ThreatLocker Adds Detection And Response Service To Boost Support For MSPs

The endpoint security vendor is ‘here to get your back,’ ThreatLocker CEO Danny Jenkins tells MSP attendees during Zero Trust World 2024.

ThreatLocker announced Tuesday it’s introducing a new detection and response service in an effort to further augment the backing it provides to MSPs around cyber defense.

The service will be delivered by the endpoint security vendor’s “Cyber Hero” team and will include monitoring of all logs and alerts related to a customer’s IT systems, according to ThreatLocker Co-Founder and CEO Danny Jenkins.

[Related: The 20 Coolest Endpoint And Managed Security Companies Of 2024]

In the event that ThreatLocker detects “something bad happening in your environment,” a Cyber Hero will reach out as soon as it’s spotted and can also assist with response activities, Jenkins said Tuesday during the vendor’s Zero Trust World 2024 conference in Orlando.

“We're here to get your back,” he said. “We're getting to see these alerts. We’re getting to remediate them for you faster.”

The new service builds on the debut of ThreatLocker’s first-ever capabilities for detection of malicious activity a year ago. The detection tool, Ops, moved out of beta into general availability several weeks ago, Jenkins said Tuesday.

ThreatLocker’s new service, Cyber Hero Detection and Response, is a further recognition that many MSPs are looking for additional capabilities that can complement the vendor’s core prevention technologies, according to Jenkins.

The Orlando-based company is best known for its “application allowlisting” functionality that prevents malware from running in a customer’s IT systems. Other key ThreatLocker capabilities include “ringfencing,” which places limitations on what types of actions an allowed application is able to take.

MSPs attending Zero Trust World applauded the deeper expansion into threat detection and response by the company.

It will be a massive boost to be able to hear from ThreatLocker in the event that suspicious activity is detected on an endpoint, said Craig Hickman, vice president of sales at ProBleu, a Bloomington, Ind.-based MSP.

“Having the Cyber Hero be able to contact me immediately — versus waiting two hours, four hours or a day later — is invaluable,” Hickman said. “The ability to have someone telling me there's something going on before it actually gets worse is something that you cannot put a dollar figure on.”

‘Owning The Endpoint’

It’s a smart move for ThreatLocker to go in this direction, agreed Dawn Sizer, CEO of 3rd Element Consulting, a Mechanicsburg, Pa.-based MSP.

“It's a natural extension of the product that they already have,” Sizer said. “They're owning the endpoint, at the end of the day.”

While larger customers will typically still want additional detection and response capabilities, the new ThreatLocker offering could displace the need for smaller customers to use any other tools for detection and response beyond the service, she said.

“For those that are looking for a price point that they can afford for a comprehensive product, I think that makes perfect sense,” Sizer said.

Overall, this move is also promising because of ThreatLocker’s strong track record around expanding into new areas, said Atul Bhagat, president and CEO of BASE Solutions, a Vienna, Va.-based MSP.

“You know that if they're going to do something in their product stack, it's going to be done very well,” Bhagat said.