Airlock Digital Application Control Reviews

We use Airlock Digital Application Control for endpoint management, for protection and management of shadow IT, not in a punitive sense, but if we find people trying to use unapproved software, we try and point them to approved software to minimize our risk profile while maximizing the value. We call all of our employees owners, so when I say owners, that is what I am talking about. For our owners, for example, at one point, BioCryst had 74 different zip tools in their total environment, and by getting it down to one, we reduced license costs, we reduced the risk profile from having lots of different unpatched software. We got all of them up to date, so we were no longer running out-of-date software, and the experience for our owners was better, and the protection for the enterprise was better.

With Airlock Digital Application Control, we have to make sure the versions on the endpoints are up to date, but that is managed as part of the tool. We do tracking and reporting to make sure that all of the systems are up to date, and there are occasional requirements where something broke on an endpoint, and we have to manually reinstall it. But we had 800 endpoints all told, and I think we had to reinstall it less than 20 times manually, so it was not exactly common. But because we could feed the reporting into Splunk, it was easy to catch because Airlock Digital Application Control is not stellar necessarily about giving you a good report that says this machine has not checked in in a timely manner because their window is too small, and it is not really adjustable. Some of our salespeople might not turn their laptop on but once a month. Once it had not checked in for 72 hours, it just stopped doing anything. But we could see in the Splunk instance when their version got out of date, and the reporting, even though we got the data from Airlock Digital Application Control, was easier to do in Splunk. Then we would say, this one is five versions out of current, and our current is two versions off of latest. Then we would see if Airlock Digital Application Control could update it internally, and if not, we told the help desk to go manually reinstall Airlock Digital Application Control. That got it back up to date, but since it is a SaaS product, there was not server maintenance or anything we had to do.

What I like the most about Airlock Digital Application Control is that when I first joined BioCryst, they had an existing relationship to deploy Carbon Black, and Carbon Black was such a screaming nightmare because they got sold and resold and acquired six times in 14 months. So they did not know whether to scratch their ass or wind their watch, so it was kind of crazy, and their service was abysmal. The tool was still the bleeding edge of 1997, had not been updated since; it just kept getting sold. Airlock Digital Application Control is taking that Carbon Black concept, making it cloud-based, making it much more dynamic and scalable, and more reactive in terms of the reporting. Does it still have some growing pains? It does, but even on its worst day, it was head and shoulders above Carbon Black, even though at the most granular level, they did essentially the same thing, but things that we would try to do in Carbon Black would just crash in Carbon Black, and you could do in seconds or minutes in Airlock Digital Application Control.

It handled the scale with very rare exceptions; every once in a while, you would catch them when they were doing an update or something, and it would hang, but I could count that on the fingers of one hand in two years, where I could not tell you how many times a day Carbon Black was crashing because it was well into the dozens. It actually performed better. It had better granularity in reporting because we used Splunk as our SIEM for data aggregation, and it was able to set up direct data feeds, and as the environment changed, those data feeds updated. So it worked very well in a centralized reporting and tools environment, allowing us to better leverage that risk protection. We did not necessarily watch Airlock Digital Application Control every second, but we had a SOC that could run queries against that data and compare it to our CrowdStrike data and compare it to our Zscaler data and some of our other firewall data and see what was going on and where we may have opportunities for excellence.

What I dislike about Airlock Digital Application Control is that the whole endpoint management concept as implemented there is silly, and they need to have a better flow so you can appropriately do that type of work at the access control layer, not at the machine layer. If you simply take local admin away from everyone in the company, it is a way of taking local admin away without telling people you are doing that, and I think that is kind of silly. But the biggest challenge is the tool does not let you migrate information between groups, and its export function is not stellar, though it is markedly better than it was when we first started with it. If I built a group and we grew and we decided we need to change how that was organized, I had to take a buttload of screenshots to capture all of the information because there was not a way to migrate them into a new structure. That is one of the things they are working on, and it was due to be released soon, and I got laid off about eight weeks ago now, so maybe they have released it now. But that was a pain because there was no way to export it, even as a CSV, and that was annoying because it did not screenshot easily.

I have been a customer for about two years.

I have paid for enhanced support, so we have a weekly call with a technical success manager, and I have never had to call support; I called him.

The support from Airlock Digital Application Control was excellent. I am drawing a blank on his name because we had two of them, but they were top-notch. It took a little while to get the second guy up to speed, but that is normal. We had been working with the first guy for about 10 months at that point, and he got promoted; good for him. We got the new guy up to speed, and once he understood what was going on with our environment and everything, it was great. Having that regular cadence, when we had extra questions, he always responded within a timely manner. From my perspective, it was not the kind of tool that you regularly had to have an instant response, but it was rare not to have a response by the next business day, and typically we got something the same day unless I sent it at about 6:00 at night.

