Key Features of ThreatLocker
1. ThreatLocker Protect:
- Application Control: Enforces application allowlisting and blocklisting.
- Ringfencing: Isolates applications to prevent lateral movement during attacks.
- Storage Control: Extends control to storage devices based on policies.
2. ThreatLocker Detect:
- Behaviour Monitoring: Continuously monitors endpoint behaviour.
- Real-time Alerts: Receives alerts for suspicious activities.
- Integration with ThreatLocker Protect: Comprehensive security coverage.
3. Elevation Control:
- Manages privilege escalation to limit unauthorised changes.
4. ThreatLocker Storage Control:
- Manages data security by restricting unauthorised storage access.
ThreatLocker® Detect is a tool that monitors and alerts on suspicious activities within your network. It can monitor Windows event logs, alert on unsuccessful login attempts, and isolate machines in response to perceived threats while allowing specific remote access for investigation.
Storage Control provides policy-driven control over storage devices, whether they are local folders, network shares, or external storage like USB drives. It allows granular policies to be set, such as blocking USB drives or controlling access to backup shares.
Yes, it logs all actions related to file movements, deletions, and the programs used, allowing you to see exactly what happened and recover lost or deleted files.
ThreatLocker® meets various security compliance standards, including HIPAA, by enforcing encryption across all devices and creating fine-grained application access controls to limit risky access.