Register today for Zero Trust World 2026!
Contact us
833-292-7732
THREATLOCKER PLATFORM

ThreatLocker® Cloud Detect

ThreatLocker® Detect cloud policies use Microsoft 365 Logs and Detect policies to communicate with ThreatLocker administrators about any potential indications of compromise.

Book a demo

Detect anomalies in Microsoft 365

ThreatLocker® Detect will identify unexpected and unwanted behavior in your Microsoft 365 cloud environment, which could indicate a cyberattack.

Access policies in Community

Clients will have access to Cloud Detect policies in Community, including all master policies developed by ThreatLocker. Active policies include:

  • Detects when a TAP (temporary access pass) is added to an account
  • Detects users consenting to applications.
  • Logins in a time period shorter than the time it takes to travel from the first location to the second.
  • Use of legacy authentication protocols: Alert if legacy authentication has been used on an account.

How does ThreatLocker Cloud Detect work?

Policies can be customized to meet your specific requirements using any fields from the Microsoft 365 or Microsoft Graph API logs. ThreatLocker® Detect can work with Microsoft Entra P2 to alert on:

  • Users with leaked credentials: If a user’s credentials have been compromised (e.g., due to a data breach), it raises a risk flag. 
  • Sign-ins from anonymous IP addresses: It’s considered risky when a user signs in from an IP address without proper identification.
  • Impossible travel to atypical locations: if a user’s sign-in location is geographically implausible (e.g., sudden travel across continents), it’s flagged.
  • Sign-ins from infected devices: if a user signs in from a device known to be infected with malware, it’s considered risky

HEAR FROM OUR CUSTOMERS

Build your application allowlist without lifting a finger.

Learning mode helped us to figure out what is our allowlist, and it built it for us without us having to do much of anything at all. Once we had that allowlist, then we were able to further benefit to know what our inventory of software was across departments.

Brian Perkinson

Network Engineer

City of Champaign, IL

See everything running in your environnment, instantly.

Within the first week of implementing ThreatLocker, we were able to view our entire inventory of applications—something my team always had to do manually. Within an hour or two were able to see every learned application on our system... that doesn't happen very often.

Ismael Hernandez

Vice President of IT

TLG Peterbilt

Get a clear view of application usage and exposure.

The advantage of using ThreatLocker in our organization is we now have a much better understanding of the applications that run on our estate and the potential risks of using those applications. And it helps us inform our risk score as an enterprise.

Jeremy Parsons

Technical Architect

Heathrow Airport

Get real peace of mind for your IT team.

With ThreatLocker, we have the ability to centralize disparate elements in the security stack, and support from the Cyber Hero team is bar none. Leveraging ThreatLocker allows me to sleep soundly at night because I know that I'm always one step ahead of threat actors.

Jack Thompson

Director of Information Security

Indianapolis Colts

Stop lateral movement inside your network.

Our servers were vulnerable once someone gained access to the network. ThreatLocker was the solution we needed. The platform makes me more conscious of what's coming in and out of our network... It gave me an opportunity to look behind the scenes.

Pierre Anyansi

Network Engineer

Advanced Medical Transport

Go beyond what an antivirus could ever do.

The ThreatLocker solution was perfect for us.  With ThreatLocker Unified Audit, we get a clear description of what is allowed or denied on our network, and why. If I had a choice between an antivirus and ThreatLocker, I'd take ThreatLocker all day long.

Jack Harbut

IT and Systems Manager

Stampede Meats

Control risk across your entire organization.

Before ThreatLocker, we had a lot of risk that we just couldn't control. Now, we're doing a better of a job of providing a secure environment for our patients, doctors, and manufacturers. We want to make sure we're really protecting our network. ThreatLocker lets us do that very well.

Greg Gootee

CISO / SVP of Information Security

Asembia

Customize your security to fit your environment.

What we liked about ThreatLocker was how each tool built on the last, allowing us to control exactly how granular we wanted to get with locking down our environment. We had explored other options, but wWith ThreatLocker, we were able to get everything we needed from one place.

Jeff Lutes

Executive Vice President of Technology

Orlando Magic

Revolutionize your cybersecurity with powerful best-in-class tools.

Prior to ThreatLocker, we didn’t have a solution in place to help with application whitelisting. Implementing it into our environment was truly game-changing because we’d never used anything like it before. It came in, took control, and significantly reduced our threat landscape.

Trixy Otieno

Global Cybersecurity Manager

Seaboard Overseas Trading Group

TAKE CONTROL OF YOUR ORGANIZATION'S SECURITY

Request your 30-day trial to the entire ThreatLocker platform today.

Try ThreatLocker

Ready to try out the ThreatLocker® platform?

Request a free 30-day trial today and see how ThreatLocker can take your organization's security to the next level.

Click X to close