If I were to put their support on a scale from 1 to 10, I would give them an 8. It is not that there was any fault of the support person we had, our technical contact; it is just sometimes things that we wanted as baselines had to go into the development pipeline. He was a good advocate for us getting those into the development pipeline and giving us links so that we could go into the tool that development used to track it, so we could go in and all vote for it to bump it up in the priority.

The initial deployment of Airlock Digital Application Control was just an Intune push, and it was pretty easy. We already had a centralized management tool.

I thought the pricing for Airlock Digital Application Control was good. I was the one that negotiated the contract and was actually successful in suing Carbon Black and getting all of our money back, and then working with Airlock Digital Application Control to get a multi-year contract within that budget. They are much more cost-effective than Carbon Black, both just in terms of the flat pricing and then what you get for the pricing. We did pay extra for some of the customer service support, but it was an excellent investment to get the best return out of the environment, fast.

Airlock Digital Application Control has helped me to prevent malware within our systems. The policy change history feature did not exist when I started, but they had auditing; that is part of the policy change history. We did look and see, if something happened, who did it, so we did use the auditing.

I have indeed had experience with the bidirectional REST API; that is how Airlock Digital Application Control updated itself and updated the dashboard. We played with that a lot, especially when we were first setting it up, but once we had the key set up, it worked pretty well.

The single SKU licensing model has not affected our organization's budgeting and resource allocation for the application control. What we had was not technically one SKU because we had one SKU for the service and then we had one SKU for the support. But it is not a tool that is so granular or so fractional that you need a bunch of other SKUs. It is kind of binary; you either buy it or you do not. You either buy support or you do not. It is not like Oracle or SAP where there are 12 billion subcomponents that you have to buy individually and track, so you do not need a billion SKUs or a Microsoft SKU-of-the-week model.

If I am looking for that type of tool in another environment, I am going to reach out to them. Overall, I give Airlock Digital Application Control a solid 8.

I use Airlock Digital Application Control as part of my role in the security team managing endpoint controls and broader defensive measures. I have been working with the product as part of strengthening our application control strategy, mainly around policy design, fine-tuning, and making sure it fits business requirements without causing too much disruption.

I appreciate several aspects of Airlock Digital Application Control. What I appreciate most is that it enforces discipline in the environment. It aligns well with least privilege principles because only approved software runs. That alone removes a large category of risk that traditional reactive tools still have to chase. The organization I am working with currently uses a variety of software and applications, and thus it becomes even more necessary to have a robust mechanism to safeguard our assets. Airlock works very well in this regard.

I feel that with respect to Airlock Digital Application Control, the upgrade process is very straightforward and simple. There is no downtime required. If they roll out a new version, it is easy to upgrade to the latest version without any reboot. There is no downtime required to upgrade Airlock Digital Application Control to the latest version. This is something I really appreciate.

Another aspect I can think about is clear audit visibility. In Airlock Digital Application Control console, you are able to get a log of everything. Even if I log into the console, there is an audit that a user, Mahesh, has logged in. If someone has added some hash or any kind of whitelisting has been done, everything is recorded. I have clear audit visibility.

The most valuable part is the centralized policy management. I can have a centralized policy in place to support a list of servers. For example, I have a policy in place to protect all my workstations. Then I have a separate policy to protect my UNIX workstations. Similarly, a separate policy for Windows Server. I have centralized policy management, and it becomes very easy with respect to Airlock Digital Application Control in this regard.

The proper governance and control that Airlock Digital Application Control provides helps to improve auditability and governance over our policies. I am working with a government organization. Here we have multiple teams using their own kind of software and applications. The problem is that without proper governance, there is a chance of data leakage or any threat entering into the network, as they all use their own kind of software and USB keys. With Airlock Digital Application Control, we have proper governance in place because by default, everything is blocked. We follow the policy of zero trust. Anything which is not known is completely blocked. We ensure that only the approved software is currently allowed. We also ensure that the baselining is in place. When we use different operating systems, like Windows workstations or any kind of Windows versions or Linux versions, we ensure that the operating system is baselined, which helps to stop a lot of unwanted noise. With this, we manage the entire infrastructure.

