ThreatLocker announced new five new solutions at Zero Trust World 2025 in Orlando, Florida, as the company continues to expand its Zero Trust cybersecurity platform and advance CEO and co-founder Danny Jenkins’ mission of changing the paradigm of security from default-allow to default-deny.
The new solutions are:
- ThreatLocker Insights
- ThreatLocker Patch Management
- ThreatLocker User Store
- ThreatLocker Web Control
- ThreatLocker Cloud Control
During his keynote at ThreatLocker Zero Trust World, which this year attracted around 1,500 attendees from around the world, Jenkins noted that his vision has been singular since founding the company in 2017. “If it’s easy, if it’s simple, if it works, people will adopt it. Everything we do focuses on that mission, making products easier, faster, quicker, and more secure.”
A Look at the New Solutions at ThreatLocker Zero Trust World
ThreatLocker Insights Helps MSPs Make Better Decisions
ThreatLocker Insights was five years in development, Jenkins told attendees. It leverages and anonymizes data from millions of endpoints worldwide, providing real-time, actionable insights about an application’s typical behavior. This enables MSPs and admins to make informed decisions on what to allow and how to control it in their environments.
“Our job is to make your life easier,” Jenkins noted. “You need to make decisions faster, quicker. You need to know what an application needs to do [and] what dependencies it might have. Could it be good or bad? How could it be seen elsewhere in the world? … And we need this to be able to better identify threats, better predict whitelisting, and Ringfencing policies.” [ThreatLocker’s Ringfencing solution controls what applications can do once they are running.]
In a conversation with MSP Success after the announcement at ThreatLocker Zero Trust World, Jenkins said Insights will have the most impact for MSPs. “It’s a whole brain that sits on top of ThreatLocker and it’s exciting.”
Chief Product Officer Rob Allen, who also spoke with MSP Success, described ThreatLocker Insights as “Big data. It’s having the data in one place so it can be analyzed. It can be checked. We can see what things do, how they behave. We can make decisions or help inform decisions based on that information. So somebody tries to run a file on their machine [and] that file has never been seen before. Are you sure you want to run it through your machine? But we can also use it to, as Danny mentioned, build out, for example, Ringfencing policies. So we’d be able to see patterns of behavior.”
Allen adds, “A lot of what we’ve been doing for the last couple of years has been about giving people information to help them make educated decisions.”
ThreatLocker User Store Empowers Secure Self-Service
The new ThreatLocker User Store is a catalog of pre-approved applications, letting users run the apps they need without compromising the organization’s cybersecurity posture. Any pre-approved application comes with optional temporary Elevation (execute specific applications with elevated privileges). New Allowlisting and Ringfencing policies are automatically created, according to the pre-set policies, to support an agile and streamlined Zero Trust environment with no security compromises. The solution also keeps track of licenses issued by user and by device, Jenkins noted.
“I think that’s what’s really important is empowering the user while still operating within your boundaries of the organizational requirements,” Jenkins said.
ThreatLocker Patch Management
Jenkins believes “there’s a big problem with patching … So we wanted to get away from this way of app protection and move to patch management and patch reporting.”
With ThreatLocker Patch Management, patch alerts are consolidated into a single, streamlined platform managed by ThreatLocker. The ThreatLocker Cyber Hero Team tests each one in a controlled environment before deployment—so businesses stay secure without the risk of disruptions.
While Patch Management does have some overlap with RMMs, Jenkins called it “a security feature, not an RMM feature. And we don’t want to be an IT management platform. We want to be a security platform.”
ThreatLocker Web Control Blocks Unwanted Sites
ThreatLocker Web Control enables MSPs to control access to websites within the ThreatLocker platform and apply the same controls to unmanaged devices accessing a company’s network.
“What we wanted to do was deliver a web solution that gives you a really seamless user experience,” Jenkins said.
With this solution, MSPs can build a list of blocked website categories, like “gambling” and “project management” and apply them to individual users or groups of users. It also enables you to allow exceptions within a category. In in on-stage demo, “project management tools” was a blocked category, but Jira was an exception.
“I suspect the web filtering is probably going to be the most popular with MSPs,” Allen said. “The beauty about it is it’s a product they already know. It’s a portal they’re familiar with. It’s a company they already trust. It makes sense because they don’t need to learn something else. They don’t need to pay somebody else [or] have another agent installed on their machines.”
ThreatLocker Cloud Control Protects Against Phishing
Developed to protect companies’ Microsoft 365 tenants against phishing attacks and token thefts, ThreatLocker Cloud Control leverages built-in intelligence to assess whether a connection from a protected device originates from a trusted network. By analyzing connection patterns from protected computers and mobile devices, it automatically identifies and allows trusted connections. Only users from IP addresses and networks deemed trusted by ThreatLocker can get in—automatically blocking phishing and token theft attacks. ThreatLocker will be adding GSuite, GitHub, and AWS to Cloud Control soon, according to Jenkins.
