ThreatLocker is primarily adopted by organizations to implement robust application control and enforce zero-trust security principles across their internal systems. This capability is highlighted as a critical tool for preventing unauthorized software execution and limiting what users can install on their devices, effectively replacing traditional User Account Control (UAC). Reviewers apply it to secure various environments, including critical infrastructure like backup hosts. The product's core strength lies in its robust application control, with 80% of reviewers commending its comprehensive oversight of computing environments. This directly contributes to enhanced security, as 60% of reviewers cite its ability to block unwanted applications and prevent security breaches, including ransomware attacks. Furthermore, 40% of reviewers appreciate the platform's unified auditing features and clean management portal, which contribute to a positive user experience. Beyond foundational security, ThreatLocker extends its utility to streamlined policy management and security monitoring, with 40% of reviewers leveraging these features for deploying company-wide configurations and receiving immediate notifications on policy breaches. The vendor's support is also a notable asset, with 40% of reviewers praising the responsiveness and helpfulness of the support team. ThreatLocker delivers a positive return on investment by significantly improving an organization's overall security posture, a benefit highlighted by 40% of reviewers. The platform also helps streamline IT operations by reducing the administrative burden on technical staff, as noted by 40% of reviewers, thereby optimizing resource allocation within IT departments. The provided reviewer feedback does not explicitly detail significant weaknesses or negative impacts, suggesting a generally positive reception among the reviewed user base.

Pros

Robust application control and zero-trust enforcement
Responsive and helpful vendor support
Comprehensive auditing features and clean management portal
Effective in blocking unwanted applications and preventing breaches
Reduced administrative burden and operational overhead

Cons

No significant weaknesses were explicitly identified in the provided reviewer feedback

Why it matters:

Reviewers consistently praise ThreatLocker for its core functionality in application control, which allows organizations to enforce a zero-trust model by blocking any applications not explicitly pre-approved. This feature is seen as a robust method to prevent unauthorized software installations and limit user privileges, effectively replacing traditional UAC mechanisms. The product's ability to prevent the execution of non-approved applications is a key benefit, contributing to enhanced security posture, particularly for sensitive systems like backup hosts.

“We use ThreatLocker setup to provide Application control, Storage control and Elevation Control. App control allows to prevent the execution of non-approved applications.”

Why it matters:

Reviewers frequently highlight ThreatLocker's effectiveness in preventing unauthorized software from executing within their environments. This capability is crucial for maintaining system integrity and stopping malicious activities before they can cause damage, with 3 of 5 reviewers explicitly mentioning this benefit. The tool's ability to halt ransomware attacks, even when other security solutions have failed, underscores its value in protecting critical assets.

“ThreatLocker has significantly increased our security posture by blocking execution of unwanted software.”

Why it matters:

The platform contributes to operational efficiency by reducing the time and effort required for administrative tasks, a benefit noted by 2 of 5 reviewers. By limiting the need for end-users to have local administrator privileges, ThreatLocker helps to simplify security management and decrease the potential attack surface. This translates into saved technician hours and a more secure environment with less manual intervention.

“Saves hours of technician time.”

What positive or negative impact (i.e. Return on Investment or ROI) has ThreatLocker had on your overall business objectives?

From 5 reviews

Summary

Reviewers indicate that ThreatLocker positively impacts business objectives primarily through enhanced security and reduced operational overhead. A key benefit, cited by 3 of 5 reviewers, is the tool's ability to block unwanted applications, which directly contributes to preventing security breaches and ransomware attacks. This proactive defense mechanism is seen as a significant improvement to an organization's overall security posture, a point highlighted by 2 of 5 reviewers. Furthermore, the platform helps streamline IT operations by reducing the administrative burden on technical staff, as noted by 2 of 5 reviewers. These combined effects suggest a positive return on investment by mitigating potential financial losses from cyberattacks and optimizing resource allocation within IT departments.

Reviews

10 Reviews

Threatlocker review.