There are a few areas of Airlock Digital Application Control that I would like to see improved or enhanced in the future. The first thing is that the new version release schedule is quite repetitive, deploying a new agent within a couple of months. This makes it difficult for us to keep in touch because we have a controlled environment, and everything must be done via change management. We cannot upgrade the server or stay up to date with the latest version all the time. Airlock Digital Application Control should release updates but also provide ample time for organizations to adapt to the latest version.

The second area for improvement I think about is regarding the workflows. The workflows require careful tuning during initial rollout, especially in dynamic environments like what we have.

My impression of the granular policy control offered by Airlock Digital Application Control is that it can still be improved. Granular policy control is much better for control and application. For metadata rules to work, all endpoints must be on a particular version or higher. Unfortunately, in our environment, we do not have all machines using the same client version, which becomes a problem. If you go to Airlock Digital Application Control, they have an answer that the best thing you can do is use the granular policy if you have all agents and endpoints on the same version. That is something we need to work upon. Granular policy is much better to control and apply, and this is my experience.

I've been using it for the past one and a half years.

When it comes to stability, I have experienced some issues with Airlock Digital Application Control in the initial versions. In the initial versions, there were issues with memory leaks. I am talking about the versions 4.8 to 5.1. Those versions had a known issue of memory leaks, which caused performance issues. However, after they rolled out 5.2.2, these issues were completely resolved, and since then, Airlock Digital Application Control is working quite well.

I find Airlock Digital Application Control very scalable. I have not seen any issues with the scalability because we have more than 20,000 endpoints, and it is working excellently. We have not faced any issues.

The technical support and customer service teams of Airlock Digital Application Control are quite good. If you ask me to rate them between zero to five, five being the best, I would give them a rating of four. The reason being that the moment you log a case with them, they reach out to you within a short period. They are always happy to come on a call. When you speak and share the problem you are facing, you can troubleshoot things much faster than via chat or email. They are always available on call, which really helps. That is why my rating is four for the support team.

Positive

Before Airlock Digital Application Control, I worked on ThreatLocker for some time. Before this organization, I was working as a security analyst in one of the banks. I had the chance, as part of the job rotation, to work with the SOC for a few months. There, I had a chance to work on ThreatLocker. However, I did not get as much exposure to ThreatLocker as I am currently getting with Airlock Digital Application Control.

I was indeed involved in the initial setup of Airlock Digital Application Control.

My experience with the initial setup of Airlock Digital Application Control was quite positive. With respect to the rollout, I would say there were not many challenges because we properly planned the entire deployment. We had apprised all stakeholders about what this product is going to do and what issues to expect once installed across all servers and endpoints. Since we took the right steps, the rollout was quite simple.

Once it was rolled out, the application team and the users faced issues, so we had to train them initially on what can be done and what needs to be done from their end. The first few months were a bit difficult for us due to many calls, tickets, and inquiries. However, once users understood the functionality and how Airlock Digital Application Control can work, things streamlined after a few months, and then everything became easy for us.

Utilizing Airlock Digital Application Control does help to prevent malware within our systems to some degree. We have something called defense-in-depth. The good thing is that because Airlock Digital Application Control works on the principle of least privilege and it works on the principle of zero trust, any new hash or software is by default blocked. This definitely helps. Since we have defense-in-depth, in case something or a threat does enter into a network, we can control it. If Airlock Digital Application Control is not able to detect it, we have different measures in place to control the malware and protect our organization.

Airlock Digital Application Control brings many main benefits to the table that help improve the way the organization functions. One thing I have noticed is that because Airlock Digital Application Control blocks everything, we must keep all the different teams together and make them understand usability. When things are blocked, if they upgrade an application, it gets blocked by Airlock Digital Application Control. We have to tell them this is very important because anything unknown will be blocked. There is an option called OTP. Using OTP, you can block, enable, and allow Airlock Digital Application Control to work. This has been a pain point for us because if a user has the ability to enable OTP and bypasses it, that negates the use of Airlock Digital Application Control. Recently, as part of the improvement measure, we have disabled the feature of OTP for users, so they cannot enable OTP at all. If they want to test an application, definitely Airlock Digital Application Control is going to block it. We have integrated Airlock Digital Application Control with our ticketing tool, ServiceNow. When a user wants to enable OTP, they must submit a request that will by default go to the manager for approval. The request comes to us, and via automation, once the request is approved, the OTP is enabled from the console, allowing that particular machine to test and run the application without issue. This is something we have worked upon.

