By default, there will not be a Global group created in your ThreatLocker organization. A Global group would come first in the policy hierarchy which means that policies placed at the Global level will be processed first. Care must be taken when adding policies at a Global level. A deny policy placed at the Global level will block that application at every level, even if another group has an allow policy for the same application. For more information on policy hierarchy, please see our Policy Hierarchy KB.
To create a Global group, be sure you are managing your parent organization. Navigate to the 'Computers' page. Select the 'Group' tab located at the top-right of the page. Select the '+Computer Group' button.
In the window that opens, name your computer group 'Global'. You can leave all the other options in their default settings. Select the 'Create' button in the bottom left corner.
This Global group will encompass every other computer group in every organization under your parent organization, including the parent organization. If you want to create a Global group for a specific group of computers (e.g., Workstations or Servers), you need to name the group 'Global-Workstations' with no spaces, as shown below.
A Global-Workstations policy will apply to all computers in the Workstations group in your parent organization and every organization under it. You can create a Global group for any computer group you have provisioned. For example, if you have a computer group named TestServers, you can create a Global group called Global-TestServers.
Mac Global Groups
For utilizing global policies to be effective on Mac computer groups, be sure to specify the Computer Group Type to be "Mac".
To target specific Mac computer groups globally, indicate the global group name using the same method as Windows. For example, to build global Mac policies to target a Mac computer group(s) called "Macbook", the global group would need to be named "Global-Macbook" using the naming convention of "Global-[GROUPNAME]".
Coming soon, Global 'Starts With' Groups. See the associated article: Creating Global "Starts With" Groups | ThreatLocker Help Center (kb.help)