Rating: 9 out of 10

Incentivized

April 30, 2025

Use Cases and Deployment Scope

We use Threatlocker to analyze the most frequently used programs by users and block any unauthorized programs for more automated control and security. It is a good way for us not to have to worry about any unknown software in our client environments and shows that we are actively monitoring such things.

Pros

Support is fast and responsive.
Very good at its intended purpose.
Testing environment is very useful.

Cons

Some programs that are known come up as blocked time to time.
It has a difficult time recognizing safe driver installations.
The different modes can be expanded on.

Likelihood to Recommend

Threatlocker does exactly as it advertises. I would recommend it to anyone seeking a comprehensive solution for managing software approvals. It is also very easy to use with an online support team, or Cyberheros, as they call it, that is very quick and responsive. The preset programs are also a nice touch, making deployment easy.

Verified User

Technician in Information Technology (1-10 employees)

Vetted Review

2 years of experience

ThreatLocker - Peace of Mind

Rating: 10 out of 10

Incentivized

April 11, 2025

Use Cases and Deployment Scope

We use ThreatLocker setup to provide Application control, Storage control and Elevation Control. App control allows to prevent the execution of non-approved applications. Storage control provides the ability to require that only encrypted USB devices are used unless otherwise allowed. Elevation control lets us dictate which applications can be run as administrator meaning we no longer have to allow a given user to have local admin rights.

Pros

Application Control
Elevation Control
Storage Control

Cons

None
None
None

Likelihood to Recommend

Prior to ThreatLocker, users would download and install just about any software they were able to access, despite policy. With ThreatLocker, any application that attempts to execute requires approval by a ThreatLocker admin. The use of Elevation control eliminated the need to allow users to be local administrators on their PC because they had an app that "had" to run as admin.

Verified User

Director in Information Technology (1001-5000 employees)

Vetted Review

5 years of experience

ThreatLocker the Zero Trust system you didn't know you needed.

Rating: 10 out of 10

Incentivized

April 5, 2025

Use Cases and Deployment Scope

ThreatLocker is used on every endpoint and server in our business. The software's functionality allows us to apply a zero-trust principle to all areas of our internal systems. We use the software to block any applications outside of the scope of our pre-approved applications. Further, we use network control to block client-to-client or client-to-server connections on unnecessary protocols. We also use the config manager to apply policies into our environment that we would have traditionally had to build manually in group policy, allowing us to roll out policies company-wide or to specific groups. Anything that tries to breach these policies immediately alerts us, and as such, we can understand what is going on behind the scenes on our network and what users are trying to run versus what they are allowed to run. The picture this paints is invaluable for our confidence in a smooth operation.

Pros

Application whitelisting.
Unified audits of everything network & application.
Clean and concise portal to manage the same.
Dynamic ability to allow users to request more apps.
Security and a sense of complete control.

Cons

I don't honestly know of any areas they could improve.

Likelihood to Recommend

If you want to know what is running in your environment and what it is trying to access, you should be able to take preemptive measures to prevent and protect yourself from it. ThreatLocker is the system for you! It will replace almost any EDR requirement, although I recommend you partner it with Windows Defender.

Verified User

Employee in Information Technology (501-1000 employees)

Vetted Review

4 years of experience

ThreatLocker is an essential application to our Cyber Security Stack

Rating: 10 out of 10

Incentivized

April 4, 2025

Use Cases and Deployment Scope

We use ThreatLocker to allow us to deploy application control and network hardening. especially for backup hosts. we use it to comply with essential 8. Without it we would greatly struggle, and ThreatLocker has made its really easy to achieve the required maturity level the client requires.

Pros

Application Control
Network Storage lockdown
Auditing

Cons

Reporting
easier UI

Likelihood to Recommend

Clients needing essential 8. ThreatLocker tickets the application control requirements and also has inbuild policies that is just a couple clicks to enable. super easy to deploy and then comly with essential 8.

Verified User

Manager in Information Technology (11-50 employees)

Vetted Review

Reseller

2 years of experience

ThreatLocker a must have in your Security Stack!