In terms of integration and automation with Airlock Digital Application Control, what we are doing here is in the case of automation. We rely on different infra teams, like the UNIX team and the Windows team for the upgrade of the agents. What has helped is that from the console, we can perform the entire upgrade of the endpoints. We do not have to rely on the UNIX team or the Windows team because that adds to the delay based on their availability. With this automation feature from the console, after having the change approved, I have the complete control to automate and select the list of servers or machines where I want to upgrade the agents, and this is how it goes about. Automation is really helping us with this.

Based on my experience with Airlock Digital Application Control, I would share a piece of advice with organizations considering it. The first thing I would say for any organization wanting to implement application control whitelisting is to understand the business requirements first and whether this product will meet their needs. Secondly, they must follow a proper governance mode and thorough change management process because you cannot just update or roll out on the fly. If you are going to deploy this particular product in your environment, have the plans in place, take all teams into confidence, and then definitely things will work fine. I would give Airlock Digital Application Control a rating of eight out of ten based on my overall experience.

I primarily use Airlock Digital Application Control for application control.

The best features of Airlock Digital Application Control are that it is easy to use, deploy, and manage.

Airlock Digital Application Control absolutely helps prevent malware within our system, and that is tested as well. We use other systems to test it.

The policy change history feature helps us improve our auditability and governance over policies by allowing us to report to our auditors if they have any questions about how we use it and what we do with it. It also helps us keep track of what is going on in the environment on both desktop and server levels and cloud levels. It also gives us assurance that it is working as we expect.

Regarding areas that might have room for improvement, I honestly do not have anything. I have not really thought it through, but I cannot think of anything that really needs to be improved at this stage, not from my perspective. I would have to talk to my cybersecurity coordinator to confirm, but he has never complained to me about anything, and it has always worked very well. So at this stage, do not change too much. It is a good product that needs to keep track of technology, but you have to keep that in check.

As for the clarity and speed of the new user interface compared to the previous one, honestly, to me it is no different. I am not really finding it to be any different. It is good, but it is no different from what it was previously as far as efficiency is concerned. It seems fine.

I have been using Airlock Digital Application Control for approximately five years.

The stability of Airlock Digital Application Control has been excellent, and I rate it a 10. There has been no downtime, bugs, or glitches.

As for scalability, I rate it a nine.

Regarding the technical support from Airlock Digital Application Control, I do not know because I have never had to use them, but I am going to say nine because I just do not know. As far as I understand, we have never had any issues, and I think the issues we have had have been resolved quickly.

When comparing Airlock Digital Application Control with other solutions or vendors, I do not think there is any other peer on the market that I could find. At the time we went to Airlock Digital Application Control, the only solution available was the Microsoft version, and it is just not even comparable. The Microsoft application whitelisting product is rubbish. Therefore, Airlock Digital Application Control was a no-brainer for us.

The policy change history feature helps us improve our auditability and governance over policies by allowing us to report to our auditors if they have any questions about how we use it and what we do with it. It also helps us keep track of what is going on in the environment on both desktop and server levels and cloud levels. It also gives us assurance that it is working as we expect.

When it comes to the deployment of Airlock Digital Application Control, it is easy, and it took us a couple of months. I only have a single cybersecurity coordinator, and we were just working with it. The reason it took a couple of months is that we wanted to let it run in audit mode first, check that we got it right, and then we deployed it slowly over time to ensure we got it right. If you get it wrong, Airlock Digital Application Control being an application whitelisting product can really cause a lot of problems. So you have to get it right the first time, but we found it very easy to deploy in that regard. It makes it very easy to understand what you have got right and what you have got wrong, and then you can deploy easily. It took us a while, but I would not say it was excessive.

We are not using the bidirectional REST API.

Regarding the return on investment from Airlock Digital Application Control, I think certainly there has been ROI, but it is a bit of an intangible question only because of the nature of the product. The return on investment is that in five years, we have never had a breach or a malware event that has been a result of Airlock Digital Application Control, or at all, honestly. I think Airlock Digital Application Control is part of that solution, which means that we have had a significant return on investment. It is just unrealized because we have never had an infiltration because of it.

As for my thoughts on the pricing of Airlock Digital Application Control, I think for the quality of the product, it is fair. It is certainly a fair price for what it is; it is not excessive. I would think it is quite a reasonable price for the quality of the product. It is a good quality product that always works, and I do not think it is overpriced in any way.

Having used Airlock Digital Application Control for five years, I honestly do not directly use it every day, but it does seem that my team does not complain about it. They are very happy with it, and there has not really been much mentioned to me about the features and what has been enhanced. We have not had enhancements that have made a significant difference to us day-to-day. At this stage, it has been a very solid platform that has not changed too much over the years, honestly, and it has been very reliable. I think that is part of the reason we appreciate it; it does not change in excessive amounts. The changes are incremental and easy to track, so we are not too concerned about when it changes.

