Overall Satisfaction with ThreatLocker
This is a deny all process until approval is given (whitelisting) process. It has many nice features for approving software to allow it to execute. ThreatLocker has a "learning" mode, "installation" mode, and "elevation" mode. Users can request access to download new software. Admin can either approve or deny it. If denied, they can send a reason why it was denied.
ThreatLocker has an audit feature, so you can see what ThreatLocker has "denied", so you can look to see if it is a good or bad file. Maybe a software was trying to do an update and it was denied since it wasn't whitelisted for automatic approval. For example, Microsoft path Tuesday's patches.
ThreatLocker has paid for itself already. There have been a few times when a user has opened an attachment that had malware in it. ThreatLocker stopped it from executing.
ThreatLocker has an audit feature, so you can see what ThreatLocker has "denied", so you can look to see if it is a good or bad file. Maybe a software was trying to do an update and it was denied since it wasn't whitelisted for automatic approval. For example, Microsoft path Tuesday's patches.
ThreatLocker has paid for itself already. There have been a few times when a user has opened an attachment that had malware in it. ThreatLocker stopped it from executing.
- Stop users from installing software
- Stopped malware in a file attachment
- Stopped any unknown software or update from executing
- You can give a user "elevate" mode for a one time software installation if necessary
- Push out ThreatLocker updates without having to reboot computer
- When running the Unified Audit, I like to use certain filters. I wish there as a way to save those filters, so I don't have to select them every time I do a Unified Audit.
- Stopping the executable from a file attachment, whether it was downloaded or opened from an attachment.
- Keep users from running/installing updates from an application. They can ask/request for the updates to be ranned, if necessary.
- The "blocked items" option from the ThreatLocker icon in the system tray. There are times when something is not working right. You can see if ThreatLocker is blocking something from the ThreatLocker icon in the system tray.
- I believe that ThreatLocker has prevented us from getting ransomware. I have it set up to block the use of any encryption tools.
- I know on multiple occasion, ThreatLocker has blocked malware from executing.
- It has kept users from installing Shareware software. I have a couple of users who like to use Shareware software.
- It keeps users honest to comply with our Corporate's cybersecurity policies.
- It keeps us compliant with software licensing.
I have tried WhiteCloud Security, Microsoft Application Whitelisting (AppLocker), and MalwareByte.
WhiteCloud Security is too complicated to use and setup.
AppLocker and MalwareByte don't have hardly any features.
WhiteCloud Security is too complicated to use and setup.
AppLocker and MalwareByte don't have hardly any features.
Do you think ThreatLocker delivers good value for the price?
Yes
Are you happy with ThreatLocker's feature set?
Yes
Did ThreatLocker live up to sales and marketing promises?
Yes
Did implementation of ThreatLocker go as expected?
Yes
Would you buy ThreatLocker again?
Yes
ThreatLocker Feature Ratings
Using ThreatLocker
37 - We are a manufacturing facility. We have management, office, and factory employees with ThreatLocker installed on their computers. We also have ThreatLocker installed on all of our servers.
1 - I am an I.T. Support Specialist. You need an understanding of how networks and computers work. Understand what software are on each computer and how are they used. Understand when do they typically update. You need to know how software interacts with the operating system, network, Internet, and other software like powershell.
- To stop unknown/known malware from executing.
- To stop the download of any unauthorized software to your computer or server.
- To stop any unauthorized encrypting process.
- Don't allow software to execute from a network share.
- To explicitly disallow any encryption process to run.
- To explicitly disallow any type of disk wiper process to run.
- To setup Network Access Control.
Evaluating ThreatLocker and Competitors
- Scalability
- Ease of Use
I was more interested in the features that it had. Also, it ease of use and ability to setup quickly. Other software I tested either were too complicated to setup or were not feature-rich.
I wouldn't. I think I did a fair job of evaluating the software. There wasn't much to choose from 4 years.
ThreatLocker Implementation
- Third-party professional services
ThreatLocker has all new users go through several Zoom calls with them to show you how the software works and help you set up some applications rules and to push ThreatLocker out to all the computers and servers. They will work with you till you feel comfortable using it.
Afterward, if you still have questions or issues. You can email, call or using the Chat box in the admin's console.
You can also use the ThreatLocker University online training.
ThreatLocker does not leave you hanging.
Afterward, if you still have questions or issues. You can email, call or using the Chat box in the admin's console.
You can also use the ThreatLocker University online training.
ThreatLocker does not leave you hanging.
Yes - During each Zoom meeting, they would show you something new and have you do the steps. The training was not an overload. They didn't throw everything at you at once.
- Understanding what "ringfencing" is and what it does.
ThreatLocker Training
ThreatLocker Support
Pros | Cons |
---|---|
Quick Resolution Good followup Knowledgeable team Problems get solved Kept well informed No escalation required Immediate help available Support understands my problem Support cares about my success Quick Initial Response | None |
There is no premium support. Everybody gets the same support.
Yes, normally ThreatLocker blocks the execution of software from running from a network share drive. I have one installation software that is huge and have multiple programs to install depending on whether the user needed any add-on programs.
Small program installation I would just copy over the local machine. But this software was like gigabytes. We were able to tell ThreatLocker that only the admin user could install this program from a certain network share path.
It made an admin's life a whole lot easier.
Small program installation I would just copy over the local machine. But this software was like gigabytes. We were able to tell ThreatLocker that only the admin user could install this program from a certain network share path.
It made an admin's life a whole lot easier.
Using ThreatLocker
Pros | Cons |
---|---|
Like to use Easy to use Technical support not required Well integrated Consistent Quick to learn Convenient Feel confident using | Unnecessarily complex Lots to learn |
- To whitelist an application.
- To allow 'denied' updates to run.
- To use the "Unified Audit".
- To push ThreatLocker updates out to all computers and servers.
- To put a computer into "Installation" mode.
- To install a prebuild application rule.
- Working with Network Access Control, as that is not my area of expertise.
Yes - The mobile interface works very well. I don't use it a whole lot. Occasionally when I am out of the office and someone has an urgent need. I get in and take care of it from my cellphone.
ThreatLocker Reliability
Integrating ThreatLocker
None. Have not integrated with anything yet.
Relationship with ThreatLocker
Price was very competitive.
Just work, ask questions, they are very willing to work with you and answer any questions that you may have. They want to see you succeed in using their software.
Upgrading ThreatLocker
Yes - It is so easy to upgrade to a new release. It is simple as a couple of mouse clicks and the latest release is pushed out to all computers and servers. Or with a couple of mouse clicks you can upgrade just one computer or server.
- ThreatLocker is always enhancing or adding new features or fixing any bugs.
- They take user's suggestion and feedback. Then implement them. I asked for a certain report and they added it to the reports list.
- ThreatLocker is always trying to find ways to improve processing speed.
- I am hoping they decrease the agent footprint size. I noticed that the executable has increased in size.