Rating: 10 out of 10

February 20, 2025

Use Cases and Deployment Scope

We are an MSSP that needed an Application Control tool for a good price since we offer this tool to all size companies. This tool met our requirements both on price and on function of what it offers. It provides a solid replacement for UAC and provided a way to limit what users install on their devices.

Pros

Vendor Support is top notch. Quick response times and incredibly easy to talk to.
Application Control when tuned properly works exactly as you would expect. Giving your Internal IT and MSPs complete control over what is allowed in the environment.
Easy Deployment with an RMM via their stub installers
Integration with most PSA systems allowing automatic ticket closures when the CyberHeros work something before your team can get to it. (~5 mins)

Cons

Customization of the Tray and Pop ups
More control for the Cyber Heros for Apps that are approved
NA

Likelihood to Recommend

Best suited for all types of companies that have employees. You never know what kinds of things people will click (even on accident) which can try to install unwanted applications onto your devices.

I can't really think of a company that wouldn't want to run this tool since it's so game changing when it comes to endpoint security and the cost of the tool being significantly lower than most standard EDRs out there with the added benefit of Application control.

Matthew Carey

Lead Security Analyst in Information Technology at The Scarlett Group, LLC (51-200 employees)

Vetted Review

Reseller

4 years of experience

ThreatLocker Experience

Rating: 8 out of 10

Incentivized

March 4, 2024

Use Cases and Deployment Scope

By helping to implementate Zero-trust architecture. Currently working to roll out to all clients.

Pros

New portal much cleaner.
Onboarding process very hands on.
Requesting process is easy to navigate.

Cons

Unused polices are nearly impossible to navigate due to no sorts or filtering options.
Redundant polices are impossible to determine.
Cannot view literally all policies for one organization in one view/list. Instead of have to check policies per device, group, or all machines.

Likelihood to Recommend

Any organization taking security and zero trust seriously. However, if an organization does not have the manpower/care to carefully build and maintain a true Zero Trust environment, than it's not for them.

Verified User

Engineer in Information Technology (11-50 employees)

Vetted Review

1 year of experience

ThreatLocker is the only practical and affordable zero trust solution for small businesses

Rating: 8 out of 10

Incentivized

April 13, 2023

Use Cases and Deployment Scope

We needed a practical and affordable zero trust solution, and ThreatLocker was the only one that could deliver. ThreatLocker provides us with an all-in-one zero trust solution - Application Control, Privileged Access Management (PAM) and storage access control.
We use ThreatLocker to provide a higher level of security for our clients while reducing the risks of attacks and breaches. The platform's ability to control access to critical systems and data, along with its automated threat detection and response capabilities, meets our need to secure multiple clients with diverse IT environments.

Pros

Application Control
Privileged Access Management
Storage access control

Cons

There is still room for improvement with the interface
Reporting functionality could be improved
Better notification to users

Likelihood to Recommend

ThreatLocker's automated threat detection and response capabilities provide an extra layer of security for our law firm clients, reducing the risk of malware infections and data breaches. With ThreatLocker's centralized management, we can easily configure and monitor the security settings across all endpoints and provide timely support and remediation when necessary.

Ian Bloomfield

Managing Director in Information Technology at Ignite Systems (1-10 employees)

Vetted Review

2 years of experience

ThreatLocker will stifle any unknown/known threats

Rating: 10 out of 10

Incentivized

April 11, 2023

Use Cases and Deployment Scope

This is a deny all process until approval is given (whitelisting) process. It has many nice features for approving software to allow it to execute. ThreatLocker has a "learning" mode, "installation" mode, and "elevation" mode. Users can request access to download new software. Admin can either approve or deny it. If denied, they can send a reason why it was denied.

ThreatLocker has an audit feature, so you can see what ThreatLocker has "denied", so you can look to see if it is a good or bad file. Maybe a software was trying to do an update and it was denied since it wasn't whitelisted for automatic approval. For example, Microsoft path Tuesday's patches.

