ThreatLocker Zero Trust Endpoint Protection Platform Reviews

We're a managed service provider, mostly dealing with small business office environments, so ThreatLocker Zero Trust Endpoint Protection Platform is used in the context of many different tools. It's a unification of several different tools. Their front and center is their Application Control, where I believe the older, less correct name for it would be application whitelisting. Basically, it ensures that nothing can run within a given environment. As long as the machine is protected by ThreatLocker Zero Trust Endpoint Protection Platform, nothing can run within an environment that is not considered kosher by the admin.

If you don't allow it, it doesn't run with ThreatLocker Zero Trust Endpoint Protection Platform. It's as simple as that. I've had it block PowerShell scripts that my RMM has sent through. It's one of those things that in the moment, it's really annoying. However, the implication is that if that were anybody else, they wouldn't have been able to allow it.

I deal with ThreatLocker Zero Trust Endpoint Protection Platform. It provides peace of mind because it unifies a lot of different tools, including managed detection and response and Endpoint Detection and Response.

The single pane of glass management for all this functionality is really the best feature. It unifies many utilities that would have been separate costs before, and it lets us sleep at night knowing that things are being monitored 24 hours.

The ThreatLocker Zero Trust Endpoint Protection Platform auditing capabilities have provided valuable insights for us and have stopped several would-be malware infections.

Going with the theme of ThreatLocker Zero Trust Endpoint Protection Platform being a one-stop shop where they have just about everything, and they have a really good product stack as is. However, the one last thing I would want to see is mail security implemented similar to how Mail Protector does theirs, except obviously managed and included in a subscription tier with ThreatLocker Zero Trust Endpoint Protection Platform.

It's pretty easy to deploy as far as this functionality goes. However, it's very annoying to uninstall. You have to go into the online control panel and disable tampering for a device before it'll let you uninstall it without complaining really loudly. This is actually one of those things that is annoying in day-to-day operation because it assumes you don't know what you're doing. However, I would rather it let me know when it doesn't need to than have a situation where our protection is just being disabled and nothing's being done about it.

On a scale of 1 to 10, I would rate ThreatLocker Zero Trust Endpoint Protection Platform a nine. There's a little bit of smoothing they could do, but most of my annoyances with it are with the concept as a whole and there's not really anything anyone can do to fix them. It comes with the territory. It's not really something that they in particular could improve upon.

I have dealt with ThreatLocker Zero Trust Endpoint Protection Platform for a couple of years at this point.

The support with ThreatLocker Zero Trust Endpoint Protection Platform is phenomenal. Utterly phenomenal. I literally don't think I have ever waited more than a minute to hear back.

Positive

We've been Blackpoint customers for MDR, EDR before ThreatLocker Zero Trust Endpoint Protection Platform. They did not offer the Application Control or the network control, the storage control. ThreatLocker Zero Trust Endpoint Protection Platform added the MDR, EDR functionality as a logical extension of what they do with the application whitelisting, with the network control, with the storage control. It was just a logical extension. But Blackpoint only ever offered the MDR, EDR functionality. And as far as I know, they were only just starting to branch out into Application Control before we moved over to ThreatLocker Zero Trust Endpoint Protection Platform.

The zero-trust approach of ThreatLocker Zero Trust Endpoint Protection Platform has helped us pass certain certifications for cybersecurity. The zero-trust portion means that it's a little more annoying than traditional security software. However, you know for a fact that it's working because you can watch it stop stuff in real-time.

I do use the Application Control feature of ThreatLocker Zero Trust Endpoint Protection Platform. It is about as straightforward as you could hope for a tool. They offer many deployment options. They have an agent installer you can download. They have a deployment script that you can push through your RMM, or through a Group Policy type implementation.

I'm not very familiar with the pricing of ThreatLocker Zero Trust Endpoint Protection Platform. I don't look at the numbers typically as I focus on technological aspects and implementation. From what I understand, our licensing costs are actually fairly reasonable. For the tier we're at now, it's approximately $10 an endpoint, and we're easily able to upsell that. We're covering our costs and then a little bit on top. It's such a useful tool that if I were making the decision, I would probably even sell it at a loss and take a little bit of a chunk out of other managed service profit margins if necessary. ThreatLocker Zero Trust Endpoint Protection Platform is just that useful.

