Skip to main content
TrustRadius
ThreatLocker

ThreatLocker

Overview

What is ThreatLocker?

ThreatLocker Inc. is a security platform used to stop misuse and vulnerable software as well as control application elevation, storage and network traffic.

Read more

Learn from top reviewers

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is ThreatLocker?

ThreatLocker Inc. is a security platform used to stop misuse and vulnerable software as well as control application elevation, storage and network traffic.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

137 people also want pricing

Alternatives Pricing

What is CrowdStrike Falcon?

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no…

What is Webroot Antivirus + Internet Security Complete (SecureAnywhere)?

Webroot Security Complete (formerly under the brand name SecureAnywhere) is a suite of antivirus, multi-endpoint security and Internet security solutions available for home offices, and possibly small businesses with limited security needs.

Return to navigation

Product Demos

Threatlocker Powerlunch

YouTube

ThreatLocker Control (™) Demo Part 4

YouTube

ITBOG Livestream Demo - ThreatLocker

YouTube

Threatlocker | Live Demo

YouTube

ThreatLocker Control (™) Demo Part 3

YouTube

ITBOG Livestream Demo - ThreatLocker

YouTube
Return to navigation

Product Details

What is ThreatLocker?

ThreatLocker Inc. is a security platform used to stop misuse and vulnerable software as well as control application elevation, storage and network traffic. Ringfencing™ adds a second line of defense for applications that are permitted. First, by defining how applications can interact with each other, and secondly, by controlling what resources applications can access, such as networks, files, and registries.

Additional capabilities include:
Protects data from malicious behavior
Stops fileless malware and limit damage from application exploits
Defines how applications integrate with other applications
Stops applications from interacting with other applications, network resources, registry keys, files.
Stop sapplications from interacting with built-in tools such as PowerShell, Command Prompt and RunDLL
Stops built-in tools from accessing file shares

"Allowlisting" controls what software, scripts, executables, and libraries can run on endpoints and servers. This approach not only stops malicious software, but it also stops other unpermitted applications from running.

ThreatLocker Screenshots

Screenshot of ThreatLocker

ThreatLocker Videos

Product Demonstration
3 Approaches to Protect a Business from Ransomware (ThreatLocker Webinar)
ThreatLocker Success Story - TCI Technologies

ThreatLocker Technical Details

Deployment TypesSoftware as a Service (SaaS), Cloud, or Web-Based
Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

ThreatLocker Inc. is a security platform used to stop misuse and vulnerable software as well as control application elevation, storage and network traffic.

SentinelOne Vigilance, Huntress, and SpamTitan Email Security are common alternatives for ThreatLocker.

Reviewers rate Anti-Exploit Technology highest, with a score of 9.6.

The most common users of ThreatLocker are from Small Businesses (1-50 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(17)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

ThreatLocker offers a range of use cases that have proven valuable for organizations seeking to enhance their cybersecurity. Users have found practical applications for ThreatLocker, including DNS white listing, preventing accidental installs, and blocking external data sources. By providing better control and protection of client systems, ThreatLocker effectively stops the installation of unnecessary applications and software. One key benefit users appreciate is that ThreatLocker acts as a learning tool, preventing team members from making mistakes and ensuring the safety of their computers. Another important problem solved by ThreatLocker is its ability to detect malicious applications that may be missed by traditional anti-virus software, thereby delivering a higher level of security for clients. The software also effectively prevents ransomware attacks and safeguards systems from malware. In addition to these features, ThreatLocker helps organizations achieve NIST compliance and mitigates risks associated with rogue and malicious applications like ransomware. The product's file tracking and auditing capabilities are particularly valuable in eliminating ransomware threats and providing insights into system activity. Overall, ThreatLocker addresses various cybersecurity issues such as unauthorized application access and potential malware attacks through its application control and Zero Trust model. It simplifies the process of controlling applications on endpoints, removing the need for extensive investigations. Users can confidently offer and support zero-trust security to their clients with the help of ThreatLocker, enabling them to implement zero-trust in an easy and cost-efficient manner. By allowing users to control which applications run and what data/actions are permitted, ThreatLocker empowers organizations with complete control over the environments they manage while bolstering endpoint security beyond traditional Anti-Virus solutions.

