Unleash the full potential of the ThreatLocker® Detect, EDR (formerly known as Ops) solution with managed services from the 24/7/365 ThreatLocker Cyber Hero Team.
CHMDR is an add-on to ThreatLocker® Detect (formerly known as Ops) that allows organizations to opt for the ThreatLocker Cyber Heroes to monitor and respond to Indicators of Compromise (IoC). When ThreatLocker® Detect, identifies suspicious activity in your environment, the Cyber Hero Team will review the alert to determine if there is a true IoC or a false positive. In the event of a cyber incident, the Cyber Hero will follow the customer's runbook to either isolate or lock down the device and notify the customer. They will be able to identify additional information for the customer, including:
The 24/7/365 availability of the ThreatLocker Cyber Hero Team offers around-the-clock Managed Detection and Response (MDR) services to keep organizations secure and alert even outside of standard hours of operation.
The Cyber Hero Team has an average response time of less than 60 seconds. This metric is unique to ThreatLocker and provides a significant advantage when responding to threats. By augmenting the ThreatLocker Zero Trust Endpoint Protection Platform with managed detection and response servers, customers can reduce agent fatigue while hardening their environment to the highest standards, ensuring the mitigation and notification of attempted attacks.
In a live demonstration at Zero Trust World 2024, ThreatLocker showcased the abilities of the Cyber Hero Team in locking down a machine after an attacker connected to a remote server. The attacker tried to run IP scanning tools, created a new admin account, and attempted to disable security tools.
The attacker was challenged with a QR code. When they didn't respond and continued taking additional bad actions, such as attempting to disable ThreatLocker service, the attacker's attempts were thwarted with ThreatLocker default deny, and the machine was locked down. The Cyber Hero Team responded within a minute during the live presentation.
The new additions by ThreatLocker satisfy cyber insurance regulations regarding implementing Zero Trust MDR strategies to prevent modern-day attacks.
Using industry-known indicators of compromise, ThreatLocker® Detect can identify and alert IT professionals that their organization may be under an attempted attack based on customizable thresholds and notification methods.
Set policies to enable, disable, or create Application Control, Storage Control, or Network Control policies in response to specified observations.
Policies can be tailored to alert and respond differently based on the threat level to reduce alert fatigue.
IT admins can easily share their own ThreatLocker® Detect policies or “shop” for vetted policies shared by their industry peers and the ThreatLocker team.
