How Does It Work?

When ThreatLocker is first deployed, all existing applications are learned. Administrators can review the applications, select which applications need privileged access, and set policies to grant elevated access. Once endpoint privilege management (EPM) is enabled on an application, users can run that same application as a local administrator without entering credentials.

Elevation Control integrates with our application control modules. If an application is not currently allowed, the end user can request to run the software, and administrators can approve it, applying elevation simultaneously. For applications that require elevation only to install or update, create time-based policies that will remove elevated rights once the time expires, allowing the application to run with regular privileges.