This week was all about getting a clear picture: what we're setting out to do, what's happening in your environment, and how to start tightening things up without overwhelming your team. We are starting to make smart, early moves that quietly raise the bar for any would-be cybercriminals.
If you’d like help getting set up, we’re happy to assist. Schedule a complimentary, no-obligation 30-minute session with a ThreatLocker Solutions Engineer, and we’ll walk you through installing the agent and getting started.
Use the checklist below to get started.
We’ve also included a PowerShell script to help you document local admin accounts and their last activity, just to make your life a bit easier.
# Get all members of the local Administrators group
$adminGroup = [ADSI]"WinNT://./Administrators,group"
$adminMembers = @()
foreach ($member in $adminGroup.psbase.Invoke("Members")) {
$user = $member.GetType().InvokeMember("Name", 'GetProperty', $null, $member, $null)
$adminMembers += $user
}
# Get last logon info for each admin account
$adminInfo = foreach ($admin in $adminMembers) {
try {
$userAccount = Get-LocalUser -Name $admin -ErrorAction Stop
[PSCustomObject]@{
Username = $userAccount.Name
Enabled = $userAccount.Enabled
LastLogon = $userAccount.LastLogon
Description = $userAccount.Description
}
} catch {
Write-Warning "Could not retrieve info for $admin"
}
}
# Export to CSV
$adminInfo | Export-Csv -Path "$env:USERPROFILE\Desktop\AdminAccounts.csv" -NoTypeInformation
Write-Output "Admin account information exported to Desktop\AdminAccounts.csv"Now, time to knock out your homework. We’ll see you in the week 2 webinar on Tuesday, May 20, 2025 at 8 a.m. PDT/ 11 a.m. EDT/ 4 p.m. BST!
There will be 15 webinars over the course of approximately 100 days, each approximately one hour long including an audience Q&A, airing live each Tuesday beginning May 13, 2025 at 8 a.m. PDT/ 11 a.m. EDT / 4 p.m. BST.
This series is for IT professionals ready to take control of their environment, whether you've just inherited one, are rebuilding from the ground up, or need to scale and secure what’s already in place.
No – you only have to register once, and we will automatically register you for all future webinars in the series! We’ll email you reminders before each one, and we’ll add them to your calendar via Zoom.
Once you register using the form on this page, you’ll get an email with the Zoom link that we’ll use for the live webinar.
Yes! We’ll get the recorded videos of each webinar up and running on this page as soon as possible after the live event.
No, the entire series, including the certification and badge that you earn upon completion, are completely free.
Yes! You will get a digital certificate of completion as well as a verified Credly badge that you can use on your LinkedIn, website, portfolio and any other accounts.
At the end of each live webinar, you’ll have the opportunity to ask any of our experts questions you may have in a weekly live Q&A – you won’t be able to participate in the pre-recorded version. Also, you will need to attend at least 12 of the 15 live webinars to receive the certificate of completion and verified Credly badge. Watching them later will not count toward your badge and certification.
Soon after the end of the 100 days series, you’ll receive an email from Credly with your unique code, badge and link for your socials.
You must attend a minimum of 12 live webinars out of the 15 to qualify for the Credly badge and official certificate of completion. However, anyone can watch any of the webinars at any time once they’re posted to the website!
Request your 30-day trial to the entire ThreatLocker platform today.
Try ThreatLocker