As far as an improvement regarding ThreatLocker Cyber Hero MDR, there are still some things that, out of the box, it would be nice to have a more fine-grained ability to create certain exclusions. Currently, that is something we have to work on with them when you get an alert, and we can't define or see some of those exclusions on our end. It has to be done in conjunction with them, and it would be nice to have the improvement where we can see those things in our portal or even define some at a very granular level, such as when a particular user is granted remote access to an environment. There were users or new hires that were granted remote access, which then generated an alert from the MDR team. We confirmed that those things were okay, but finding a more granular way to specify that these actions are allowed under very specific circumstances would be beneficial. Again, we are eliminating false positives, but we get very few now anyway since we've been using the product for almost a year.
President & Chief Executive Officer at OneconnectionIT
Real User
Top 20
2025-02-19T13:35:43Z
Feb 19, 2025
We have not used it for long enough, but there are some things users have asked for, such as integration with other platforms for reporting. They want a single glass location to use all the tools. It is preferred that everything is seen under one tool rather than multiple platforms requiring multiple logins. We have not figured that out yet, but I think ThreatLocker is on that path.
ThreatLocker Cyber Hero MDR provides advanced threat detection and response capabilities, designed to enhance cybersecurity defenses for businesses.
Designed for efficient threat management, ThreatLocker Cyber Hero MDR offers a comprehensive suite tailored to meet cybersecurity demands. Its robust architecture supercharges security operations, protecting against sophisticated threats with precision and reliability. Automation in threat management and response streamlines processes and...
As far as an improvement regarding ThreatLocker Cyber Hero MDR, there are still some things that, out of the box, it would be nice to have a more fine-grained ability to create certain exclusions. Currently, that is something we have to work on with them when you get an alert, and we can't define or see some of those exclusions on our end. It has to be done in conjunction with them, and it would be nice to have the improvement where we can see those things in our portal or even define some at a very granular level, such as when a particular user is granted remote access to an environment. There were users or new hires that were granted remote access, which then generated an alert from the MDR team. We confirmed that those things were okay, but finding a more granular way to specify that these actions are allowed under very specific circumstances would be beneficial. Again, we are eliminating false positives, but we get very few now anyway since we've been using the product for almost a year.
We have not used it for long enough, but there are some things users have asked for, such as integration with other platforms for reporting. They want a single glass location to use all the tools. It is preferred that everything is seen under one tool rather than multiple platforms requiring multiple logins. We have not figured that out yet, but I think ThreatLocker is on that path.