The way Ringfencing helps limit application actions is by allowing an application to run. However, that application is not allowed to talk to certain common threat vectors such as scripting hosts, PowerShell, macros, etc. That's how it's configured by default. You can configure it however you want. For example, I could stop Chrome from talking to Word if needed.

I rate ThreatLocker Zero Trust Endpoint Protection Platform a nine out of ten.

We're currently deploying 15,000 machines. For us, it is quite easy, however, the problem is that our environment is complicated to deploy due to many customizations. That said, with ThreatLocker, it is not a problem. 

It's getting better in terms of cost and transparency. We can see security improving and can show our evolution. 

The control list is the best feature. For our company, it provides value to our customers since they can see we are improving our security. It also helps us understand what is happening in the machines with notify audits. The solution shows evolution and helps us troubleshoot, even when installed on only some machines.

We can reduce attack surface. We have over 1500 sysadmins, and without it, it was hard to control permissions.

We hope in the future it will help us reduce costs.

We can block access to unauthorized applications. With all of the sysadmins, it had been quite difficult to block everything manually. We have more control over our environment now.

It helps us to see what's happening in the environment and can help us troubleshoot. Once we install across all machines, we can see better what's happening. 

There could be options for handling a bulk amount of machines simultaneously. Randomizing the actions instead of executing everything at once would be beneficial. This would apply to our policies, particularly for the container and Linux versions.

We have been using it for about one year and six months, almost two years.

I have encountered some problems with stabilitiy, however, they are resolved quickly. It is not really a significant issue for me, as they are solved very fast.

The scalability is okay for us. We do not have any problems.

The customer service is very good and very fast.

Neutral

Previously, we used another solution, including a solution from ManageEngine. We switched to ThreatLocker because we felt secure using it, especially with Cyber Heroes and the learning mode.

The implementation was done in-house by me.

We are seeing a return on investment, especially with our managers and customers. We are protecting them and enhancing our security. They all feel safer with this solution.

The setup cost is good, but money in Brazil is quite expensive. Despite the Brazilian economic issues, it is manageable when considering the dollar.

We just have one alternate solution in mind, which includes control mechanisms. We tested some others but liked this one a lot. We need to finish the first part.

My overall product rating is nine out of ten.

Many of our firms are currently using ThreatLocker, and they have been very happy with it. It can block unauthorized software from being downloaded. 

A few years back, we had an attack on one of our biggest clients. After that, we implemented ThreatLocker. For the last couple of years, there have been no issues or attacks. This has been really helpful.

Currently, we are not using the full range of modules, however, we are using ThreatLocker elevation. That's really good. 

The deployment is very easy.

We've been able to save some operational costs and expenses by using this product. However, the main thing is that it protects our customers. 

The zero-trust endpoint availability is good. It can block unknown applications straight away.

We have reduced help desk tickets. It helps with management. We have a good team in place. 

Some reporting areas need improvement. We need to generate more reports. That area should be improved. We'd like reporting on if someone tried to install software, we'd like to be able to generate reports on what was blocked.

I have been using ThreatLocker for the past four years.

Stability is good; it is a growing business. Over the last four years, it has grown significantly.

Scalability is good. There has been no impact in the last couple of years.

Support is good, with very quick support from Cyber Heroes if any staff requires help. From our side, they are really helpful.

Neutral

We did not use another solution previously.

The initial setup is good; deploying is very easy.

We are managing the implementation ourselves.

It's protecting our customers. That is the main thing. That's our ROI.

In the last couple of years, the price has remained the same. Nothing has changed, and it's good. I hope it will not increase soon.

We did not evaluate other options. 

The overall rating of the solution is eight out of ten. We need to improve the reporting side, including reporting and generating reports. That area needs to be improved.

I have a lot of clients, and I am responsible for protecting them by ensuring their environments are safe and up-to-date.