Comprehensive and Proactive Platform: Users find ThreatLocker to be a comprehensive and proactive platform for application control and security. They appreciate the ease of deployment and intuitive interface, which empower them to effectively manage numerous endpoints. Some users have seen firsthand how the ThreatLocker team continuously improves the product, streamlining performance and enhancing the user experience.

Zero Trust Implementation: The Zero Trust implementation in ThreatLocker is highly valued by users, as it allows them to examine every single file and restrict them to the desired level of security. This feature provides peace of mind and restricts end users from performing unauthorized actions. Some users appreciate that ThreatLocker has made Zero Trust accessible to all businesses, regardless of size.

Ease of Use and Deployment: Users appreciate how easy it is to deploy ThreatLocker within their organizations. They find it very easy to use, with an intuitive interface that simplifies the management of allow lists. The learning mode eliminates the need for manual file hash collection, making whitelisting painless. Additionally, some users value ThreatLocker's support team for being helpful in addressing concerns and providing assistance during onboarding.

Learning Curve: Some users have mentioned that there is a learning curve involved during the initial setup of ThreatLocker. However, they acknowledge that any difficulties were quickly overshadowed by the advantages in terms of security, control, and peace of mind.

Interface Takes Getting Used To: Users have reported that the interface of ThreatLocker takes a little getting used to. While this may initially be a challenge for some, it does not detract from the overall benefits provided by the software.

Disruption without Best Practices: Some users have noted that if ThreatLocker is not deployed with best practices, it can be somewhat disruptive to users. However, these disruptions can be mitigated by ensuring proper implementation and configuration.

Users have made several recommendations for Threatlocker based on their experiences. One recommendation is to implement Threatlocker for companies with a security-first mindset, as it is seen as a game-changer and a differentiator in the market. Another recommendation is to use Threatlocker as a supplement to existing antivirus software, emphasizing the need for a multi-layer security approach instead of relying solely on antivirus software. Users also advise using Threatlocker alongside other security products such as EDR, SIEM, and MDR to enhance overall security measures. Additionally, users suggest testing Threatlocker internally before rolling it out to customers.

Reviews

(1-5 of 5)
Companies can't remove reviews or game the system. Here's why

ThreatLocker Experience

Rating: 8 out of 10
March 04, 2024
Verified User
Vetted Review
Verified User
ThreatLocker
1 year of experience
By helping to implementate Zero-trust architecture. Currently working to roll out to all clients.
  • New portal much cleaner.
  • Onboarding process very hands on.
  • Requesting process is easy to navigate.
Any organization taking security and zero trust seriously. However, if an organization does not have the manpower/care to carefully build and maintain a true Zero Trust environment, than it's not for them.
Endpoint Security (7)
90%
9.0
Anti-Exploit Technology
100%
10.0
Endpoint Detection and Response (EDR)
80%
8.0
Centralized Management
80%
8.0
Hybrid Deployment Support
100%
10.0
Infection Remediation
100%
10.0
Vulnerability Management
70%
7.0
Malware Detection
100%
10.0
  • Too early on to tell, however, if ThreatLocker ends up blocking just one ransomware attack for any of our clients, I'd argue that it payed for itself.

