Likelihood to Recommend I would say, where it's well suited as certainly any device where you know that either you're potentially running a Kickstarter device as your own personal unit, but maybe you want to try to connect it to some resource like, "Hey, you know what? This is a small community device. Maybe I'll try connecting my email on the go." You're protected from that perspective with the vendor, even if it's something that might be a bit suspicious from a hardware perspective. There's also the case where any device that you know are running Defender for endpoint that you're good to go. You don't really have to worry about all the other solutions out there because Defender has recovered.
Read full review I have tested two of software besides ThreatLocker. ThreatLocker by far, was the easiest of the 3 to work with and setup. One of the companies' software was too complicated to run and setup. The other one lacked a lot of the features that ThreatLocker had. ThreatLocker came with many prebuilt template for common software and utilities, like Office365, putty, Firefox, Google, etc. It came with a bunch of prebuilt blocking/ringfencing rules for utilities like powershell, hyper-v psexec, and many others. This saves setup time. Unfortunately, ThreatLocker will let you download something from the MS Store, sometime it will let you execute and sometimes it won't. I would like to see this to be able to block the download from MS Store until ThreatLocker approves the download.
Read full review Pros It integrates perfectly with Azure Sentinel. I mean, that's great. We can have a single pane of class with other platforms, like Defender for Cloud, Defender for endpoints, and Defender for servers, which is awesome as well. The ease of deployment is because Microsoft made sure around a year ago that every single workstation with Microsoft Windows came with Defender for Endpoints embedded. Read full review Application Control Privileged Access Management Storage access control Read full review Cons While it's a very good product for auditing, it has a very hard time to distinguish what is malicious and is an attack, what is not. Very rarely we get indication of a real malicious attack. We got lots of hours for off the shelf malware that it cleans up automatically. So basically we never get to look at it, which is a positive thing, but threats are detected by the third party endpoint, so it will not be enough by itself. Read full review Ease of moving between organizations Removing agents from clients who depart Some UNC path definitions for local files and folders Read full review Likelihood to Renew ThreaLocker has done its job and has prevented malware from executing. It has stopped an encryption process once already. It has kept a user from going to a bad website. He tried twice and was wondering why he was getting an error message from ThreatLocker and ESET both.
Read full review Usability ThreatLocker ease of use allows me to get the answers I need to any threats or denied action that ThreatLocker took. The "Unified Audit" is a great tool to show what is happening/executing on a user's computer or on a server. Unified Audit will allow to look at what steps a programs takes when it executes. It will show you if it calls on Powershell or what DLL's it is executing and many other things.
Read full review Reliability and Availability There is rarely ever an outage. I have seen slowness in ThreatLocker service. But that is very rare too!
Read full review Performance ThreatLocker is always available. The admin's console loads very fast and report runs almost instantly. It does not interfere with operating system.
Read full review Support Rating The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Read full review You can email, call or do online chat with tech support. I love their online chat. They are quick and friendly. Also, if you need to show them something, you can give the chat technician permission from your Chat box to allow the tech access to your computer. They also can pull out your admin console on their side. They can look at your "Unified Audit" log and see the same thing that you can. They have a good KnowledgeBase that you can look for answers. They have what is called "ThreatLocker University" where you can go through tutorials and take tests.
Read full review In-Person Training The owners and co-founders work with you through Zoom Meetings. They walk you through how to use and setup ThreatLocker. They also have webinars. You also can go through ThreatLocker University online training.
Read full review Online Training Using ThreatLocker University online training is very easy and informative. You take online tests to see how well you learned the material. It is great!
Read full review Implementation Rating ThreatLocker is a family ran business. The owners, co-founders work with you to ensure you are up and running as quickly as possible. They went to ensure your success with ThreatLocker.
Read full review Alternatives Considered Tenable Security Center was a fantastic exposure detection tool but there was always a lag and servers would hang alot when being scanned causing resource traffic. Microsoft Defender for Endpoint on the other hand does not use up most resources soo there is usually noo lag during scanning and it also provide more detailed insights on the network. Also Microsoft Defender for Endpoint integration power has helped us up our security game by delivering a smooth secure network.
Read full review I honestly have not seen many other programs like Threatlocker so I do not have any to compare to. Auto-Elevate may be the closest, however I did not evaluate them as part of my decision. Threatlocker does do a great job at onboarding which made deploying, setting up, and troubleshooting the program a breeze
Read full review Scalability ThreatLocker is very easy to add new ThreatLocker agents on computers and servers. It is very easy to do. You can install an agent on a computer or server in about 2 minutes or less.
Read full review Return on Investment Positive : Microsoft Defender for Endpoint offers sophisticated threat detection and response capabilities, putting it into use helps increase security. Reduced security incidents, data breaches, and related expenses may arise from this. Positive : A more secure environment means less time and effort spent by IT and security teams on remediation and incident response. False Positives: Like any security solution, false positives can occur, leading to unnecessary investigations and potential disruptions to business operations. This may require additional resources to manage. Read full review Too early on to tell, however, if ThreatLocker ends up blocking just one ransomware attack for any of our clients, I'd argue that it payed for itself. Read full review ScreenShots Microsoft Defender for Endpoint Screenshots