Updated May 29, 2024:
ThreatLocker announced a number of updates and changes to their existing products yesterday, including ThreatLocker Unified, a new product bundle. Here’s what’s new and upcoming with ThreatLocker.
New Ability To Add Notes
Users will now be able to add notes into ThreatLocker Protect and Detect. This new implementation will allow users to give admins additional detail, such as banning a specific user from downloading software. These notes will pop up anytime an admin receives an alert from that user, and the admin must click “acknowledge” on the note to clear the alert.
Tying notes directly to the user ensures that there won’t be any miscommunication between the administrative team. This means that your customers won’t have to stress about Joe from accounting accessing any websites or downloading any software with vulnerabilities that could put the business at risk.
ThreatLocker Access App
The new ThreatLocker Access app will allow users of ThreatLocker Protect to integrate their phones into the Network Control firewall. Danny Jenkins, CEO and co-founder of ThreatLocker, explained during the live webinar announcement, “What it allows you to do is to automatically, dynamically update not just ACLs [access control lists] of your servers, but also the ACLs of your Office 365 accounts. So as long as your Office 365 account supports conditional access, we can—in real time—update the IP address of your trusted devices.”
MSPs can also create a geofence with approved devices, so that even someone with a trusted device can’t access your Microsoft 365 tenant from outside the country, unless you allow it.
Microsoft 365 Integration
ThreatLocker’s products will soon be able to integrate with Microsoft 365. Jenkins announced that the first new feature they’re adding is the ability to move all the logs from Office 365 into a single, unified audit. This way, MSPs and their clients can easily see who has access to which documents, as well as who has read, edited, or deleted what.
Additionally, ThreatLocker has created a detection platform, capable of alerting users to indicators of compromise based on any cloud platform. “From [the user’s] point of view, it looks like it’s just an Office 365 integrated system, but essentially it’s able to ingest technically any cloud blocks and run them through the same kind of detection policies that we have with ThreatLocker Detect,” Jenkins clarifies.
The Microsoft integration will be available by the start of next quarter.
ThreatLocker Unified Launch
Finally, ThreatLocker announced ThreatLocker Unified, a bundle consisting of all of their existing products and add-ons. The bundle will be offered at a rate of 30% less than purchasing the products individually.
ThreatLocker Unified also comes with a few extra features. Instead of one month of log retention, it will give you three. Additionally, it gives MSPs API roll calls of 150,000 per endpoint per month, instead of the 1,000 per endpoint per month offered previously. That’s essentially all of the data in the unified audit, Jenkins says.
The goal of offering ThreatLocker Unified is to help relieve endpoint and product fatigue, says Jenkins. In addition, the vendor hopes to lower MSPs’ costs while providing them with everything they need in one place. ThreatLocker Unified wasn’t a response to Kaseya 365, but Jenkins acknowledged that several companies are doing the same thing when it comes to bundle options.
ThreatLocker Unified is available immediately, and existing partners can update their contracts to include ThreatLocker Unified if desired.
When asked about the response from MSPs regarding ThreatLocker Unified, Jenkins said, “They’re very excited about two things. One is Unified, but also the ability to manage Office 365 alerts. MSPs have tried other products on the market that do that, but they’ve had trouble with them. So, they’re excited about having that feature built in and bundling it in with Unified, obviously, and not having to pay more money is always a bonus to MSPs.”
These announcements come on the heels of the new MDR service revealed at Zero Trust World in February, and this month’s visual rebranding of its product line and renaming its ThreatLocker Ops product to ThreatLocker Detect. When asked, Jenkins revealed the goals of this rebrand were clarity about the product’s purpose and visual simplicity.
Jenkins hinted that ThreatLocker will have some new product releases coming in Q3, so stay tuned for more news to come! To learn more about other types of essential IT MSP software, check out our ultimate guide to software for MSPs.