ThreatLocker is the only practical and affordable zero trust solution for small businesses

Rating: 8 out of 10
April 13, 2023
IB
Vetted Review
Verified User
ThreatLocker
2 years of experience
We needed a practical and affordable zero trust solution, and ThreatLocker was the only one that could deliver. ThreatLocker provides us with an all-in-one zero trust solution - Application Control, Privileged Access Management (PAM) and storage access control.
We use ThreatLocker to provide a higher level of security for our clients while reducing the risks of attacks and breaches. The platform's ability to control access to critical systems and data, along with its automated threat detection and response capabilities, meets our need to secure multiple clients with diverse IT environments.
  • Application Control
  • Privileged Access Management
  • Storage access control
ThreatLocker's automated threat detection and response capabilities provide an extra layer of security for our law firm clients, reducing the risk of malware infections and data breaches. With ThreatLocker's centralized management, we can easily configure and monitor the security settings across all endpoints and provide timely support and remediation when necessary.
  • Practical to implement and use
  • Affordable
  • All-in-one zero trust solution
Endpoint Security (6)
81.66666666666666%
8.2
Anti-Exploit Technology
90%
9.0
Endpoint Detection and Response (EDR)
80%
8.0
Centralized Management
90%
9.0
Infection Remediation
70%
7.0
Vulnerability Management
70%
7.0
Malware Detection
90%
9.0
  • Allowed us to deliver zero-trust at an affordable cost
  • Can be managed with existing skillset
  • Most cost effective application control for small businesses

ThreatLocker will stifle any unknown/known threats

Rating: 10 out of 10
April 11, 2023
RD
Vetted Review
Verified User
ThreatLocker
3 years of experience
This is a deny all process until approval is given (whitelisting) process. It has many nice features for approving software to allow it to execute. ThreatLocker has a "learning" mode, "installation" mode, and "elevation" mode. Users can request access to download new software. Admin can either approve or deny it. If denied, they can send a reason why it was denied.

ThreatLocker has an audit feature, so you can see what ThreatLocker has "denied", so you can look to see if it is a good or bad file. Maybe a software was trying to do an update and it was denied since it wasn't whitelisted for automatic approval. For example, Microsoft path Tuesday's patches.

ThreatLocker has paid for itself already. There have been a few times when a user has opened an attachment that had malware in it. ThreatLocker stopped it from executing.
  • Stop users from installing software
  • Stopped malware in a file attachment
  • Stopped any unknown software or update from executing
  • You can give a user "elevate" mode for a one time software installation if necessary
  • Push out ThreatLocker updates without having to reboot computer
I have tested two of software besides ThreatLocker. ThreatLocker by far, was the easiest of the 3 to work with and setup. One of the companies' software was too complicated to run and setup. The other one lacked a lot of the features that ThreatLocker had.

ThreatLocker came with many prebuilt template for common software and utilities, like Office365, putty, Firefox, Google, etc. It came with a bunch of prebuilt blocking/ringfencing rules for utilities like powershell, hyper-v psexec, and many others. This saves setup time.

Unfortunately, ThreatLocker will let you download something from the MS Store, sometime it will let you execute and sometimes it won't. I would like to see this to be able to block the download from MS Store until ThreatLocker approves the download.
  • Stopping the executable from a file attachment, whether it was downloaded or opened from an attachment.
  • Keep users from running/installing updates from an application. They can ask/request for the updates to be ranned, if necessary.
  • The "blocked items" option from the ThreatLocker icon in the system tray. There are times when something is not working right. You can see if ThreatLocker is blocking something from the ThreatLocker icon in the system tray.
Endpoint Security (7)
80%
8.0
Anti-Exploit Technology
100%
10.0
Endpoint Detection and Response (EDR)
100%
10.0
Centralized Management
100%
10.0
Hybrid Deployment Support
N/A
N/A
Infection Remediation
80%
8.0
Vulnerability Management
80%
8.0
Malware Detection
100%
10.0
  • I believe that ThreatLocker has prevented us from getting ransomware. I have it set up to block the use of any encryption tools.
  • I know on multiple occasion, ThreatLocker has blocked malware from executing.
  • It has kept users from installing Shareware software. I have a couple of users who like to use Shareware software.
  • It keeps users honest to comply with our Corporate's cybersecurity policies.
  • It keeps us compliant with software licensing.
I have tried WhiteCloud Security, Microsoft Application Whitelisting (AppLocker), and MalwareByte.