The major benefit is just fewer breaches overall. No one can run anything without it being approved first. ThreatLocker is helping companies protect themselves.

Being able to protect and trust nothing by default, known as zero trust, is the most important feature to me. The major benefit is fewer breaches overall, as nothing can be run without prior approval. This helps my company protect its data and secure itself effectively.

Attack surfaces are easy to control. It's easy to deploy and protects very well.

We've been able to consolidate security tools using ThreatLocker. We used to use SentinelOne and it wasn't doing exactly what we wanted. It wasn't detecting anything. 

It's great at blocking access to unauthorized applications. By default, it trusts nothing. 

We do get more tickets for application requests, however, that's not a bad thing, since it's protecting our environment. 

The user experience could be improved. Most complaints we get are based on users wanting certain functionality. For the most part, built-in applications are pretty good, however, having more would be beneficial.

I have been using it for about two to three years now.

It has great stability without any negative aspects.

I believe it's scalable, whether the client is small or large. It is beneficial regardless of the size.

I have experienced amazing support. Whenever I have an issue, I click the chat button, and someone is always available to assist me. Escalations go smoothly, and I have never encountered support issues.

Positive

I used to use a tool called SentinelOne before switching to ThreatLocker. SentinelOne was not meeting my needs and did not detect issues effectively. I now also use Huntress, but ThreatLocker has been a huge help by blocking anything unapproved.

I deployed it with our RMM, which made it really easy. It was much simpler than it would be with a different program. I set up the tenant, changed a few settings, checked a box, and deployed it. The process was fast and efficient, with the devices appearing quickly and no slowness.

I would stress the importance of saving companies from breaches. The cost versus benefit of ThreatLocker is significant, as its small cost offers great advantages. If something were to happen without ThreatLocker, the cost would be huge, and thus, having it is definitely worth it.

In meetings, they mention 'set it and forget it.' While this can be efficient, it might leave applications unaudited over time, possibly opening vulnerabilities. Regular auditing and reviews would enhance security. 

I give it a nine out of ten overall, recognizing there is room for improvement.

I have a security service that I sell to my customers, which I provide along with ThreatLocker to deploy one of the essential eight controls.

We've helped to reduce overhead while managing at a large scale. 

The application control is a key feature of ThreatLocker. By using ThreatLocker, I have reduced the overhead of managing application control, eliminating the need for my engineers to manually add applications. 

ThreatLocker automates this process efficiently, allowing me to manage it on a large scale for all of my clients, as well as internally. It helps me produce greater efficiency.

It's easy for IT teams to use regarding reducing attack surfaces. It's easy for us. We can manage everything quite easily.

It's been able to help us eliminate and consolidate security tools. We were using a lot of Windows components and have since gotten rid of them.

We have saved on operational costs. We were spending about four to six hours a week managing requests and now were down to about two hours. 

ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications has been excellent. It's also helped us to provide efficiencies elsewhere and, therefore, invest our time in other things that could benefit us tremendously. It has freed up time by 10% to 20%.

Initially, the learning curve was slightly high for me, however, that has been resolved now. They made a lot of improvements. When I first came on board, it was trickier to learn. Besides that, I can't see much else needing improvement at this stage. ThreatLocker University might offer more now, with additional learning and certifications. Previously, I only had a few demo and engineering sessions and had to learn the rest by myself.

It would be nice if they provided more than an EDR and have an antivirus component to go along with it.

I have been using the solution for about a year and a half now.

The stability had a few hiccups at the start, however, they've worked through a lot of their issues and are pretty responsive in fixing them.

I find scalability quite good.

Customer service has been great. I don't have much experience directly with them, however, I would rate it a nine out of ten.

Positive

I used just Windows Defender Application Guard control.

My experience with deployment was straightforward, easy to do, and worked well. I initially rolled it out to one or two clients as a trial and then expanded it to all clients. 

I did not use an integrator, reseller, or consultant for deployment.

The time efficiency I gained has allowed me to invest in other areas of the business. Additionally, I provide a lot of compliance services and communicate my processes to customers efficiently and safely.

The setup cost has been great. I had a really good deal at the time, and it continues to be cost-effective.