My impressions of the granular policy control offered by Airlock Digital Application Control are that it is very flexible and can be used in many different environments. That is one of the things we have loved about it; we can deploy it in different environments. We categorize our servers and set up policies based on different categories of servers, and that has worked out quite well.

My advice to others looking to implement Airlock Digital Application Control would be to read the documentation, work with the support team, and deploy it. I think it is a great product.

I rate Airlock Digital Application Control a nine overall, as it is a great product.

To make the solution a 10, we could consider more AI, a better interface, or pricing. It is hard to give a 10 out of 10 because I think there is always room for improvement. The interface is good, but it could be improved a little more, becoming a bit more intuitive. Overall, it is fine, but maybe to go from a nine to 10 out of 10 could be some slight tweaks on the user interface.

Airlock Digital Application Control is used for application control as part of meeting the New South Wales Essential Eight program. It assists in preventing malware, and in the time we have been using it, we have only had one detection where it picked up a malicious file, which demonstrates strong performance.

The connectivity with InTune is exciting because it automatically pre-approves applications from the InTune library, which means I do not have to update the system as frequently. The console is also excellent and very clear to understand.

Airlock Digital Application Control helps with our cybersecurity posture and maturity by allowing us to lock down a user environment with only approved applications. It stops other applications that are not approved from running, without requiring traditional administrator access to install or run them.

Airlock Digital Application Control has room for improvement in detecting and setting a standard environment when updates for programs are released. A better way to detect when we have approved programs but their updated versions also need approval would be helpful. As a very small cyber team, we continually look for efficiencies we can gain.

I have been working with Airlock Digital Application Control for three to four years.

I would rate Airlock Digital Application Control a 10 for stability. We have had no stability issues with it. Any stability issues we have experienced are the result of us blocking the wrong application, which is not the product's fault because it works as advertised.

I would say the scalability of Airlock Digital Application Control is a 10. Scaling from 150 to 180 to 220 users has not presented any issues.

I would rate the technical support from Airlock Digital Application Control a 10. There has not been anything we have asked that they have not been able to solve for us. The recent upgrade process was very easy.

Airlock Digital Application Control is pretty easy to deploy and work with. We do not perform manual deployment of it. It is baked into our mandatory InTune Standard Operating Environment, so deployment is just updating the client to newer versions occasionally.

I see about a 50 to 60 percent return on investment with Airlock Digital Application Control, not just financially but in terms of saving resources and time, especially when comparing it to other application whitelisting solutions that are much more involved.

The pricing of Airlock Digital Application Control is adequately set. We have budgeted for it, and it is one of our more significant line items, but we have the budget for it.

The single SKU licensing model of Airlock Digital Application Control has made budgeting and resource allocation easier because there are not as many components. We can have it as a single line item for however many licenses we have.

I compare Airlock Digital Application Control very highly to other vendors like ThreatLocker, Microsoft, Ivanti, and Carbon Black. We have recently looked at ThreatLocker and Microsoft in comparison to Airlock Digital Application Control. I have not looked at Carbon Black, and we are not looking at other options at the moment.

I hope to use the bidirectional REST API in Airlock Digital Application Control very soon to connect with a SOC SIEM solution to help with our reporting.

Regarding the integration capabilities of Airlock Digital Application Control, from the version we were running to the current version and the features we are looking at using, the integration options are fantastic and seem quite easy to implement where we need them.

Assessing the clarity and speed of the new interface of Airlock Digital Application Control compared to the previous version is challenging because I have mostly interacted with the previous interface and we have only recently upgraded. We might be among the last to upgrade, and I have not used the new interface extensively.

I do not use the policy change history in Airlock Digital Application Control because I believe that is a new feature we have not yet unlocked. We have just completed that upgrade, and we were quite behind on our updates.

I recommend Airlock Digital Application Control to other users because of the quality and the features we have discussed. It is a good product. The reason for my rating of Airlock Digital Application Control is really the updating of the database of applications we want to whitelist. It is more of a personal preference because as a small team, I do not have much time for this task. It is a larger task that we would like to make more efficient somehow without just approving everything. My overall rating for Airlock Digital Application Control is 8.

I use Airlock Digital Application Control for application control, primarily handling servers. The solution manages approximately 1,000 servers with centralized control.