WhiteCloud Security is too complicated to use and setup.

AppLocker and MalwareByte don't have hardly any features.
37
We are a manufacturing facility. We have management, office, and factory employees with ThreatLocker installed on their computers. We also have ThreatLocker installed on all of our servers.
1
I am an I.T. Support Specialist. You need an understanding of how networks and computers work. Understand what software are on each computer and how are they used. Understand when do they typically update. You need to know how software interacts with the operating system, network, Internet, and other software like powershell.
  • To stop unknown/known malware from executing.
  • To stop the download of any unauthorized software to your computer or server.
  • To stop any unauthorized encrypting process.
  • Don't allow software to execute from a network share.
  • To explicitly disallow any encryption process to run.
  • To explicitly disallow any type of disk wiper process to run.
  • To setup Network Access Control.
ThreaLocker has done its job and has prevented malware from executing. It has stopped an encryption process once already. It has kept a user from going to a bad website. He tried twice and was wondering why he was getting an error message from ThreatLocker and ESET both.
No
  • Scalability
  • Ease of Use
I was more interested in the features that it had. Also, it ease of use and ability to setup quickly. Other software I tested either were too complicated to setup or were not feature-rich.
I wouldn't. I think I did a fair job of evaluating the software. There wasn't much to choose from 4 years.
ThreatLocker is a family ran business. The owners, co-founders work with you to ensure you are up and running as quickly as possible. They went to ensure your success with ThreatLocker.
  • Third-party professional services
ThreatLocker has all new users go through several Zoom calls with them to show you how the software works and help you set up some applications rules and to push ThreatLocker out to all the computers and servers. They will work with you till you feel comfortable using it.

Afterward, if you still have questions or issues. You can email, call or using the Chat box in the admin's console.

You can also use the ThreatLocker University online training.

ThreatLocker does not leave you hanging.
Yes
During each Zoom meeting, they would show you something new and have you do the steps. The training was not an overload. They didn't throw everything at you at once.
  • Understanding what "ringfencing" is and what it does.
  • Online Training
  • In-Person Training
The owners and co-founders work with you through Zoom Meetings. They walk you through how to use and setup ThreatLocker. They also have webinars.

You also can go through ThreatLocker University online training.
Using ThreatLocker University online training is very easy and informative. You take online tests to see how well you learned the material. It is great!
You can email, call or do online chat with tech support. I love their online chat. They are quick and friendly. Also, if you need to show them something, you can give the chat technician permission from your Chat box to allow the tech access to your computer.

They also can pull out your admin console on their side. They can look at your "Unified Audit" log and see the same thing that you can.

They have a good KnowledgeBase that you can look for answers.

They have what is called "ThreatLocker University" where you can go through tutorials and take tests.
There is no premium support. Everybody gets the same support.
Yes, normally ThreatLocker blocks the execution of software from running from a network share drive. I have one installation software that is huge and have multiple programs to install depending on whether the user needed any add-on programs.

Small program installation I would just copy over the local machine. But this software was like gigabytes. We were able to tell ThreatLocker that only the admin user could install this program from a certain network share path.

