What is your primary use case for ThreatLocker Allowlisting?

I primarily use the solution for access control. We have customers and even though there is an antivirus, sometimes users might open some unapproved files. This solution will flag them for approval or rejection.

I am one of two internal support staff for our company of approximately 60 employees. We manage roughly 80 devices, including servers and similar equipment, and utilize ThreatLocker Protect for internal support only. We do not resell this product.

Users submit applications for installation, and I typically review them, granting or denying access as needed. While the volume isn't high, ThreatLocker Protect provides significant peace of mind knowing users aren't installing unauthorized or malicious software. Our biggest challenge has been user errors causing support requests. To address this, I've implemented rules for applications frequently used in daily operations. It's had a learning curve, but the effectiveness has been noticeable.

We're an IT service provider that acts as an IT department for companies that don't have one. We take over a company's IT infrastructure, look after, manage, and secure it. ThreatLocker is a part of our security stack. We've got multiple products and vendors that we use, and ThreatLocker is a tool we provide to clients who need it. We use it to control access, block specific programs or activities, and manage things like USBs and other devices. For example, if no one's allowed to use the USB device on the computer, we can do that with ThreatLocker.

We provide IT security or cybersecurity services to our customers. ThreatLocker is a key component of our security stack, and we roll it out to every one of our customer's endpoints. It's not an optional component, but a must-have because we are strong proponents of zero trust. We provide remote monitoring and management services, which can be considered remote IT security for our clients. Our clients have minimal interaction with ThreatLocker Protect directly. It is one of the security tools we install on their systems to secure their networks and end devices. More importantly, it allows us to manage and control the specific applications and services running on their endpoints. For instance, we can maintain a pre-approved list of applications that are allowed to run in the environment, while preventing unauthorized applications from executing. Even for permitted applications, we implement additional security measures. ThreatLocker's unique capabilities are particularly evident in its handling of Adobe Acrobat, a common PDF reader. PDFs can be exploited by malicious actors, or hackers, to gain access to systems. Typically, a user clicks on a PDF, it opens, and without their knowledge, malicious code executes on the system, interacting with other components to enable hacker access. With ThreatLocker, we can restrict Adobe Acrobat to only accessing the official Adobe update servers on the internet, preventing it from accessing any other websites. Additionally, we can restrict Adobe's access to other applications and underlying files on the computer, preventing hackers from utilizing the program to compromise the system. ThreatLocker is a cloud-based endpoint protection platform that utilizes endpoint agents installed on each device. The deployment of these agents can be automated through Microsoft Intune or RMM, depending on the specific scenario. The ThreatLocker portal is also cloud-based, and once the agent is installed, it communicates directly with the ThreatLocker cloud. One of the key advantages of ThreatLocker is the instantaneous implementation of changes made in the cloud to the endpoints. This ensures that devices are always protected with the latest security policies.

We use the solution as a zero-trust application. We put it on all of our customer machines. We're a security operations company that performs, security, and compliance services for different companies. For all of the companies that we support, we put Threat Locker on. As a zero-trust application, we know the only applications that we've approved are going to be able to function in those customer environments and be that much more secure.

We use it over our 31 clients, and twelve hundred devices. We use it over all of our Windows workstations and Mac workstations to prevent unauthorized installs and downloads of applications.

ThreatLocker is our standard security stack, with very few exceptions. We use it for all of our MSP clients, MSSP clients, and recently for IR response cases. We use ThreatLocker to control application installations and take advantage of its ring-fencing option, which prevents otherwise good applications from interacting maliciously.

It's a solution for software whitelisting. It blocks applications from running. If there is any DLL or something else running on your computer, the admin or admins of the service get an alert. If an end-user is trying to install something that has been blocked by the organization, the admins get alerted.

Our clients require a zero-trust solution for their servers. They need to ensure that nothing happens to the server without authorization — nothing comes in, goes out, or gets corrupted. We put ThreatLocker on the server to block anything that attempts to run without permission. We use ThreatLocker across our whole platform. We continue to pound the table on how great it is and tell our customers that they need it. It is currently deployed for multiple MSP and MSSP clients on their servers and workstations.