I considered Blackpoint as one of the options.

The overall product rating is nine out of ten. 

I deploy ThreatLocker to my clients who sign up with my service agreement. I coordinate the deployment and monitoring of the software and programs. 

Periodically, I manage the alerts and respond to requests by either approving or denying them, depending on the case.

ThreatLocker provides a lot of peace of mind. We don't have to worry something is going to get in and run in the background in the night hours. It's more so for our control and monitoring purposes.

The application control is highly valued by me. The ring fencing and storage management are also important, however application control is my go-to feature. The solution helps provide me with peace of mind and control. It assists me in reducing help desk tickets by automating processes and allows IT teams to focus on other projects. 

ThreatLocker saves me a couple of hours per day dealing with threats and encrypting efforts elsewhere. It helps me run reports ahead of time to avoid wasting time.

It's easy for IT teams to use. Cyber Hero Support is always there is we get stuck.

We've been able to save operation costs. With the automation and policies that are in place for application control, we're not finding ourselves wasting time monitoring or resolving issues. Our efforts are now being deployed elsewhere. 

It's very good at blocking unauthorized applications. We had to manage policies through the server and it was more tedious. With ThreatLocker, we definitely see the benefits.

We have reduced our help desk tickets with the help of automation. There's a lot of reporting to help us block and avoid wasting time. Our IT teams can use the time on other projects. Agents can handle other phone calls. We have more resources available. 

Without ThreatLocker, responding to threats might take an hour or two. With the solution, this is sped up. We can save hours a day since threat response has been sped up.

It's only been a short amount of time. We do need more time with it and be more acquainted with the software. 

We use other vendors for other components. I'd like one vendor to control all aspects of the business, including backup, EDR solutions, email monitoring, and control, rather than using multiple vendors.

I have been using it for about ten months.

It is stable.

It is scalable.

Customer service is excellent, with Cyber Hero Support being responsive within a minute or two. There are regular communications with an account manager and a support agent.

Positive

There was no Zero Trust solution before this, however, I had other EDRs and vendors.

The setup was pretty easy for me. I use another tool, an RMM tool, that helps me automate deployment. Setting up the organization on the portal was straightforward due to built-in applications and policies.

The deployment was supported by an RMM vendor. I found no issues.

It frees up my time for technicians to focus on other projects, providing me with an overall definite benefit.

The cost is very competitive. The pricing model works for me and can be passed to clients as part of their monthly service agreement.

I did not evaluate other solutions before picking this one.

ThreatLocker's modules, knowledge base, ThreatLocker University, and resources are very helpful for me. Policies and policy auditing formats are clear and easy to use. 

The overall product is rated ten out of ten.

Our use case involves endpoint protection, ensuring that nothing harmful reaches any of our clients' workstations.

ThreatLocker Zero Trust Endpoint Protection Platform has helped mitigate security threats and reduce the risk of ransomware and data breaches.

ThreatLocker Zero Trust Endpoint Protection Platform has not helped replace any solution, but with most things in security, there are different layers. It is definitely the front of the shield. It does what it needs to do and is a very good product.

ThreatLocker Zero Trust Endpoint Protection Platform is very good at blocking access to unauthorized applications. I have seen it block several different types of nasty exploits. It is always interesting to see stuff come through that. It is also about how you manage your environment. At the end of the day, you have to make sure you set your filters correctly. If you do not set your filters correctly, you are going to have a hole somewhere. Right off the back, the way it works is great.

ThreatLocker Zero Trust Endpoint Protection Platform has helped reduce help desk tickets. It has helped reduce the incidents of clients getting exploits or ransomware put on their devices by 110 times.

Reducing help desk tickets using ThreatLocker Zero Trust Endpoint Protection Platform has helped free up our IT team’s time for other projects or tasks. It probably saves a couple of hours a day. Having ThreatLocker on our devices does help protect all our clients and our organization, and that allows us to review and remediate other security concerns.

The application management on any workstation with the solution is valuable. I find it valuable that it indicates whether the software is part of our pre-approved list, adding a nice layer of protection. It works great because people cannot just install or download any app from the web. Anything unapproved gets blocked.