Airlock Digital Application Control offers several best features. The application server itself is very light and operates at fast speeds. When whitelisting something, it applies immediately over the network. The solution handles multiple network subnets including layer four and layer 3.5, and all operate very fast.

Recently, improvements have been made to the whitelisting functionality in Airlock Digital Application Control. When any client finds files blocked, a pop-up appears, and they can request approval directly from there. The console displays incoming requests and shows whether they are whitelisted, approved, not approved, or denied.

If Airlock Digital Application Control implemented AI, it would be very beneficial. The solution is very easy to handle from our end, but AI implementation would make it even better.

If the solution can generate an email and send requests to the call center to create a work order or change request in the upcoming updates.

I have used Airlock Digital Application Control for the last year primarily for application Whitelisting

The stability of Airlock Digital Application Control receives a rating of 10.

Scalability with Airlock Digital Application Control also receives a rating of 10.

The technical support of Airlock Digital Application Control receives a rating of 10 because only a few cases were opened and they were handled perfectly. Support has not been required often, and it can be handled very well. The technical team was present during implementation and provided all necessary support and guidance.

Previously, another application was used for more than 10 years. Recently, that product was not undergoing any development, so this year the switch was made to Airlock Digital Application Control. A proof of concept was completed more than a year ago, and the solution was found to be very light, very fast, and much better than the previous one.

Airlock Digital Application Control was compared with other vendors including Trend Micro, Ivanti, CrowdStrike, and Sophos. Ivanti was used for the last 10 years and was based on Windows, making it heavy and not lightweight. Airlock Digital Application Control is Linux-based and very lightweight.

Installation of Airlock Digital Application Control takes less than one day. The application is deployed, tested on a few endpoints, and then deployed group by group to avoid creating problems across all machines simultaneously. This group-by-group approach was perfect with no complaints generated.

Airlock Digital Application Control has been deployed on-premises, and it was downloaded from the support portal. Installation is very easy.

Four admins have control of Airlock Digital Application Control. Approximately one thousand servers are used by many people in application administration roles across different divisions. Four application admins handle the solution, and one admin deployed it.

The infrastructure team handles the setup, while the licensing part is handled by another department.

Airlock Digital Application Control's policy change history feature is used with multiple policy groups. The latest version allows policy application on a host-based level, where even a single endpoint can have policy applied.

Airlock Digital Policy Creation Wizard is very helpful for determining which files the admins are using. The company policy prevents unauthorized installations because the information security team is very cautious about implementing new installations and EXE executions. These installations can be controlled through the portal.

Granular policy control of Airlock Digital Application Control provides strong satisfaction.

Airlock Digital Application Control can be highly recommended, and the overall rating is 10.

Application whitelisting has become increasingly important, and ensuring that we’re not running code unknown to our organization is crucial. The organizations I work for have been using it to effectively whitelist applications known to be in use, and then highlight any applications that aren’t within the remit of the service delivery organizations or the infrastructure organizations, ensuring that we’re only executing known code.

One of the use cases for Airlock Digital Application Control that we identified were timer applications; we found applications being used potentially to exfiltrate information. We found people using WhatsApp as well as Signal, which weren’t under the control of the data loss prevention capability within the organization I was working with, so we were able to identify applications that might be missed by DLP.

We have certain use cases where users require using scripting languages and programming languages such as Python to run simulations and modeling; this is not something we want every user to be able to do, but it’s allowed us to select which users are allowed to run certain applications and under what scripting languages and programming languages and under what circumstances they’re allowed to run them. This means that it’s not a blanket on or off; it’s about under what context the application can actually run, allowing users to use Python or PowerShell under constrained use cases as opposed to unrestricted access.

One of the other capabilities I haven’t mentioned is the ability to have an on-premises as well as a cloud instance; in the industries I work in, having the ability to run disconnected from the internet or running everything on-premises for data sovereignty purposes is really important. Airlock Digital Application Control has given us that flexibility to have both deployments depending on the context in which we’re running the application or needing this capability.

Anybody going on an application control journey is going to realize that they need a maturity uplift; this has allowed us to present information back to the service delivery organizations and the infrastructure organizations, and the application organizations within the companies I’m working with, and help them develop a maturity plan around uplifting their processes and their policies and their workflows. It’s also helping them have justification around limiting Shadow IT, and being able to say no—this application is not appropriate or this application is appropriate. It helps them on that maturity journey.

Airlock Digital Application Control is probably the easiest application control that I’ve come across; the product has a GUI-first, web interface-first approach to application control, and the way that it’s able to present exceptions or identify what those untrusted executions are is the best that I’ve seen in the field. It’s easy, it’s very quick, and I think that it reduces that barrier to entry for application control.

