is good.

We have not purchased the Network Control feature of ThreatLocker Zero Trust Endpoint Protection Platform. We have not purchased the Storage Control feature either. We have the DAC Dashboard feature of ThreatLocker Zero Trust Endpoint Protection Platform, but we probably have not used it.

My learning process of applying ThreatLocker Zero Trust Endpoint Protection Platform involves figuring out how to set up the pathings for the Allowlist, knowing what to wildcard, and understanding what ThreatLocker looks for and what you need to address when you are making those approvals.

The main learning curve for me at the start was just kind of figuring out what they look for. I think once you get into it and learn it, it is pretty good and simple.

From one to ten, I would probably rate ThreatLocker Zero Trust Endpoint Protection Platform overall a nine. I would say probably just to try it out because it does not hurt to see what it is about, and more than likely they would probably be impressed by how beneficial it is for an IT team.

I am currently using it mainly for application control on our endpoints and servers.

Something that I actually really like is that it can block the file extensions for scripting files like Python. Our current tool can't do that. So if somebody had the permissions to actually write code, they could bring it in and just run it without any kind of block. I'm really enjoying that we now have more control over that.

The pre-built policies and the fact that I get notified when a user requests an application are significant. My current tool does not do that, so requests sometimes remain pending for days. 

Additionally, I really like that it can block file extensions for scripting files like Python and bash. My current tool cannot do that, so if someone has permission to write code, they can bring it in and run it without any block. I am really enjoying that particular feature.

It's easy for IT teams to use for reducing attack surfaces. It has a good UI and is easy to use. It's simply blocking items that aren't allowed, however, with the easy to use interface, it makes the process of control easier. 

We are in the process of removing other solutions. For example, we're going to eliminate ManageEngine's app control.

We expect the solution will save costs. For example, in the future, we expect that we won't have to have our IT staff waiting for 90 minutes to finish an installation of a new application or have our employees not be able to use their computer if they're waiting for that installation

It's very good at blocking unauthorized applications. We have a lot of users that don't care about security, and they will download anything that they see from any link that they're given. This helps stop that behavior.

We haven't rolled out production, although it likely will help us reduce help desk tickets. 

One of the things I would really like is the ability to create custom groups and assign machines to them. Right now, I can apply policies, kind of, however, it would be nice to have an 'all users' group and then multiple overlapping groups for application control. That would be a beneficial feature.

I used ThreatLocker for a month or two under the trial version, and I will start rolling it out to our production environment.

I do not see any issues with stability at all.

Scalability it will be fine. It seems to primarily operate on the endpoints rather than at a central location pushing out policies. This setup is advantageous as it will not take an extended amount of time to deploy things.

The customer service is excellent, ten out of ten. They have been very responsive, helpful, and knowledgeable.

Positive

I am going to eliminate Manage Engines App Control. I absolutely hate that product. It has a very unintuitive UI/UX, does not provide notifications, and takes ninety minutes to roll out any change.

The initial setup was straightforward. I encountered a minor issue where it accidentally blocked our DNS server, which is the primary financial server, while I was on vacation. Resolving it took two days. Aside from this small issue, it has been very good.

We are proceeding directly through ThreatLocker.

We will see a significant return on investment since it will reduce the downtime for users waiting for applications.

I considered alternatives. I looked at AppLocker and another solution besides the one I am currently using. AppLocker responded the fastest, and after trying it, I appreciated its UI and features.

Overall, I would rate this solution nine out of ten.

I am still learning how ThreatLocker Zero Trust Endpoint Protection Platform is used; I am still in orientation, but we mostly use it for application allowances and blacklist whitelist.

My only experience with ThreatLocker Zero Trust Endpoint Protection Platform is with the allowance and disallowance of applications, so I am still very new.

We really consolidate security tools by using ThreatLocker Zero Trust Endpoint Protection Platform, as we use some other security products as well, and ThreatLocker Zero Trust Endpoint Protection Platform is really just a big enhancement for us.

As a new person, I appreciate the Allowlisting feature of ThreatLocker Zero Trust Endpoint Protection Platform; it is intuitive, which makes it easy for me to navigate. I am getting more experience with it, but so far it has all been positive.

The allowance application is important for our company because it really allows our clients to control what is in their environment without having to constantly audit, which is beneficial.

My assessment of the Elevation Control feature's role in facilitating just-in-time administrative access for approved applications is that it is excellent because it is easy; you can do approvals live, which is quite quick. You do not have impatient clients waiting for approvals for a long time, or you do not have to go through a whole process. As long as we have a process on our end to vet these, or if it is already something we know about, it is easy to do without stressing out our client.

