ThreatLocker Reviews and Ratings

Use Cases and Deployment Scope

We use Threatlocker to analyze the most frequently used programs by users and block any unauthorized programs for more automated control and security. It is a good way for us not to have to worry about any unknown software in our client environments and shows that we are actively monitoring such things.

Likelihood to Recommend

Threatlocker does exactly as it advertises. I would recommend it to anyone seeking a comprehensive solution for managing software approvals. It is also very easy to use with an online support team, or Cyberheros, as they call it, that is very quick and responsive. The preset programs are also a nice touch, making deployment easy.

Use Cases and Deployment Scope

We use ThreatLocker setup to provide Application control, Storage control and Elevation Control. App control allows to prevent the execution of non-approved applications. Storage control provides the ability to require that only encrypted USB devices are used unless otherwise allowed. Elevation control lets us dictate which applications can be run as administrator meaning we no longer have to allow a given user to have local admin rights.

Likelihood to Recommend

Prior to ThreatLocker, users would download and install just about any software they were able to access, despite policy. With ThreatLocker, any application that attempts to execute requires approval by a ThreatLocker admin. The use of Elevation control eliminated the need to allow users to be local administrators on their PC because they had an app that "had" to run as admin.

Use Cases and Deployment Scope

ThreatLocker is used on every endpoint and server in our business. The software's functionality allows us to apply a zero-trust principle to all areas of our internal systems. We use the software to block any applications outside of the scope of our pre-approved applications. Further, we use network control to block client-to-client or client-to-server connections on unnecessary protocols. We also use the config manager to apply policies into our environment that we would have traditionally had to build manually in group policy, allowing us to roll out policies company-wide or to specific groups. Anything that tries to breach these policies immediately alerts us, and as such, we can understand what is going on behind the scenes on our network and what users are trying to run versus what they are allowed to run. The picture this paints is invaluable for our confidence in a smooth operation.

Likelihood to Recommend

If you want to know what is running in your environment and what it is trying to access, you should be able to take preemptive measures to prevent and protect yourself from it. ThreatLocker is the system for you! It will replace almost any EDR requirement, although I recommend you partner it with Windows Defender.

Use Cases and Deployment Scope

We use ThreatLocker to allow us to deploy application control and network hardening. especially for backup hosts. we use it to comply with essential 8. Without it we would greatly struggle, and ThreatLocker has made its really easy to achieve the required maturity level the client requires.

Likelihood to Recommend

Clients needing essential 8. ThreatLocker tickets the application control requirements and also has inbuild policies that is just a couple clicks to enable. super easy to deploy and then comly with essential 8.

Use Cases and Deployment Scope

We are an MSSP that needed an Application Control tool for a good price since we offer this tool to all size companies. This tool met our requirements both on price and on function of what it offers. It provides a solid replacement for UAC and provided a way to limit what users install on their devices.

Likelihood to Recommend

Best suited for all types of companies that have employees. You never know what kinds of things people will click (even on accident) which can try to install unwanted applications onto your devices.

I can't really think of a company that wouldn't want to run this tool since it's so game changing when it comes to endpoint security and the cost of the tool being significantly lower than most standard EDRs out there with the added benefit of Application control.

Use Cases and Deployment Scope

By helping to implementate Zero-trust architecture. Currently working to roll out to all clients.

Likelihood to Recommend

Any organization taking security and zero trust seriously. However, if an organization does not have the manpower/care to carefully build and maintain a true Zero Trust environment, than it's not for them.

Use Cases and Deployment Scope

We needed a practical and affordable zero trust

solution, and ThreatLocker was the only one that could deliver. ThreatLocker

provides us with an all-in-one zero trust solution - Application Control,

Privileged Access Management (PAM) and storage access control.

We use ThreatLocker to provide a higher level of security for our clients while reducing the risks of attacks and breaches. The platform's ability to control access to critical systems and data, along with its automated threat detection and response capabilities, meets our need to secure multiple clients with diverse IT environments.

Likelihood to Recommend

ThreatLocker's automated threat detection and response capabilities provide

an extra layer of security for our law firm clients, reducing the

risk of malware infections and data breaches. With ThreatLocker's

centralized management, we can easily configure and monitor the

security settings across all endpoints and provide timely support and

remediation when necessary.

Use Cases and Deployment Scope

This is a deny all process until approval is given (whitelisting) process. It has many nice features for approving software to allow it to execute. ThreatLocker has a "learning" mode, "installation" mode, and "elevation" mode. Users can request access to download new software. Admin can either approve or deny it. If denied, they can send a reason why it was denied.

ThreatLocker has an audit feature, so you can see what ThreatLocker has "denied", so you can look to see if it is a good or bad file. Maybe a software was trying to do an update and it was denied since it wasn't whitelisted for automatic approval. For example, Microsoft path Tuesday's patches.

ThreatLocker has paid for itself already. There have been a few times when a user has opened an attachment that had malware in it. ThreatLocker stopped it from executing.

Likelihood to Recommend

I have tested two of software besides ThreatLocker. ThreatLocker by far, was the easiest of the 3 to work with and setup. One of the companies' software was too complicated to run and setup. The other one lacked a lot of the features that ThreatLocker had.

ThreatLocker came with many prebuilt template for common software and utilities, like Office365, putty, Firefox, Google, etc. It came with a bunch of prebuilt blocking/ringfencing rules for utilities like powershell, hyper-v psexec, and many others. This saves setup time.

Unfortunately, ThreatLocker will let you download something from the MS Store, sometime it will let you execute and sometimes it won't. I would like to see this to be able to block the download from MS Store until ThreatLocker approves the download.

Use Cases and Deployment Scope

We use Threat Locker as a zero trust solution to protect the end users we manage. We trained on the use of the software and utilize the learning mode before go live. We use this project across all cyber security customer computers. This solves the problem of unwanted or unknown programs being used and compromising the network.

Likelihood to Recommend

Threatlocker is suited to all scenarios of end user workstation management. We protect users in medical, legal, and engineering fields who often have to use multiple programs that update frequently. It is less suited for use for IT firms whose users are more tech savvy. Honestly everyone should use it ideally

Use Cases and Deployment Scope

We use ThreatLocker to lock down client machines specifically for applications and adding USB devices. It allows us to easily generate reports that show what applications are allowed and which are blocked for compliance purposes. It can also assist with installing allowed applications by allowing automatic admin rights. You can also involve the user's manager for approvals of programs and USB devices.

Likelihood to Recommend

If a client has concerns with numerous employees installing things they shouldn't, if worried about employees adding programs to exfiltrate data, worries about the current Cybersecurity stack allowing scripting and therefore a vector for compromise, worries about fileless malware. Ability to quickly report on what applications are allowed in an organization.