One of the best features that Airlock Digital Application Control offers is the ability to create complex rules around what applications are allowed to execute under what circumstances and where. It helps us answer the who, what, where, when, and why, to a lesser extent, applications are being used; it’s absolutely the ability to define complex rule sets.

I appreciate the automated baselines that are in Airlock Digital Application Control; being able to start off with a starting point of what, for example, Windows 10 or Windows 11 or one of the server platforms would normally run means we’re not developing our policies from scratch. I also appreciate the ability for bulk adding and identifying publishers of applications and being able to blanket approve publishers, for example, or I can put complex rules around publishers so that the publisher can only execute under certain circumstances. The flexibility and the way that the product has been designed has been really well thought out.

I love how granular Airlock Digital Application Control is; I think the metadata rules, which allow us to create complex rule sets, are excellent compared to what I’ve seen in other products doing application control. Airlock Digital Application Control is just so far ahead of others.

I think there are features that are coming down the pipeline that we don’t have yet; one of which is the ability to have a managed installer process. There is that capability currently, but it’s reliant on WDAC or Windows Application Control, as opposed to being natively within Airlock Digital Application Control. This is something that is coming, but we haven’t actually seen it deployed yet. At the moment, we’re still having to onboard applications individually, and that would be the biggest pain point that we have right now.

I think more guides on how to onboard and bring Airlock Digital Application Control into production would be helpful; these aren’t technical needs, more around documentation and potentially some videos on how to onboard or how to bring it into your organization more efficiently.

I have been using Airlock Digital Application Control now for about nine months.

Airlock Digital Application Control has been extremely stable for me so far; I haven’t had any problems with the agents when they’re deployed and the policies are stable. It has had some problems with the on-premises deployment, in terms of stability of the server-side components, and there have been some minor problems with upgrades of agents, but nothing insurmountable.

At this stage, the only scaling issues we’ve had with Airlock Digital Application Control have been around the reporting database; everything else has been fine.

We were using AppLocker in some use cases, which was really managed by a group policy; we found that it was too coarse, and we weren’t able to get granular policy control with it. That’s why we moved towards Airlock Digital Application Control, and with Airlock Digital Application Control, we are actually installing that on the entire workstation and server estates, whereas previously it was only on very specific application servers.

At nine months in with Airlock Digital Application Control, I think we’re still not seeing a return on investment, and that’s partially because the need for application control was more important or timely than the processes were able to keep up with. At this stage, we’re still heavily invested in resources bringing it up and aligning our processes with it, so I think we will have a return on investment, but I don’t think it’s going to be in year zero. I think it’s going to be probably towards the back end of year one.

I think the user experience is quite good for a modern product; the reporting is getting better with every release, and at this stage, I don’t have any specific points on the reporting that I would want to be better. Perhaps some UI performance improvements, but generally, I think that for what Airlock Digital Application Control does, it does extremely well and fits within that scope really well.

I advise others looking into using Airlock Digital Application Control to understand what your software asset register looks like and what is allowed to run in your organization; once you understand what is allowed to run, you can then develop policies and processes to implement Airlock Digital Application Control efficiently. If you don’t have those governance structures in place, you’re really going to struggle to move Airlock Digital Application Control from audit mode into enforcement mode.

I would rate this product a 9 out of 10.

My use case for Airlock Digital Application Control is application control.

The best features of Airlock Digital Application Control include the ability to block using publishers, path rules, and many features that fit our purpose. The main thing would be blocking all and allowing only specific applications, which is the approach we are following.

Airlock Digital Application Control helps improve my auditability and governance over policies because it can be logged and we can see who made changes and for what purpose. We have our own internal standards defined so that whenever people make changes, they should have obtained all the approvals and the comments are updated with the request details and all those things.

I have noticed that Airlock Digital Application Control has improved the way my organization functions as it is more of a security tool. With technology transitioning so fast with artificial intelligence, we wanted to be careful about what is getting executed in each and every endpoint device. In that aspect, we were looking at a solution where only what we allowlist is getting executed.

In Airlock Digital Application Control, there are areas for improvement which, more specifically being a security tool, relate to the performance issues that end-user devices are experiencing because of the tool. It is getting improved on a version-to-version upgrade basis, but I would say that is one major area to improve. Otherwise, whatever is defined on the product works as expected.

The performance aspect of Airlock Digital Application Control could be improved.

I have been using Airlock Digital Application Control for almost a year.

