ThreatLocker Inc. is a security platform used to stop misuse and vulnerable software as well as control application elevation, storage and network traffic.
N/A
Zscaler Private Access
Score 7.9 out of 10
N/A
Zscaler Private Access™ (ZPA) gives users secure access to private apps and OT devices while enabling zero trust connectivity for workloads.
If you want to know what is running in your environment and what it is trying to access, you should be able to take preemptive measures to prevent and protect yourself from it. ThreatLocker is the system for you! It will replace almost any EDR requirement, although I recommend you partner it with Windows Defender.
The tool is, for the most part, very intuitive. Most of our issues so far (working through them with our Resident Engineer) are the one-off applications. We are working on some exemptions to make them functional. Besides that, the team loves the tool and how it can provide better security than our previous tool.
Application Segmentation and Listener Configuration - The way applications are defined and listened for is fundamental to ZPA, but can be a source of frustration, especially when dealing with legacy or non-HTTP protocols
The ZCC is the user's primary gateway, but its control over local system network behavior can sometimes clash with enterprise requirements.
ThreaLocker has done its job and has prevented malware from executing. It has stopped an encryption process once already. It has kept a user from going to a bad website. He tried twice and was wondering why he was getting an error message from ThreatLocker and ESET both.
The console is very user friendly and is frequently updated based on user requests. It is well laid out and many of the areas allow the ability to pivot from one area to another without having navigate the entire menu tree. Much of what you do is to query activities on a given PC and the application allows you to save frequently run queries.
Few things stand out. The ease of access: It very convenient - one click to open add details and done. Packet capture: Can't talk enough about this feature. Troubleshooting private access is always problematic,but this feature helped a lot. One thing that can be improved is early warning about expiring authentication
You can email, call or do online chat with tech support. I love their online chat. They are quick and friendly. Also, if you need to show them something, you can give the chat technician permission from your Chat box to allow the tech access to your computer. They also can pull out your admin console on their side. They can look at your "Unified Audit" log and see the same thing that you can. They have a good KnowledgeBase that you can look for answers. They have what is called "ThreatLocker University" where you can go through tutorials and take tests.
The owners and co-founders work with you through Zoom Meetings. They walk you through how to use and setup ThreatLocker. They also have webinars. You also can go through ThreatLocker University online training.
Using ThreatLocker University online training is very easy and informative. You take online tests to see how well you learned the material. It is great!
ThreatLocker is a family ran business. The owners, co-founders work with you to ensure you are up and running as quickly as possible. They went to ensure your success with ThreatLocker.
We chose Threatlocker because it is unique in that it specializes in a specific area, whereas other products offer a broader range of capabilities. It blocks software from running and provides us with all the necessary information for this purpose in an easy-to-use graphical user interface (GUI), which is all we need for our use case.
All of these tools are for different needs. Zscaler Private Access being for internal seems very simple as it really only allows filtering up to L4 whereas ZIA allows for filtering up to L7. ZDX often tries to give insight into the environment but since it only works with preconfigured items, that then means when a new problem shows up - ZDX isn't helpful troubleshooting postmortem. For the internal side of the house - Zscaler Private Access' strength is its simplicity to configure.
ThreatLocker is very easy to add new ThreatLocker agents on computers and servers. It is very easy to do. You can install an agent on a computer or server in about 2 minutes or less.
Applications that are new to the environment can be blocked even if they are wanted. Which can cause strain on the environment if not properly tuned or prepped.
We have this deployed onto around 7700 endpoints at this moment with less than 0.01% of issues with the agent or its functionality being noted. It's incredibly stable and the Vendor support further helps if it does break, and they can usually fix it without 15 mins.
We have had this tool on customers, and it has single handedly stopped Ransomware attacks by itself when the customers previous EDR failed to catch threat actor attacks. I can remember 3 separate instances where someone did something to cause an attack and ThreatLocker brought it to a screeching halt due to the application control and built-in ringfencing it provides.
Positive: We have now charged users internally for the service
Negative: Dealing with users who also have the Zscaler Client Connector for their company, can cause confusions
Negative: Enabling the Zscaler Internet Access entitlement has been a major headache for us because Zscaler Private Access users can't autheniticate through ZIA on a non corporate device.