3.2.0 8/29/2025
Improvements
- Made improvements to how Criticality levels are displayed for Compliance Frameworks without a manually assigned Criticality
- Added Policy ID along with the Application ID to System Audit log details
- Added Unified Audit search operators to the System Audit log
- Added an EULA to be displayed when first selecting the DNS server in Web Control
- Made improvements to the formatting of the 'Install Computers' dialog for better consistency and alignment
- Made improvements to the way Web Control policies are ordered when generated by Web Control request approvals
- Improved the DAC Compliance Details dialogue interface
- Added additional filtering on the DAC dashboard to filter by criticality
- Added the ability to view the Policy ID for a Patch Management policy being edited within the 'Edit Patch Policy' sidebar
- Updated the 'Select a version' dropdown within the 'Update ThreatLocker Version' dialog to display the correct logo for the Syslog version option
- Made improvements to the 'Add' and 'Remove' button styles on the 'Listener Configurations' agent setting sidebar
- Updated the pagination system on the 'File History' tab within Unified Audit entry sidebars for consistency across the portal
- Made improvements to now show the complete organization's familial relationships in the Organizations page
- Added scroll bars to the DAC, Health Center, and Community pages for improved navigation and visibility
- Optimized the 'Applies To' validations in the Response Center
- Added error notifications to clearly indicate when requests to export a large number of logs from the Unified Audit have timed out
- Added the hostname to the details field within the System Audit
- Added a link to view the latest DAC results for a specific device from the Devices page
- Improved the initial Learning Mode start date under 'Maintenance History' for a device to more accurately display the date of the initial Learning mode
- Made improvements to the 'Agent Restart Required' warning chip on the Computers tab of the Devices page to avoid false flags began
- Added an 'Applies To' column to the "Show All" filter in Patch Management
- Added a new Previous Version column to the Patch History tab of the Computer sidebar
- Improved the way Custom Rules are grouped and displayed in the Approval Center
- Added CSP to portal security headers
- Improved 'Submit Offline Ticket' creation to not require hitting enter after pasting contents from the clipboard
- Added a prompt identifying unpatched computers affected by a new Patch policy, with an option to patch them immediately
- Added a list of Application Policies and their locations that would apply to that computer in the Application Approvals sidebar
- Changed the Escalated Approval Status to reflect all possible escalations better
- Added the ability to create new policies and edit existing policies from the Actions section of the Detect policy page
- Added two new Detect Exclusion Conditions of "Full Path With CmdLine" and "Process Path With CmdLine"
- Made Improvements to the UI when creating or editing Detect policies with a lot of Policy Conditions
- Added column sorting to the Cloud Detect Policies page
- Added column sorting to the Endpoint Detect Policies page
- Improved the Initiate Defender Scan Detect Policy Action feature to avoid multiple
- Made improvements to policy layout and display for Detect Recommendation Details scans from being initiated
- Added multiselect functionality to Community Policies
- Changed the Elevate chip color to blue in the Approval Center to easily differentiate
- Improved the 'Create Report' permission by allowing users to save new reports and create scheduled reports. This new permission is called 'Create Custom Schedule Reports'
Bug Fixes
- Resolved an issue where the 'Prioritize Built-In Applications' Agent Settings checkbox was always checked
- Resolved an issue in which adding an Object as a selected source on a Network Control policy would cause the 'All Ports' destination option to remain disabled after switching back to 'All' sources
- Resolved an issue in which assigned managers for organization admins would not show properly on the Users page
- Removed the ability to edit the 'Applies To' of an agent setting after the setting is created and saved
- Resolved an issue in which the 'Selected Users & Groups' input field on an Application Control policy would not clear properly after successfully adding a user or group
- Resolved an issue in which selecting 'Add Policy to Top' on a Web Control policy would not follow the correct hierarchy when assigning the policy order
- Resolved an issue in which the checkbox for the 'Prioritize Built-In Applications' agent setting would always display as enabled
- Resolved an issue in which the Run in Testing Environment was not being displayed from the Unified Audit
- Resolved an issue in which the 'Pending Restart' tag would be displayed incorrectly on the Devices page when sorting by certain columns
- Resolved an issue in which Agent Settings would be incorrectly displayed for deleted computers
- Resolved an issue in which a 500 error would occur when using the 'Copy Link' option to download the SysLog Ingester Installer from the 'Install Computer' dialog
- Resolved an issue in which copying policies was incorrectly resulting in an Invalid ID error
- Resolved an issue in which Linux policies set for specific users and groups were incorrectly clearing the users on save
- Resolved an issue in which a scheduled Application Control policy was incorrectly permitting Elevation to be set to expire
- Resolved an issue where the Requestor details were not being saved to the Application Policy in the Approval Center
- Resolved an issue in which Tags could be saved with the same name
- Resolved an issue with running a file in the Testing Environment that contained an ampersand in the filename
- Removed help text in the Login Settings that noted IP addresses could be added in CIDR notation, as that is not a valid configuration entry
- Resolved an issue where a 500 error was given when trying to access the Detect Executive Summary Report
- Resolved an issue where specific Cloud Detect Threats would produce inconsistent errors
- Resolved an issue with being unable to copy inactive Detect policies
- Resolved an issue where the 'Applies To' in a Detect Policy was not searchable by Hostname
- Resolved an issue with a 500 error when trying to Clear All Detect Alerts
- Resolved an issue where long Policy names were cut off in Detect Policy Conditions
3.1.3 8/28/2025
Bug Fixes
- Resolved an issue with Unified Audit filter chips not clearing when the filter itself was cleared
- Resolved an issue with the Unified Audit filter chips not loading automatically when using Advanced Search
