Stay secure over the holidays with the ThreatLocker Lights-Out Checklist

ThreatLocker® Cyber Hero® Managed Detection and Response (MDR)

Unleash the full potential of the ThreatLocker® Detect EDR solution with managed services from the 24/7/365 ThreatLocker Cyber Hero Team.

What is ThreatLocker® Cyber Hero® Managed Detection and Response? (Cyber Hero® MDR)

Cyber Hero® MDR is an add-on to ThreatLocker Detect that allows organizations to opt for the ThreatLocker Cyber Hero Team to monitor and respond to Indicators of Compromise (IoC). When ThreatLocker Detect identifies suspicious activity in your environment, the Cyber Hero Team will review the alert to determine if there is a true IoC or a false positive. In the event of a cyber incident, the Cyber Hero Team will follow the customer's runbook to either isolate or lock down the device and notify the customer. They will be able to identify additional information for the customer, including:

  • What the threat was
  • How initial access was gained
  • Where the threat originated
  • What the threat attempted to do
  • How the threat was blocked and mitigated

Prompt notifications 24/7/365

The 24/7/365 availability of the ThreatLocker Cyber Hero Team offers around-the-clock Managed Detection and Response (MDR) services to keep organizations secure and alert even outside of standard hours of operation.

The Cyber Hero Team has an average response time of less than 60 seconds. This metric is unique to ThreatLocker and provides a significant advantage when responding to threats. By augmenting the ThreatLocker Zero Trust Endpoint Protection Platform with managed detection and response servers, customers can reduce agent fatigue while hardening their environment to the highest standards, ensuring the mitigation and notification of attempted attacks.

Cyber Hero® MDR demo

In a live demonstration at Zero Trust World 2024, ThreatLocker showcased the abilities of the Cyber Hero Team in locking down a machine after an attacker connected to a remote server. The attacker tried to run IP scanning tools, created a new admin account, and attempted to disable security tools.

The attacker was challenged with a QR code. When they didn't respond and continued taking additional bad actions, such as attempting to disable ThreatLocker service, the attacker's attempts were thwarted with ThreatLocker default deny, and the machine was locked down. The Cyber Hero Team responded within a minute during the live presentation.

The new additions by ThreatLocker satisfy cyber insurance regulations regarding implementing Zero Trust MDR strategies to prevent modern-day attacks.

Features

Alerts and Detects Icon

Alerts and detects

Using industry-known indicators of compromise, ThreatLocker Detect can identify and alert IT professionals that their organization may be under an attempted attack based on customizable thresholds and notification methods.

Respond Icon

Respond

Set policies to enable, disable, or create Application Control, Storage Control, or Network Control policies in response to specified observations.

Set Custom Thresholds Icon

Custom thresholds

Policies can be tailored to alert and respond differently based on the threat level to reduce alert fatigue.

Leverage Knowledge Icon

Leverage knowledge

IT admins can easily share their own ThreatLocker Detect policies or “shop” for vetted policies shared by their industry peers and the ThreatLocker team.

More ThreatLocker® solutions

Harness the Power of ThreatLocker Community

Community

See solution
ThreatLocker Network Control logo

Network Control

See solution
ThreatLocker Elevation Control Logo

Elevation Control

See solution