ThreatLocker has paid for itself already. There have been a few times when a user has opened an attachment that had malware in it. ThreatLocker stopped it from executing.

Pros

Stop users from installing software
Stopped malware in a file attachment
Stopped any unknown software or update from executing
You can give a user "elevate" mode for a one time software installation if necessary
Push out ThreatLocker updates without having to reboot computer

Cons

When running the Unified Audit, I like to use certain filters. I wish there as a way to save those filters, so I don't have to select them every time I do a Unified Audit.

Likelihood to Recommend

I have tested two of software besides ThreatLocker. ThreatLocker by far, was the easiest of the 3 to work with and setup. One of the companies' software was too complicated to run and setup. The other one lacked a lot of the features that ThreatLocker had.

ThreatLocker came with many prebuilt template for common software and utilities, like Office365, putty, Firefox, Google, etc. It came with a bunch of prebuilt blocking/ringfencing rules for utilities like powershell, hyper-v psexec, and many others. This saves setup time.

Unfortunately, ThreatLocker will let you download something from the MS Store, sometime it will let you execute and sometimes it won't. I would like to see this to be able to block the download from MS Store until ThreatLocker approves the download.

Randy Duly

IT Specialist in Information Technology at Bulldog Battery Corporation (51-200 employees)

Vetted Review

3 years of experience

View profile

Threatlocker is necessary in a zero trust world

Rating: 9 out of 10

Incentivized

April 11, 2023

Use Cases and Deployment Scope

We use Threat Locker as a zero trust solution to protect the end users we manage. We trained on the use of the software and utilize the learning mode before go live. We use this project across all cyber security customer computers. This solves the problem of unwanted or unknown programs being used and compromising the network.

Pros

Zero trust
Protecting end users
Management of programs

Cons

Portal design
Management selections
Ease of use for technicians

Likelihood to Recommend

Threatlocker is suited to all scenarios of end user workstation management. We protect users in medical, legal, and engineering fields who often have to use multiple programs that update frequently. It is less suited for use for IT firms whose users are more tech savvy. Honestly everyone should use it ideally

William Press

Cloud Project Manager in Information Technology at Total Technology Resources (11-50 employees)

Vetted Review

2 years of experience

Easy to Deploy, Fast Support

Rating: 9 out of 10

Incentivized

September 1, 2022

Use Cases and Deployment Scope

We use ThreatLocker to lock down client machines specifically for applications and adding USB devices. It allows us to easily generate reports that show what applications are allowed and which are blocked for compliance purposes. It can also assist with installing allowed applications by allowing automatic admin rights. You can also involve the user's manager for approvals of programs and USB devices.

Pros

Onboarding and training
Ease of getting hold of support
Ease of deployment
Reporting

Cons

Ease of moving between organizations
Removing agents from clients who depart
Some UNC path definitions for local files and folders

Likelihood to Recommend

If a client has concerns with numerous employees installing things they shouldn't, if worried about employees adding programs to exfiltrate data, worries about the current Cybersecurity stack allowing scripting and therefore a vector for compromise, worries about fileless malware. Ability to quickly report on what applications are allowed in an organization.

William MacFee

Systems Engineer in Information Technology at Systems Support Corp (1-10 employees)

Vetted Review

Reseller

1 year of experience

View profile

Loading Reviews List....

ThreatLocker will stifle any unknown/known threats

Rating: 10 out of 10

Incentivized

April 11, 2023

Use Cases and Deployment Scope

Pros

Stop users from installing software
Stopped malware in a file attachment
Stopped any unknown software or update from executing
You can give a user "elevate" mode for a one time software installation if necessary
Push out ThreatLocker updates without having to reboot computer

Cons

When running the Unified Audit, I like to use certain filters. I wish there as a way to save those filters, so I don't have to select them every time I do a Unified Audit.

Likelihood to Recommend

Randy Duly

IT Specialist in Information Technology at Bulldog Battery Corporation (51-200 employees)

Vetted Review

3 years of experience

View profile