Dual factor authentication with DUO DUAL FACTOR AUTHENTICATION WITH DUO ThreatLocker can be integrated with dual factor authentication from DUO. To Enable dual factor authentication with DUO: Select an organization to edit it; Select Yes radio button for “Would you like to enforce dual factor authentication with DUO” section; Enter Integration Key; Enter Secret Key; […]
Organizations With ThreatLocker, when receiving the administrator credentials, your organization is already created. If you have subdivisions within your organization, or your a reseller or managed service provider you can provision organizations yourself.
Administrators Each organization defined inside ThreatLocker portal has at least one administrator. ThreatLocker offers the possibility to manage all administrators under your organization. To manage administrators, login to ThreatLocker portal using the credentials provided and open the Administrators page where you can: Add new administrators; Search for administrators; Edit administrators; and Delete administrators.
Computer Groups Before installing ThreatLocker to the organizations’ computers, you’ll have to define Computer Groups. A Computer Group is used to have multiple computers sharing a group storage policy and/or a group application policy. On the Computer Groups page, an administrator can: Search for computer groups; Manage computer groups (create, edit, delete); and Download ThreatLocker […]
Manage Computers ThreatLocker gives you the ability to manage organization computers. How to edit a Computer? To edit a computer: Select a computer from the list; Select the pencil icon, and the pop-up Edit Computer is opened; Make your changes: Edit Computer Name; Change group; Put computer into Install Mode; Change computer security level.
Working with Computer Baseline Computer Baseline is what is installed on a computer when ThreatLocker agent is installed. You don’t need to manually figure out what is running on the organization computers; ThreatLocker scans the computers, and then create policies automatically based on the Baseline.
Computers ThreatLocker offers the ability to manage all organization computers in one place, the ThreatLocker portal (https://portal.threatlocker.com). Once the ThreatLocker client is installed on your organization computers, each one of the organization’s computers will appear in the ThreatLocker Computer section.
Splunk Integration ThreatLocker offers the ability to send Application Control (Whitelisting), and Storage Control policy audit information to your Splunk Enterprise or Splunk cloud server. In order to use Splunk you must first request that Splunk integration is enabled on your account.
Using the ThreatLocker Audit Every time an application or library is opened on a computer that is running ThreatLocker, an entry is logged into the ThreatLocker audit. The audit is an essential tool for identifying potential security threats, and identifying what applications are being blocked in the event on an issue.
Installing New Software with ThreatLocker
Managing Applications Applications are lists of files, hashes, certificates or paths that are used to create policies. Applications are normally created automatically by either the ThreatLocker Policy builder for new installs, or using Installation Mode.
Application Control Policies ThreatLocker® application control policies offer granular control of what applications can run in your environment. Unlike traditional a simple yes or no approach of traditional white-listing. ThreatLocker Application Control allows you to set policies in order of what can and cannot run.