It made an admin's life a whole lot easier.
ThreatLocker ease of use allows me to get the answers I need to any threats or denied action that ThreatLocker took. The "Unified Audit" is a great tool to show what is happening/executing on a user's computer or on a server. Unified Audit will allow to look at what steps a programs takes when it executes. It will show you if it calls on Powershell or what DLL's it is executing and many other things.
  • To whitelist an application.
  • To allow 'denied' updates to run.
  • To use the "Unified Audit".
  • To push ThreatLocker updates out to all computers and servers.
  • To put a computer into "Installation" mode.
  • To install a prebuild application rule.
  • Working with Network Access Control, as that is not my area of expertise.
Yes
The mobile interface works very well. I don't use it a whole lot. Occasionally when I am out of the office and someone has an urgent need. I get in and take care of it from my cellphone.
ThreatLocker is very easy to add new ThreatLocker agents on computers and servers. It is very easy to do. You can install an agent on a computer or server in about 2 minutes or less.
There is rarely ever an outage. I have seen slowness in ThreatLocker service. But that is very rare too!
ThreatLocker is always available. The admin's console loads very fast and report runs almost instantly. It does not interfere with operating system.
None. Have not integrated with anything yet.
Easy. You just deal with ThreatLocker and no third parties. They did a great demo on the user of ThreatLocker and its features.
Very easy. You had Zoom Meetings and Webinars to get you up and running as quickly as possible.
Price was very competitive.
Just work, ask questions, they are very willing to work with you and answer any questions that you may have. They want to see you succeed in using their software.
Yes
It is so easy to upgrade to a new release. It is simple as a couple of mouse clicks and the latest release is pushed out to all computers and servers. Or with a couple of mouse clicks you can upgrade just one computer or server.
  • ThreatLocker is always enhancing or adding new features or fixing any bugs.
  • They take user's suggestion and feedback. Then implement them. I asked for a certain report and they added it to the reports list.
  • ThreatLocker is always trying to find ways to improve processing speed.
  • I am hoping they decrease the agent footprint size. I noticed that the executable has increased in size.
No
No

Threatlocker is necessary in a zero trust world

Rating: 9 out of 10
April 11, 2023
WP
Vetted Review
Verified User
ThreatLocker
2 years of experience
We use Threat Locker as a zero trust solution to protect the end users we manage. We trained on the use of the software and utilize the learning mode before go live. We use this project across all cyber security customer computers. This solves the problem of unwanted or unknown programs being used and compromising the network.
  • Zero trust
  • Protecting end users
  • Management of programs
Threatlocker is suited to all scenarios of end user workstation management. We protect users in medical, legal, and engineering fields who often have to use multiple programs that update frequently. It is less suited for use for IT firms whose users are more tech savvy. Honestly everyone should use it ideally
  • Zero trust protection
  • Multi site management
  • Reporting
Endpoint Security (7)
77.14285714285714%
7.7
Anti-Exploit Technology
90%
9.0
Endpoint Detection and Response (EDR)
90%
9.0
Centralized Management
80%
8.0
Hybrid Deployment Support
N/A
N/A
Infection Remediation
100%
10.0
Vulnerability Management
100%
10.0
Malware Detection
80%
8.0
  • We feel the cost benefit is amazing
  • Safety is 100% worth it
  • Peace of mind

Easy to Deploy, Fast Support

Rating: 9 out of 10
September 01, 2022
We use ThreatLocker to lock down client machines specifically for applications and adding USB devices. It allows us to easily generate reports that show what applications are allowed and which are blocked for compliance purposes. It can also assist with installing allowed applications by allowing automatic admin rights. You can also involve the user's manager for approvals of programs and USB devices.
  • Onboarding and training
  • Ease of getting hold of support
  • Ease of deployment
  • Reporting
If a client has concerns with numerous employees installing things they shouldn't, if worried about employees adding programs to exfiltrate data, worries about the current Cybersecurity stack allowing scripting and therefore a vector for compromise, worries about fileless malware. Ability to quickly report on what applications are allowed in an organization.
  • Ease of deployment
  • Ease of reporting
  • Ease of support
  • Allowed us to keep up with client expectations for security
  • Allowed us to report on software installations for compliance
  • Allowed us to quickly scan for vulnerabilities
I honestly have not seen many other programs like Threatlocker so I do not have any to compare to. Auto-Elevate may be the closest, however I did not evaluate them as part of my decision. Threatlocker does do a great job at onboarding which made deploying, setting up, and troubleshooting the program a breeze.
Return to navigation