ThreatLocker University offers many good training modules, but more in-depth training for advanced platforms would be beneficial. I believe having more detailed information would be great. There could be a portal where others can provide suggestions that we can review.

I have been using this solution for about two years.

It is very stable. I would rate it a nine out of ten for stability.

Its scalability is great. They have many other services included, and I believe we are only using one or two. Personally, I would like to see us use more, but it is about having layers and more than one solution to back us up. I would rate it a ten out of ten for scalability.

ThreatLocker's support is great. We have a good response time and a strong conversation with Rob and all the other team members there. I would rate them a ten out of ten.

Positive

The main return on investment is peace of mind, knowing that with ThreatLocker on any endpoint, it will almost always block all malicious code or exploits, even zero-day exploits. If an unknown or unapproved program is run, it is blocked for review, making us better at our job. If the client is trying to run something that is not in our system and the hash does not exist, it will be blocked for us to review, which then makes us better at our job.

It is easy to use, but you need to understand how it works from a high level. It requires an in-depth understanding of IT teams. A lot of time, people think they know what they are doing, but they set things that should not be set in the learning mode. They then have to go back and find them and remove them.

I have not seen any security defense solution quite like ThreatLocker Zero Trust Endpoint Protection Platform. There are other companies trying to achieve the same. With recent third-party issues, I have not observed ThreatLocker causing outages. It works very well, providing peace of mind. It is a great product. 

Overall, I would rate ThreatLocker Zero Trust Endpoint Protection Platform a ten out of ten.

We mostly use ThreatLocker Zerto Trust Endpoint Protection Platform when we install new software and any additional new features in our environment. That's why we monitor it daily as well.

We're using it for four or five clients, and they are still in the testing phase. I'd like to use it for all of our clients. It's brilliant. There's good support and transparency. We've been able to find all of the information we need about threats so we can stop them effectively.

Blocking is done comprehensively. I would say about 70% to 80% of the time, it is mostly effective. 

When we started using ThreatLocker, some of our clients experienced a high volume of installation-related tickets. However, since we moved to ThreatLocker and after utilizing the learning mode, the number of tickets from those clients has decreased significantly. 

It's easy to use, even for someone who's not necessarily in IT. They just need some knowledge of computers.

We're saving a lot of time uncovering solutions and finding threats - and time is the most important aspect.

It's very good at blocking access to unauthorized applications. If there's an unknown device trying to connect, for example, we immediately get an alert.

It helps us reduce help desk tickets by 70% to 80%. This has helped us free up IT teams for other tasks. I would estimate that it saves at least 50% to 60% of our time by eliminating repetitive tasks, allowing us to focus on different things rather than performing the same tasks repeatedly.

I was discussing with someone the other day, and it seems there is currently no solution for mobile users. If ThreatLocker can design or build something for mobile devices, that would be brilliant.

We have been using ThreatLocker for the last few years.

It is stable. Its architecture deals directly with the kernel. This makes it more secure and stable. The kernel is the heart of a computer, so it is really stable.

You just need to install the agent, and that's it. You can deploy the agent through different methods, such as through your ID, your RMM, or your GPO. There are multiple ways, and it's just a matter of installing the agent and placing the computer or device in learning mode for 21 days, and ThreatLocker will handle the rest.

I only have one example, as I only had to discuss a matter with someone from CyberHero. The interaction was extremely quick. I opened the ticket, and within seconds, I received a reply.

Neutral

We did not use previous solutions.

The setup occurred a long time ago, about two and a half years. Initially, access to the portal was limited to senior colleagues; however, for the last two years, I have had access. I have not encountered any difficulties in using ThreatLocker.

I am not very technical, however, everything revolves around time. If a solution saves time and reduces manpower consumption, then ThreatLocker achieves that. There is nothing else we can evaluate.

There were no alternate solutions. It was the only one considered.

I would rate it a ten out of ten. There is no alternative solution currently. It is the best we have right now, although some competition would encourage faster innovation. The zero-trust architecture is impressive. It is an approach opposite to usual systems.