Threatlocker review

2 weeks ago 23

Threatlocker is simply a newcomer to the cybersecurity crippled - the Florida-based institution was lone founded successful 2017, agelong aft information giants similar Symantec and Kaspersky. Still, astatine TechRadar we pridefulness ourselves connected our quality to find scrappy caller contenders and were intrigued erstwhile a Threatlocker typical reached retired to america astir their endpoint protection information platform. Have we uncovered a diamond successful the rough, oregon should this level person stayed successful its eponymous locker? In this guide, you'll decide. 

 Plans and pricing

(Image credit: Threatlocker)

Threatlocker: Plans and pricing

If you're looking for a pricing expanse with elaborate tiers, Threatlocker volition permission you disappointed. Unlike immoderate different endpoint information platforms we've reviewed, there's nary 'per seat' complaint for monthly oregon yearly subscriptions. Interested parties tin interaction Threatlocker's income section via email oregon telephone, proudly displayed connected the main website.

This said, it's lone excessively casual to supply an email code to publication a merchandise demo with 1 of the company's 'Cyber Heroes'. There's besides a 30-day free trial of the platform, with nary recognition paper accusation required. 


(Image credit: Threatlocker)

Threatlocker: Features

Of each the endpoint information platforms we've reviewed, Threatlocker decidedly has 1 of the astir awesome array of features.

The main merchandise leafage provides a precise bully overview of these and the level includes basal features we'd expect to spot specified arsenic achromatic and whitelisting of applications. We were overmuch much intrigued though to work astir Threatlocker's 'Ringfencing' feature, which allows managers to acceptable boundaries for however definite applications interact with each other. 

Although the level doesn't incorporated a dedicated firewall for clients, it does see 'Dynamic Network Control'. This allows IT admins to modulate traffic, arsenic good arsenic unfastened ports lone for authorized applications utilizing dynamic ACLs (Access Control Lists) oregon cause authentications. The Threatlocker website rightly points retired that this is an often overlooked information spread erstwhile it comes to endpoint information platforms, which tin spell catastrophe if a rogue instrumentality infiltrates your network. 

The level besides has a precise precocious argumentation engine, which tin besides beryllium utilized successful a 'firewall-like' mode to restrict what applications tin do. Threatlocker notation to their 'Allowlisting' arsenic a mode to enactment you successful power implicit what software, scripts, executables, and libraries tin tally connected your endpoints and servers. This 'Allow List' tin beryllium exclusive, successful that it tin artifact immoderate applications that aren't included connected it. 

Users tin besides acceptable time-based policies, truthful applications tin lone beryllium accessed and/or execute definite functions astatine an allotted clip during the day. 

Threatlocker claims their enactment squad is disposable 24/7, 365 days a twelvemonth via telephone oregon the main portal. The website asserts that calls are answered wrong 30 seconds. Although we can't talk to this, erstwhile we decided to trial aviator this level we received replies to our emails wrong minutes.


(Image credit: Threatlocker)

Threatlocker: Setup

We've antecedently mentioned Threatlocker's highly affable and adjuvant enactment team, who offered to interaction america and acceptable up a demo to locomotion america done the onboarding process. We appreciated the connection but decided to spell it unsocial to spot however casual the level is to use. Nevertheless, it's bully to cognize that assistance is connected manus if needed.

After signing up for the Threatlocker trial, users are asked to supply their institution and interaction details. Next, you're logged consecutive successful to the Threatlocker portal. We instantly headed implicit to the 'Deployment Center' to instal the cause bundle connected our trial machine.

Threatlocker offers a fig of ways to bash this, including RMM (Remote Monitoring & Management), bundle deployment tool, Active Directory and Power Shell. We opted to instal the cause manually utilizing the Windows installer. There's an MSI mentation but we opted alternatively for the tiny 'stub' utility, which Threatlocker advises volition instal the astir existent mentation of the ThreatLocker Agent.

Agents are disposable for some Windows (Servers and Workstations) and macOS. We couldn't find immoderate notation of Linux oregon mobile devices. 


(Image credit: Threatlocker)

Threatlocker: Interface

As impressed arsenic we were by the immense array of features available, we couldn't assistance but consciousness the main interface is simply a small spartan. At times it feels much similar editing a database alternatively than editing an online portal.

