Learn how the unified audit can log all data about the behavior occurring within your business's environment.
The ThreatLocker Unified Audit is a centralized location displaying all audited data about what's occurring within the environment. This powerful feature shows data from the different ThreatLocker modules utilized across the entire business environment in a single pane of glass.
When using ThreatLocker Allowlisting, you can see information about executables, scripts, and libraries is recorded and indexed in near real-time.
ThreatLocker Storage Control displays information about files accessed, changed, or deleted in any monitored storage location, including USB drives, file shares, and the local drives where an explicit policy was created to monitor or control that folder.
ThreatLocker Network Control logs all network activity, including source and destination IP addresses, port numbers, users, and processes. All Unified Audit activity is filterable and searchable to make parsing the information accessible.
Whether it's understanding the activity occurring in your environment or researching an incident, the Unified Audit offers centralized visibility into audit logs and security events across all endpoints. IT admins can verify policy effectiveness, application and network behaviors, and streamline reporting for compliance requirements.
With the Unified Audit, we have the ability to closely examine whether our policies are effective. We can evaluate if our policies are comprehensive enough to identify instances where something important needs to be allowed, but for some reason—perhaps due to a change in a program—we might not be aware that it is being blocked. It allows us to understand what is happening in situations we can't control.
Brian P., Network Engineer
City of Champaign, IL
Request your 30-day trial to the entire ThreatLocker platform today.
Try ThreatLocker