ThreatLocker Zero Trust Endpoint Protection Platform has helped my company save on operational costs or expenses because it allows our techs to be much more efficient. If we have already whitelisted products, we do not have to spend time on the phone with the client or a ticket every time for a similar application. We can approve it by policy or provide a quick approval or temporary approval, and our team can move on. It is efficient on both ends for the client and for us.

It could be anywhere from saving fifteen minutes to, if it is an application we have vetted a couple of months ago and it took an hour, when we have a company that needs to install it on a bunch of machines, we can whitelist it, saving ourselves that much time every time.

From my experience until now, I think ThreatLocker Zero Trust Endpoint Protection Platform can be improved by constantly making sure to keep up with the development of new threats every day. As long as ThreatLocker Zero Trust Endpoint Protection Platform is keeping up with that, it gives me the confidence that I can deploy it to my clients.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for about three months.

I have not experienced any downtimes, crashes, or performance issues with ThreatLocker Zero Trust Endpoint Protection Platform.

From my experience, ThreatLocker Zero Trust Endpoint Protection Platform scales well with the growing needs of my company; we already have a lot of clients in there, and I have not seen any issues with scaling or adding clients. I have added a couple since I have started and I think it is excellent.

I have insights for ThreatLocker Zero Trust Endpoint Protection Platform to work on when training new people, particularly that I really appreciate how the training modules are laid out; it is really easy to navigate and they are not in huge chunks. I appreciate it because it is something I can do between tasks throughout the day and kind of chip away at it, which I really appreciate.

My advice to other companies considering ThreatLocker Zero Trust Endpoint Protection Platform is to go through the training so you fully understand it; you can make sure that you are serving your client the best you can with the product. It is a very powerful product.

My main use case for ThreatLocker Zero Trust Endpoint Protection Platform is the full platform. I use the full platform in my daily work within my organization with application control, network control, security control, and I utilize the Cyber Hero offer.

The best features ThreatLocker Zero Trust Endpoint Protection Platform offers is that the entire platform is perfect. It is very user-friendly and helps us manage our endpoints easily. The parts that stand out for my team are elevation, password rotation, and application control.

Regarding the features, I would add that response time is quicker, there are fewer problems on problematic end users, and there are fewer weekend calls.

ThreatLocker Zero Trust Endpoint Protection Platform has impacted my organization positively overall, with approximately 99% positive and 1% negative impact on people who are accustomed to having local admin rights, but since it is a security risk, it helps us in the long run.

I see measurable improvements in security incidents and operational efficiency, and it gives us one pane of glass to see all of our clients at once. We can see endpoints, observe what is going on, and we see what is red and what is green.

ThreatLocker Zero Trust Endpoint Protection Platform improves every day on its own, so I have no complaints regarding how it can be improved. I do not want to add more about the needed improvements, even if it is something small or a wish list item for the future.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform since 2019, and I started using the endpoint protection two and a half years ago.

The Network Control feature impacts my ability to manage network traffic across my endpoints and servers by giving us a small problem, but now it is stable with the new build. The main issue I experienced with Network Control before it became stable was related to the network control itself. The platform and the user were good.

By using ThreatLocker Zero Trust Endpoint Protection Platform, my organization eliminated three security tools: Blackpoint, Huntress, and SentinelOne. Consolidating those tools with ThreatLocker impacted our operations as we have fewer portals to view.

I have not seen a return on investment yet, but there is a small amount of time saved because of fewer dashboards.

My experience with pricing, setup cost, and licensing is that they made it very easy to implement with them and gave us time to pay it off.

I do not have anything else to add about how I use ThreatLocker Zero Trust Endpoint Protection Platform, perhaps something unique to my organization.

It is difficult to identify which security and configuration settings need fixing using the DAC dashboard since we do not use the DAC dashboard yet. I do not assess the efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites because we do not use Web Control.

I use the Ringfencing feature with ThreatLocker every day. The Network Control feature impacts my ability to manage network traffic across my endpoints and servers by giving us a small problem, but now it is stable with the new build. The main issue I experienced with Network Control before it became stable was related to the network control itself. The platform and the user were good.

I use the Elevation Control feature in ThreatLocker every day, which facilitates just-in-time administrative access for approved applications. I appreciate the Storage Control feature being locked down and controlled through us, and no one can infiltrate and take our data. I have given this review a rating of 10.

When we assessed application whitelisting and ringfencing controls, we decided to sign on with ThreatLocker. The way we operate our business is that it is deployed across all our clients. Once we identified the benefits of application whitelisting, we knew it belonged in every client's setup, and we implemented it for all our clients.

