ThreatLocker How-to Guides
Chapter 1: Installation & Deployment
- How to install the ThreatLocker Windows agent?
- How to install the ThreatLocker agent on Linux?
- How to perform a silent installation of the ThreatLocker agent?
- How to deploy the agent using Group Policy (GPO)?
- How to uninstall the ThreatLocker agent?
- How to update the ThreatLocker agent?
- How to verify successful agent installation?
- How to install ThreatLocker on a remote workstation?
Chapter 2: Third-party software Installation & configuration
Chapter 3: Zero Trust Policies (Application Control)
- How to enable application control in ThreatLocker?
- How to create a new application policy?
- How to approve a blocked application?
- How to block a specific application?
- How to create a policy for a single user?
- How to create a policy for a user group?
- How to whitelist an executable file?
- How to deny software based on publisher?
- How to allow software by path?
- How to use ringfencing for applications?
- How to modify application allow/deny policies?
- How to create an elevation policy?
- How to apply temporary application policies?
- How to manage scheduled policy activations?
- How to apply policies by device group?
- How to use ThreatLocker suggested policies?
Chapter 4: Learning & Training Mode
Chapter 5: Storage Control
- How to enable USB control in ThreatLocker?
- How to block USB storage devices in ThreatLocker?
- How to allow specific USB devices in ThreatLocker?
- How to whitelist USB devices by serial number?
- How to block access to external hard drives?
- How to create storage policies for specific users?
- How to Log USB Device Activity?
- How to enforce encryption on removable storage?
- How to Monitor File Copy Activity?
- How to restrict read/write access to external drives?
Chapter 6: Network Control & Ringfencing
- How to enable network ringfencing?
- How to isolate an application from the network?
- How to Allow Network Access for an Application?
- How to ringfence Microsoft Office applications?
- How to prevent lateral movement via network control?
- How to log network activity for applications?
- How to Block Applications from Accessing File Shares?
- How to allow internet-only access for apps?
- How to Prevent Applications from Launching Other Apps?
- How to audit ringfencing activity?
Chapter 7: Elevation Control (Privilege Management)
- How to enable elevation control?
- How to allow an application to run with admin rights?
- How to restrict elevated access to specific users?
- How to create elevation policies for installers?
- How to log elevated activity?
- How to deny elevation for specific processes?
- How to create time-limited elevation policies?
- How to Request Elevation Approval as a User?
- How to revoke elevation access?
Chapter 8: Policy Management
- How to view current policy status?
- How to audit existing policies?
- How to prioritise policies in ThreatLocker?
- How to create policy groups?
- How to assign policies by department in ThreatLocker?
- How to Clone an Existing Policy in ThreatLocker?
- How to Disable a Policy Temporarily in ThreatLocker?
- How to Delete a Policy in ThreatLocker?
- How to tag a policy and use it in a rule in threatlocker?
Chapter 9: User and Device Management
- How to add a new user in ThreatLocker?
- How to invite a user via email in ThreatLocker?
- How to create User Role in ThreatLocker?
- How to assign permissions to a user role in ThreatLocker?
- How to manage device groups in ThreatLocker?
- How to rename devices in ThreatLocker?
- How to add a note to a device in ThreatLocker?
- How to restart the agent on a device in ThreatLocker?
- How to move devices between groups?
- How to monitor user activity in ThreatLocker?
- How to create a computer group in ThreatLocker?
- How to manage organizations and child organizations in ThreatLocker?
Chapter 10: Monitoring, Logs & Reports
- How to view blocked application attempts in ThreatLocker?
- How to export event logs in ThreatLocker?
- How to generate usage reports in ThreatLocker?
- How to review audit logs in ThreatLocker?
- How to Set Up Alert Notifications in ThreatLocker?
- How to use the ThreatLocker dashboard?
- How to filter logs by user or application?
- How to monitor USB device usage in ThreatLocker?
- How to investigate policy violations in ThreatLocker?
Chapter 11: Maintenance and Troubleshooting