Zero Trust World: ThreatLocker Unleashes New Tools to Stop Threats
MSPs are looking forward to adding the new capabilities.
![Zero Trust World 2024 Day 2 Zero Trust World 2024 Day 2](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt66c4fb1d41f96772/65de985f83aa0d040ac8436c/Zero_Trust_World_Day_2_Cover.jpg?width=700&auto=webp&quality=80&disable=upscale)
In the event something goes wrong, ThreatLocker has “minutes that other people don't have to respond,” said CEO Danny Jenkins.
“If you go onto a normal server not running ThreatLocker, running any other endpoint detection and response (EDR), and you run ransomware, unless that ransomware is known, it can encrypt thousands of files before you even know it's happening,” he said. “With ThreatLocker, our default position is block. So our customers would say, 'Well, you're seeing this data, you're seeing people try, tell me about it.' So what we're able to do with ThreatLocker Ops is tell them about it and then automatically respond. So you saw on stage how quickly when we started doing bad stuff, we were able to challenge the user because stuff was on the line to begin with. 'Hey, are you an IT guy, because this could be an IT guy.' And then we're able to respond, and have the machine locked down and call the customer.”
Jenkins told attendees, “We're here to get your back.”
“Whether you're using that lock option, using it as a tool yourself, we're getting to see these alerts,” he said. “We're getting to remediate them for you faster. And if you have Cyber Hero managed detection and response, or you're just using ThreatLocker Ops, it makes the ThreatLocker product better because the more we understand our product, the more we manage our product, the better we can make it for you and the more attacks we see. Nothing bad happened because nothing could happen. Because we operate in a least privileged world.“
ThreatLocker has also released a new version of its mobile app. ThreatLocker Mobile provides on-the-go management for ThreatLocker's endpoint security platform accompanied by push notifications.
“The app no longer just allows you to approve requests on the fly,” Jenkins said. “It also allows you to see the unified audit. It also allows you to see policies and essentially manage nearly all of the ThreatLocker portal from one site. I say 'nearly' because it's hard to use the testing environment on a screen this [small]. But a lot of the features are available to make your life easier.”
We spoke with a number of MSPs about ThreatLocker’s new features at Zero Trust World. George Lakiotis, CEO/vCIO of Symmetric IT Group (No. 462 on the 2023 MSP 501) a Florida-based MSP, said the new offerings announced by ThreatLocker will be helpful in protecting his business and customers.
“I already have scheduled a meeting with our account manager to go over it and see how we can implement some of the new solutions into our stack and get rid of some of the other, less mature tools that we use, so we're really looking forward to it.” he said.
With detection and response, “we see every single step that's happening,” Lakiotis said.
“So to me, that's huge, and if you have a team watching it at 3 a.m., you'll wake up knowing it,” he said. “We’re not 24/7, but it doesn't mean that bad actors aren't attacking us 24/7, so I'm looking forward to adding that to our solution stack.”
Attending Zero Trust World is going to help Symmetric’s overall security posture, Lakiotis said.
"Just talking to some of the other vendors that are here, other partners, we really picked up some great information, and this new detect and response that's being released is really going to be helpful,” he said.
Rich DePierro, managing partner of 2 Dog Digital, a North Carolina-based MSP, said ThreatLocker has always launched helpful products at Zero Trust World.
“I love the Cyber Hero program,” he said. “My entire staff are certified. Those guys on support, we've never had a problem. We open a ticket, they get to it right away and they do business like we like to do business.”
DePierro said every time he attends Zero Trust World, “we figure out something else.”
“We learned a couple things already at this event, how we can tighten up ThreatLocker even more than we use now,” he said. “We're all in with ThreatLocker. We've been with them for about four years now, and if a customer of ours will not use ThreatLocker, we will not sign a contract with them. So it's the basis of our entire security stack. And zero trust is what we do.”
ThreatLocker is at 100% implementation for 2 Dog Digital customers, DePierro said.
“ThreatLocker allows me to sleep at night, not worrying about ransomware,” he said. “So the biggest worry we have right now is human error with somebody allowing something they shouldn't. And that's training your staff to be vigilant and everything else.”
Jayden Harris, security analyst at Maise Technology, a Utah-based MSP, said ThreatLocker’s new products should be helpful to his business.
“It seemed definitely interesting having a way to quickly respond to threats that appear,” he said. “We use other endpoint detection and response (EDR) services, but it'll be a good addition to the stack. Every time I see something new about ThreatLocker, I'm always impressed.”
Harris said he's gained valuable insights to use when he’s back at his business.
“I feel like I've learned, especially with ThreatLocker, how to not only improve functionality for myself, like how to better write the policies and things like that, but also just the mindset to have when going into incidents, that type of thing,” he said. “We're in the process of implementing zero trust.”
Jayden Harris, security analyst at Maise Technology, a Utah-based MSP, said ThreatLocker’s new products should be helpful to his business.
“It seemed definitely interesting having a way to quickly respond to threats that appear,” he said. “We use other endpoint detection and response (EDR) services, but it'll be a good addition to the stack. Every time I see something new about ThreatLocker, I'm always impressed.”
Harris said he's gained valuable insights to use when he’s back at his business.
“I feel like I've learned, especially with ThreatLocker, how to not only improve functionality for myself, like how to better write the policies and things like that, but also just the mindset to have when going into incidents, that type of thing,” he said. “We're in the process of implementing zero trust.”
THREATLOCKER ZERO TRUST WORLD — During day two of Zero Trust World, ThreatLocker unveiled new features to help MSPs and others prevent and eliminate threats.
The company added remediation scripts to the ThreatLocker Community. The Community allows administrators to share and adopt ThreatLocker Ops policies used by industry peers to tailor their protection based on their specific vertical.
"If something bad happens, you can search our Community to see if there's already a remediation script for it, and then you can run that using your remote monitoring and management (RMM) or ThreatLocker’s remediator,” said Danny Jenkins, ThreatLocker’s CEO. “So we added ThreatLocker remediator as an optional installer to ThreatLocker Ops. And you can now use that remediator to connect to and run remediation scripts in the event that you don't have your own RRM or something like that.”
Ops Unleashed at Last Year's Zero Trust World
Introduced at last year’s Zero Trust World, Ops has been the biggest change to ThreatLocker’s platform in the last three years, Jenkins said.
“Ops provides everything about a machine in one place,” he said. “The beauty about it is you have all the information you need to make a decision about what needs to be on this machine.”
In addition, ThreatLocker announced Cyber Hero Managed Detection and Response, which will be managed by its Cyber Heroes, which have an average response time on chats of 23 seconds.
“That’s important because they’re some of the fastest support people in the world,” Jenkins said.
The big need ThreatLocker saw from MSPs was the ability to know what bad things were trying to happen on their computers, he said.
“So that's why we created ThreatLocker Ops, because MSPs were traditionally just unaware that, 'Hey, we've got remote desktop protocol (RDP) open and while this bad guy can't run anything, he's on our server trying to run stuff,'" Jenkins said. "So there was a big need in seeing that. And one of the great things about ThreatLocker is because we operate on zero trust, we have something that other security tools don't have, which is time.”
Scroll through our slideshow above for more from day two of Zero Trust World.
About the Author(s)
You May Also Like