When we adopted ThreatLocker Zero Trust Endpoint Protection Platform, there were frustrations among clients as everybody was learning and getting used to it. We were learning how to administer it, and our customers were learning what it was, but it ended up becoming a fantastic thing where we now get referrals from our customers to other companies. Over time, it transformed into a positive experience, leading to customer referrals and advocacy for ThreatLocker. Although some clients overstate it by claiming it makes them ransomware-proof, the product's impact is undeniable. The contributions of Ben and Garrett were pivotal in this success, resulting in enthusiastic customer recommendations.

It has not helped eliminate or consolidate any security tools or solutions. We do not see ThreatLocker as a replacement for any of the current base functionality of existing tools; we see it as augmenting it. We see it as something that is important to have. One of the philosophies at our company is that we do not believe there should ever be an all-in for any security product. There should always be a check and a balance in place. One of our main checks on ThreatLocker is Huntress, so we use them in combination. It is something that maintains a balance. They are not overlapping by any means. Even though ThreatLocker has an MDR product now, we are electing not to use it because we want to have a separation and those checks and balances in place.

We initially anticipated a reduction in ticket hours through elevation control, but rather than a decrease, over the years, the nature of the tickets changed. Instead of broad, permissive policies, we now focus on diligent policy creation, accompanied by an increase in technical costs. I do not see that as a negative. While it increased our overall technical costs on an average basis, the benefits that come with it make it completely worthwhile and something that I would recommend to every MSP.

It has not decreased help desk tickets. It has changed the nature of the tickets, and that is not a bad thing. It means that we are using ThreatLocker properly, and we are not making broad sweeping policies that are overly permissive. It requires us to do our job a little more diligently.

It has increased our operational costs, but it is entirely worth it to increase those operational costs.

It can block access to unauthorized applications. It is very dependent upon the implementation and the access that is allowed. If you are giving this to your technicians without the appropriate training, it can be dangerous and not helpful. It can be a false sense of security, but if you implement it properly and are willing to make the investment in training your team properly on how to manage ThreatLocker, it is fantastic.

It has changed what our IT team is working on. Instead of working on old-style things, such as GPO or CryptoLocker policies and reviewing enforcement and deployment of that GPO and linkage, they are now spending their time reviewing policies within ThreatLocker. There is a shift in focus, but it is far more worthwhile. Every hour that has been replaced with ThreatLocker time is a much more effective use of their time.

Application whitelisting is significant, though it may seem obvious. What sets ThreatLocker apart from competitors offering similar solutions is ringfencing. The ringfencing controls, along with the application elevation features, keep it out of the user's line of sight while still protecting them. This protection is unobtrusive but effective, as users are protected without their awareness. 

I find that the learning mode is too accessible. Technicians sometimes default to it instead of manually building policy controls. I would prefer the learning mode to be harder to access, ideally hidden behind a layer that requires creating at least one policy first before using the learning mode as a supplement. 

Because of the accessibility of things like the learning mode, it moves towards defeating the purpose. The level of learning and the processes required to use ThreatLocker properly is high. You require a very high-tech person to truly understand its in-depth nature. We have tried it with our junior techs, and they just default to throwing learning mode on everything. It is too easy and allows techs to push through things that they should not. When you are using it properly, it has a high learning curve and a high difficulty level.

It requires quality-of-life enhancements from an administrative perspective. Currently, there is a strong technical focus but less emphasis on the business aspects, such as billing and portal administration.

I believe we have been with ThreatLocker for about three years.

The platform's stability is solid, but I have concerns over their rapid expansion into areas like the endpoint solution acting as an EDR. They might be trying to become an all-in-one solution instead of focusing on their niche of augmenting other solid solutions. Companies like SentinelOne and Huntress have strong offerings, and ThreatLocker excels in complementing them instead of competing directly.

It is quite scalable. This scalability is partly due to our implementation strategy, where every client receives it without exception.

It has been fantastic. The feedback from our technicians working with Cyber Heroes has been positive, and my experience with our account managers, Ben, Lansard, and Garrett, has been exceptional. The service has been outstanding.

I would rate their customer support a ten out of ten.

Positive

We had no application whitelisting platform prior to ThreatLocker.

The agents are on-premises. The deployment of ThreatLocker agents has been very smooth and clean. Our challenge has been the maintenance of the accounts. As devices go offline and are retired, there are no automated falloff methods, and that has caused some challenges for us.

We had a sales engineer provided by the ThreatLocker team to assist us. I want to specifically acknowledge Garrett, our second sales engineer, who made the product work effectively and built our trust and confidence in ThreatLocker.

