Get a FREE Software Audit - Including Risks and Countries of Origin

Elevation Control

ThreatLocker® Elevation Control is a privileged access management tool that enables system administrators to revoke local administrator rights from their users and execute specific applications with elevated privileges.

What Is Elevation Control?

Elevation Control is a policy-based PAM solution that assists organizations in being secure but still efficient in their operations. Instead of granting users access to administrator logins, policies can be created to automatically grant higher privileges to applications. This allows the applications to access the necessary resources without giving users these desired credentials.

Elevation Control puts I.T. administrators in the driving seat, enabling them to control what applications can run as a local admin without giving users local admin rights.

Graphic Illustration of ThreatLocker Portal utilizing Elevation Control policies

How Does It Work?

When ThreatLocker® is first deployed, all existing applications are learned. Administrators can review the applications, select which applications need privileged access, and set policies to grant elevated access. Once Privileged Access Management (PAM) is enabled on an application, users can run that same application as a local administrator without entering credentials.

Elevation Control integrates with our application control modules. If an application is not currently allowed, the end user can request to run the software, and administrators can approve it, applying elevation simultaneously. For applications that require elevation only to install or update, create time-based policies that will remove elevated rights once the time expires, allowing the application to run with regular privileges.

Elevation Control Request Graphic

The ThreatLocker® Difference

Traditional PAM tools often focus on managing user privileges and roles. ThreatLocker® Elevation Control is application-centric, allowing administrators to define and control precisely which applications can run with elevated privileges. This approach provides finer control over the execution of applications, reducing the attack surface.

Restricting applications to run with elevated privileges only when necessary helps to shore up cybersecurity efforts, while traditional PAM tools may require users to go through complex authentication processes, leading to operational friction.  

ThreatLocker® privilege access management solution is designed to provide a user-friendly experience. Authorized users can run applications with elevated privileges seamlessly without the need to enter credentials repeatedly.

Elevation Control Features

Complete Visibility of Administrative Rights - White Icon

Complete Visibility of Administrative Rights

Gives you the ability to approve specific applications to run as an administrator, even if the user is not a local administrator.

Streamlined Permission Requests - White Icon

Streamlined Permission Requests

Users can request permission to elevate applications and attach files and notes to support their requests.

Variable Levels of Elevation - White Icon

Varied Levels of Elevation

Enables you to set durations for how long users are allowed access to specific applications by granting temporary or permanent access.

Secure Application Integration - White Icon

Secure Application Integration

Ringfencing™ ensures that users cannot jump to infiltrate connected applications within the network once an application is elevated.

More ThreatLocker® Solutions

ThreatLocker Network Control logo

Network Control

See Solution
ThreatLocker Storage Control Logo

Storage Control

See Solution
ThreatLocker Ringfencing™ Logo


See Solution