All five of ThreatLocker’s new solutions are in beta now. Jenkins said he expects them to be generally available in the next few days.
What MSPs Are Saying About ThreatLocker Additions
Dawn Sizer, CEO of 3rd Element Consulting, an MSP in Mechanicsburg, Pennsylvania, likes the configurability of the Web Control solution. “Traditionally, the web control piece has been done at the firewall level, and it’s not nearly as neatly configurable as what they’ve come up with.”
Added Sizer, who’s also a member of the Threat Locker Advisory Council, “They [ThreatLocker] already have the data and now we’ll be able to use it in a different way, especially Insights. That’s going to be so interesting for the security team that we have to be able to take a look at that and be able to say, ‘Well, this particular app touches all of these things, whether it’s upstream or downstream, and that’s how we’re going to Ringfence around it, allow things to work one way or the other.”
She adds, “I think long term it’s going to give the users a better experience.”
Antwine Jackson, president of Enitech, an MSP in Raleigh, North Carolina, came to the ThreatLocker Zero Trust World conference because he’s considering the platform. “If we really want to be a front leader in co-managed scenarios, looking at products like ThreatLocker can really work target to the field,” he said.
Of the announcements, he noted that Cloud Control for Microsoft 365 could be “very useful in so many ways. I think that’s a really cool feature that’s going to move the needle.”
In addition, he said, “We all have RMM, but I think now that you have a company like ThreatLocker dipping their toe into that realm, they’re going to probably change the way that we do patching.”
He’s not looking to walk away from the good relationships he has with his current cybersecurity vendors. However, he said, “I think what I may ultimately do is take the pieces that those other vendors may not be completing and then work ThreatLocker to close those gaps.”
David Stinner, president of USitek, an MSP in Tonawanda, New York, calls Patch Management “exciting stuff. They have whole library of checked executables that the [ThreatLocker] Cyber Heroes have gone through, so you don’t have to worry.”
He added, “They are the best company to work with. I don’t know if it comes from Danny and the culture he’s built with his brother, but they just care about MSPs.”
Ann Westerheim, founder and president of Ekaru, an MSP in Westford, Massachusetts, is also excited about Patch Management. “Third-party patch management is really difficult to manage and just as important as Microsoft security patching,” she noted. “I like that what they’re introducing is a really clear way of visualizing what’s missing, what the vulnerabilities are, and how to patch it.”
The User Store will also be impactful, she said. “If a user is blocked from downloading an application they could be directed to an allowed application that they CAN install … I think this really ties into the notion of self-help for users that people really expect these days.”
Related: New Bundle Option Aims To Make ThreatLocker Products More Affordable For MSPs
ThreatLocker’s Platform Play
Armed with $115 million in Series D funding last year, ThreatLocker continues to build out its platform and name recognition. “We consider ourselves a platform now, and we have a lot of customers who 100% depend on ThreatLocker only,” Jenkins said. “My long-term vision is we will be a complete platform that you can use end-to-end or you can integrate with other solutions.”
Art Ocain, vice president of incident response and disaster recovery at Airiam, an MSP based in Lewisburg, Pennsylvania, believes ThreatLocker is “going to make a bigger dent in the industry as they continue to grow and they continue to expand what they do. I think they have opportunities to really build into every part of the tool stack with the MSP community. I think they could possibly replace a lot of MSP tools going forward with the things that they’re adding.”
He added, “I guess what I would tell MSPs is consider ThreatLocker and look at their roadmap before you go and sign three-year agreements with another tool company for an MSP tool.”
In contrast, Sizer says she does not envision replacing her whole cybersecurity stack with ThreatLocker. Even though the company “is a dream to work with, she explained, “I am a firm believer that you always use best in class. You never put all of your eggs in one basket. We are a huge proponent of using ThreatLocker, but we still use a separate SOC. I believe that you should always have someone watching the watchers.”
The Road to Going Public
The company has grown to nearly 600 employees, with MSPs representing the majority of their business. Their enterprise side of the business, however, “is growing at a much faster pace,” Jenkins said.
He expects to take the company public and has started meeting with investment banks. Jenkins said they’ll do an initial public offering “probably in two years time.”
He said he has no interest in being acquired or acquiring another company. “We have no intention of selling. We want an IPO. If we were selling it wouldn’t be in the MSP industry because my legacy, my background, my hope for this company is to change the world of security. But realistically, I think the idea that the world could change is not going to happen if we sell. And the only time I’d ever entertain selling is when 80% of the world is deny by default. And when that happens, then I’ll think I can retire. But until then, there’s no reason.”
Image courtesy of ThreatLocker