It is less about a tangible dollar return on investment and more about risk management and peace of mind for both our MSP and our clients. Feedback from technically inclined clients indicates that having this solution in place allows them and their teams to feel secure, helping us all sleep more soundly at night. For an MSP, it has been one of the most effective solutions.

We have encountered a few challenges regarding pricing, contract renewals, and additions. As we explored adding features like Cyber Hero, it proved to be an increased expense for our clients. This was primarily a mistake on our part due to how we initially priced it to clients. After conversations with other partners, it became clear we underpriced it initially, which caused most of our issues, rather than any fault with ThreatLocker.

We evaluated multiple solutions beforehand such as SentinelOne, CyberFOX's AutoElevate solution, and others. We evaluated these options before adopting ThreatLocker and continue to reevaluate them annually, but ThreatLocker has consistently remained in our stack because they do it right. ThreatLocker stands out because they understand application whitelisting and elevation controls deeply, addressing real issues effectively.

A lot of companies get into application whitelisting and elevation control, but they lack a true understanding of the real issues and how to properly address them. ThreatLocker does a great job of knowing what they do well, and in a good way, staying in their lane and excelling at what they do. A lot of the other people who have similar products either are vastly overpriced or try to do it all. When you try to do it all, you end up not doing it all well. ThreatLocker excels in knowing its strengths and not overextending.

I would rate the product a nine out of ten. More emphasis on the business aspects, such as billing and portal administration, would push the rating to a ten.

Our main use case for ThreatLocker Zero Trust Endpoint Protection Platform is to protect our Linux endpoints.

The feature I prefer most about ThreatLocker Zero Trust Endpoint Protection Platform is the default deny because our endpoints are mirror machines, and we do not expect any behavior other than the expected. Blocking everything by default is the best solution that we found in ThreatLocker Zero Trust Endpoint Protection Platform.

ThreatLocker Zero Trust Endpoint Protection Platform benefits our company because we can be secure while remaining relaxed, as we are only expecting normal behavior and nothing unusual. Every action that is not expected will be locked by default.

My impression of the allow-listing feature in ThreatLocker Zero Trust Endpoint Protection Platform in terms of managing which software, scripts, or libraries run on our device is that it is amazing because we can block everything and only allow the things that need to be executed to work. It is a ten out of ten for us.

We use the Ringfencing feature. I would assess the impact of the Ringfencing feature in controlling the behavior of approved applications as perfect, but I do not know how well it performs overall because we do not use it extensively. We only use it for one application, and it is only to control which server it connects to.

ThreatLocker Zero Trust Endpoint Protection Platform can be improved by making the installation easier. We have one policy applied for all devices, and that policy was created for the first device. Since they are mirror machines, we can copy and paste the policy on all machines, and we do not need to do a manual deploy for each new device that we add to ThreatLocker Zero Trust Endpoint Protection Platform.

One thing I would improve in ThreatLocker Zero Trust Endpoint Protection Platform is the time it takes to apply a policy. Although it is very short, it can be improved. Additionally, I think there should be more options for Linux distributions because I am a penetration tester, I use Kali Linux, and it is not available for Kali Linux. I need to execute some tricky commands to be able to install ThreatLocker Zero Trust Endpoint Protection Platform on my machine, and I think this is something that needs improvement.

I have been using ThreatLocker Zero Trust Endpoint Protection Platform for the last two months, and we are very new to it.

Regarding the reliability and stability of ThreatLocker Zero Trust Endpoint Protection Platform, it is a ten out of ten. I have never experienced a problem or downtime with ThreatLocker Zero Trust Endpoint Protection Platform, and everything runs correctly.

ThreatLocker Zero Trust Endpoint Protection Platform scales well with the growing needs of our company, and we are planning to expand the usage, so I think it will be expanded.

I did consider other solutions before choosing ThreatLocker Zero Trust Endpoint Protection Platform. We considered Huntress, but it was not very accurate for our solution.

We were thinking of a solution based mostly in Linux, and Huntress is more for Windows. The principal device was a Linux machine, so we decided to select ThreatLocker Zero Trust Endpoint Protection Platform for that.

This is my first experience with a solution of this kind in this area. I do not use the Network Control feature. I do not use the Elevation feature. I do not use the Storage Control feature. I do not use the DAC Dashboard. I do not use the Web Control feature. I would rate ThreatLocker Zero Trust Endpoint Protection Platform a nine out of ten, only because it does not have compatibility with Kali Linux. My advice to other companies considering ThreatLocker Zero Trust Endpoint Protection Platform is to use it and create great policies because it is amazing.