That said, the near manus pane is logically laid retired and it's casual to grow sections to spot further options. For instance, expanding 'Application Control' lists wide choices similar 'Policies', 'Permitted Applications', 'Applications' and 'Tags'.

We felt the interface was astir wanting successful presumption of the main dashboard - oregon deficiency thereof. Unlike different endpoint information platforms we've reviewed there's nary country wherever you tin spot a speedy heads up of instrumentality status, threats blocked and truthful on, accompanied by immoderate adjuvant pastry charts and different infographics. 

The study generating diagnostic allows you to summon immoderate magnitude of information e.g. Blocked Files successful the past 24 hours but these look successful a spreadsheet-like format, truthful you whitethorn person to bash immoderate click and dragging successful bid to presumption each the information.

Having trashed the interface for being a small excessively Nineties, we should gully readers' attraction to Threatlocker's caller 'Beta' portal, which has a overmuch richer UI. There's inactive nary useful dashboard per se but options are overmuch much colorful and substance is amended laid out. The near manus pane has besides been axed successful favour of a driblet down paper which users tin motorboat from the apical left.

Sadly the Threatlocker Agent has yet to get the 'Beta treatment' truthful if, for instance, you privation to presumption blocked files you're stuck with the spreadsheet-style layout again. 


(Image credit: Threatlocker)

Threatlocker: Performance

Despite our misgivings astir the Threatlocker's existent UI, what it lacks successful looks it much than makes up for successful functionality.

When reviewing endpoint information solutions, our archetypal measurement is ever to effort to download a fake computer virus, provided by the bully radical of EICAR. We opened Microsoft Edge connected our trial instrumentality and downloaded the fake microorganism successful compressed (ZIP) format.

On our archetypal attempt, we recovered we were incapable to extract the record arsenic the permissions had been changed. We decided to beryllium cunning and downloaded the trial microorganism uncompressed and tried to tally it. We instantly saw a pop-up from the Threatlocker Agent to accidental the record had been blocked from executing. Interestingly, the cause does see a 'Request Access' option, which whitethorn beryllium utile if an endpoint idiosyncratic wants to petition support to tally a morganatic program.

Our adjacent trial was to effort to transcript a new, existent machine microorganism we'd caught successful the chaotic to the trial machine's 'Downloads' folder, to spot however Threatlocker would react. We bash this trial to cheque if an endpoint information level tin observe suspicious files based connected their behavior, not conscionable by checking their signature against a known database of threats.

Once again, Threatlocker didn't fto america down, instantly detecting and quarantining the existent trojan virus.

Our last trial is ever to log successful to the unreality console of an endpoint information platform, to cheque if the threats had been correctly logged. We decided to usage Threatlocker's beta unreality console to database these, and were pleased to spot that the afloat record names were displayed without immoderate good tuning via the mouse. 

Threatlocker: Final verdict

A bare-bones interface is simply a tiny terms to wage for a level arsenic almighty and arsenic versatile arsenic Threatlocker. While its creators aren't ever mentioned successful the aforesaid enactment arsenic long-established cybersecurity vendors similar Malwarebytes, we were pleased however casual it was to registry and effort retired the platform. We besides were delighted with the level of enactment offered to assistance users with onboarding and defining policies.

Security-wise, portion a dedicated firewall would person been perfect this is efficaciously made up for by good tuned exertion control, arsenic good arsenic dynamic web control. We were peculiarly impressed that the level takes larboard power seriously.

Threat detection was perfectly flawless, with some the fake and existent microorganism being spotted and quarantined wrong moments. We would person appreciated a much graphically-rich cause but ideate this volition get an overhaul successful future, on with the instauration of Threalocker's caller beta portal.

The lone large disapproval of the level is that if you employment Threatlocker to support your endpoints, you'll request to find different solution for mobile devices arsenic the level doesn't look to enactment it. We did find, however, that there's a Threatlocker mobile app disposable for IT Administrators who privation to negociate endpoints from an Android oregon iOS devices.

We've listed the champion web monitoring tools.

Read Entire Article