So far, I have not had any issues with the stability of Airlock Digital Application Control, so I would rate it about eight or nine.

The scalability of Airlock Digital Application Control depends on the problem statement or the use case that we come up with. There were some challenges initially, but I think with the current version, it is quite scalable now.

I would rate the scalability of Airlock Digital Application Control as seven because there are still some features upcoming which will improve the scalability much more.

I would rate the technical support of Airlock Digital Application Control as nine.

I find that the deployment of Airlock Digital Application Control was very straightforward.

The deployment of Airlock Digital Application Control was staged, but otherwise, we did not have any issues during the deployment. Everything went smooth. We have devices across the regions, so we usually stage it by regions such as APAC and EMEA.

Time-wise, I would say that Airlock Digital Application Control saves a lot of time. Monitoring a fleet of devices will take a team's effort, but we three or four people are working on this, and it is quite easy. Integrating to other monitoring tools saves a lot of time.

I would say Airlock Digital Application Control saves around thirty percent of our time.

I compare Airlock Digital Application Control with other vendors such as ThreatLocker, Carbon Black, and BeyondTrust based on the proof of concept we did with other competitive tools. What made Airlock Digital Application Control different is the features and options we had to approach a single problem. We have the capability of blocking or allowing publishers or even more granularly, up to a device or a device group, which gives us that agility.

Approximately three thousand to four thousand devices use Airlock Digital Application Control.

The users of Airlock Digital Application Control are global, not just based in India.

I would recommend Airlock Digital Application Control to people who are looking to manage endpoint computers to enhance their security. I gave this review a rating of seven out of ten.

The DevOps team uses the REST API for Airlock Digital Application Control, but I am not part of that team, so I am not directly administering or controlling or using the REST APIs tool.

The pre-sales team handles the pricing for Airlock Digital Application Control; I am the technical person who looks after the configuration and administration according to the requirements of the client.

We are using the policy change history in Airlock Digital Application Control.

According to the governance, procedures, policies, and SOPs defined within the client environment, which are quite strict, Airlock Digital Application Control provides user-level privileges. Using the policy management tool provided by Airlock Digital Application Control is very beneficial and completely aligns with the compliance and governance expectations of the client.

The endpoint security feature of Airlock Digital Application Control is very beneficial, as are some of the products that have been integrated with Airlock Digital Application Control, making it a very supportive feature.

Some of the vulnerabilities that are meant for CVEs specific to Airlock Digital Application Control need to be addressed in newer versions. This is the improvement that I would suggest, because zero-day exploits are being administered by threat actors on a daily basis, and from a cybersecurity point of view, I need it to be more resilient to vulnerabilities.

During my total career of 13 years, I have used Airlock Digital Application Control with one of my clients who had deployed this solution, and I had been working on that product for more than a year.

I have not faced any lagging, crashing, or downtime with Airlock Digital Application Control for a while, so we are satisfied with it, and every user management is satisfactory.

We have not performed any scalability adjustments for Airlock Digital Application Control because the initial product that we deployed is serving the number of users well. I think there is a license available so we can purchase it and upgrade to the amount of users that is needed, though for now we do not need to upgrade and have not felt the need to do that.

We engage with the customer support portal for Airlock Digital Application Control on and off to get troubleshooting guides or to have issues resolved where we are stuck, and they are very helpful.

Technically, a device always has some operational issues, and this is not specific to Airlock Digital Application Control but applies to any device, such as Cisco, Huawei, Juniper, or any big names in the market, as they always have issues or require troubleshooting. What I found is that their support team is quite technical, and their approach in understanding and resolving the issue is very direct and robust.

Positive

Initial deployment of Airlock Digital Application Control is very user-friendly.

The deployment of Airlock Digital Application Control took about a week because I had to configure each policy and each connectivity to our network step-wise. The integration was easy, but the assignment of the policies due to the load of the users was a cumbersome task. Once the users were added, then it was good to go.

I had support from my senior staff for the deployment of Airlock Digital Application Control. As the L2 person, I had to get help from the L3 for some configurations, and meanwhile, the L1 staff also assisted me during the integration and the issues that were faced, and we troubleshot until it was resolved.

The graphical user interface provided by Airlock Digital Application Control is very user-friendly, and configuration management is easy, so this is what I like about it the most.

Some of our clients are using the Cisco ISE product and some of them are using the PAM solution, so there are different options they are using according to their own choice, but I would prefer Airlock Digital Application Control to be a good product and a useful one.

I would rate this review a 9 out of 10.