I use ThreatLocker at a bank and at a trucking company mainly because one has been hit with ransomware a few dozen times, and for the other, we just wanted to ensure it never got hit. It has actually stopped threats in their tracks at the trucking company. We haven't had a problem yet, so thankfully, nobody randomly clicks on things. 

At the other company, there are 300 employees in a warehouse, and only two of them are computer literate, so they click on everything. It has been very helpful in reducing the madness that comes with phishing and random malware or ransomware.

ThreatLocker has been excellent for reducing the issues with ransomware and malware, keeping end users in check, and ensuring they have to request access for certain actions. This process involves verification for necessity, particularly when considering VPN bypasses.

The application control has been great so far, and while I am still exploring the network access controls, I unfortunately don't have access to one module I would love to have due to licensing restrictions. 

It's easy to use in regard to reducing attack surfaces. For me, it's a piece of cake. We can have something approved within 30 seconds, thanks to the mobile app.

We haven't eliminated security solutions. We just add to it, and ThreatLocker has been a great addition. We also have Kaseya and ThreatLocker as a supplement to that. It's useful. They have overlap, and we look at the overlap as a good thing.

It's helped your organization save on operational costs or expenses by ensuring that many fewer hours are spent dealing with ransomware nonsense. I cannot count the amount of hours that I personally have not had to put in to recovering an environment from a ransomware event. The last big one took us about three weeks to completely recover from. Since we've grouped ThreatLocker in, the management of that whole setup has gone down to just daily help desk tasks and general server maintenance instead of having the whole system on fire. There are probably thousands of hours of saved time between our teams. It's been great so far. 

ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications is great. It's my biggest protection, the blocked applications. In a lot of cases, you go to install something yourself that you need for management, and it comes in and says, nope. And then I have to log into the portal and approve it. I get our other guys saying, hey, why are you trying to approve something? Any of the tools that I'm using on a day-to-day basis that haven't been in the environment during the whole learning mode initially, I could go through and set extensions and all that. So, while it's a headache on that end, the amount of saved time I can't even count. It is a little frustrating on my end since I like to go as quickly as I possibly can, and it slows me down. However, that's a really good thing.

Depending on the site, it can save a lot of time and cut down headaches. It's likely saved a week's worth of time. 

It's cut down the amount of sever help desk tickets. Those have become minimal. 

Identifying areas of improvement is challenging, however, perhaps adding a few more built-ins could help. There are items updated a couple of times a year, especially in the banking industry, where some applications could benefit from built-ins. While it's understandable why they aren't available, manually building rules and adding hashes takes extra time. Some built-ins are reportedly in progress and should eventually be available.

Unfortunately, I lack access to one component due to licensing requirements, however, it is what it is.

I have used the solution for almost two years now.

I have yet to encounter any problems with it, apart from end users complaining that they can't install whatever they want, which is exactly the desired outcome.

I have not had any issues at all. At one site, I started off with just the servers, and within a month and a half, I set up the entire company with ThreatLocker. I expanded from maybe ten to fifteen initial installs to well over one hundred in two weeks. It was super simple.

I joined a conference call with a colleague and asked a question. The detailed explanation provided by the representative was impressive, showing features I was unaware of. It encouraged me to explore the training materials in ThreatLocker University. 

Neutral

I have been researching various options, and if I remember correctly, Kaseya recommended ThreatLocker. I have contacts at Kaseya, and there are ongoing discussions about new solutions. The suggestion to try ThreatLocker led us to run a trial, initially planned for thirty or ninety days. However, within two weeks, I decided to license it for the entire company due to its impressive performance.

The initial deployment took me about a day to figure out how to do the initial deployment correctly and it has been solid since. In terms of implementation, I have no complaints at all.

We've got data RMM that we can use to push it out. We can use the VSA RMM to push it out. We can push it via GPO. So it's super easy to do. The only time we have to manually install it is on systems that we haven't plugged into a network yet.

The return on investment is significant as I am now recommending it to all our clients, even those with just one or two servers. It keeps malware, Trojans, and ransomware at bay. It is a worthy investment, reducing management headaches and cutting down on hours for minimal investment.

We probably looked at about a dozen options.

Overall, I would rate it probably a nine out of ten. I don't like to give a perfect score if it doesn't directly benefit someone within the company. It should be a ten since I've had no problems with it, and it is as rock-solid as expected. 

The time saved from dealing with ransomware nonsense is invaluable. We spent about three weeks recovering from the last significant attack; however, since implementing ThreatLocker, management has been reduced to daily help desk tasks and server maintenance, saving our team thousands of hours.