- Resolved an issue with the Unified Audit filters not clearing when filter chips are closed (x)
3.1.1: 8/20/2025
Improvements
- Updated DAC Criticality Trend Chart logic to better account for Tests that have been run multiple times per day
- Alerts are no longer displayed for objects (M365 accounts or Devices) that are in Remediation
Bug Fixes
- Resolved an issue where a specific Unified Audit Simulated Deny could not be opened
3.1.0: 8/19/2025
New Features & Improvements
- Added ability to build and schedule custom reports using the Report Builder
- Added a button to the Unified Audit which opens the Schedule Report dialog
- Added a new permission which provides access to create new scheduled reports from the Schedule Report window
- Added the ability to filter Application Control policies by a new "Policies Without Ringfencing" filter option
- Improved the user creation process by allowing individual permissions to be assigned at time of creation
- Improved UI alignment on the Maintenace tab in the Computer sidebar
- Changed the Storage Control Policies default view to include Inactive and Expired policies
- Improved the Upload File button functionality in an Approval Request to behave more consistently with the expected use case
- Improved the automatically generated Unified Audit recent search names for readability and conciseness
- Improved alignment of components in the DAC dashboard
- Improved alignment throughout the Community Policy sidebar
- Improved Unified Audit filter chip alignment
- Improved alignment of IP Addresses table in the Computer sidebar
- Updated pagination wording to better reflect page content on the Policies tab of the Elevation Control Module
- Updated Version title text on the Computer sidebar to better reflect the information being displayed
- Updated text on Agent Restart success toast
- Added Application Control Policy Creation from Approval Requests to the System Audit, including Applies To and Ringfencing
- Made improvements to the Missing Updates tab regarding minimum Agent version
- Improved the logical grouping of information being presented in the Maintenance History section of the Maintenance tab on the Computer sidebar
- Made an improvement to how Web Control Dashboard chart labels are displayed
- Improved display of the shadow text when setting proxy or relay settings to include http or https
- Added 'Applies To' for Patch Management, Configuration Manager, and Web Control policies to their respective System Audit entries
- Now displaying what policy was responsible for the deny in the Approval Center
- Removed the ability to set Exclusions in the Organization sidebar as they are no longer supported
- Removed the All Ports Destination option when using Objects as a source in a Network Control policy
- Implemented Categories for Custom Applications in the Application Store
- Updated the Copy Existing Policies feature help and error messaging in Application Control for clarity when duplicate policies exist in the destination
- Added a file counter to the Additional Files tab when the file count was less than required for pagination
- Made improvements to the settings layout and verbiage in the 'Computer Group Settings' section of the 'Edit Computer Group' sidebar
- Updated the IT Glue integration to move it off of legacy portal
- Updated the verbiage for ThreatLocker App email and SMS notifications to remove the word "Access"
Bug Fixes
- Resolved an issue where an admin received a 401 error trying to schedule an Elevation Maintenance Mode while the Computer was in Application Control Learning Mode
- Resolved an issue where admin able to click 'Add Note' button without entering all required fields first resulting in an error message
- Resolved an issue where the Unified Audit filter chips were not clearing when the current filters were cleared
- Resolved an issue where unable to save an Application Control policy successfully when the only change was toggling 'Attach file with request' on or off
- Resolved an issue within certain modules where the Home and End keys were not functioning
- Resolved an issue where the Application name was not being displayed when adding an application to an Existing Policy
- Resolved an issue where pagination wasn't updating when switching between organizations in the Unified Audit
- Resolved an issue where a false 400 error is continuously encountered when setting a new Maintenance Mode after getting a legitimate 417 error from an invalid date being entered
- Resolved an issue where you were able to promote a policy in Application Control to the 'Removed Computers' Computer Group
- Resolved an issue where trying to merge Applications spread across multiple pages would deselect the first selected when navigating to the next page
- Resolved an issue where the reveal password button would disappear if you clicked off the field and not come back after clicking back into the field
- Resolved an issue where HaloPSA integration was not pulling down Client name changes
- Resolved an issue where specific PowerShell process paths were being filtered out of the Unified Audit when 'Remove White Noise' was applied
- Resolved an issue with Cyrillic Usernames appearing as ?????? in the Response Center
- Resolved an issue where the Organization dropdown when setting Roles or Permissions was not showing the full available list
- Resolved an issue where Unified Audit Export to CSV was limited to 10,000 rows without checking the Show Count checkbox
- Resolved an issue where unable to make changes to Application Policies attached to hidden Mac Applications
- Resolved an issue with being able to add Entra groups to a Web Control policy from the Response Center
- Resolved an issue with getting a 500 error when trying to sync Datto Service Bundles with long names
- Resolved an issue with the tab counters not displaying properly in the Response Center without clicking the in-page refresh button
- Resolved an issue that allowed users to rename a Computer Group containing devices into a Global Group unexpectedly
- Resolved an issue in which selecting 'Forgot Password' was causing errors
- Resolved an issue in which Portal Banners would incorrectly include line breaks
3.0.6: 8/18/2025
Improvements
- Additional updates and improvements to the Portal and API in support of future functionality
3.0.5: 8/15/2025
Improvements
- General updates to the Portal and API in support of future functionality
3.0.4: 8/14/2025
Improvements
- Improved cache performance for Portal API
3.0.3: 8/12/2025
Improvements
- Disabled the 'Application' Condition in a Detect policy when paired with a Read or Write Action Type Condition as it would never produce an Alert
- Improved how Policy Conditions are displayed in the Detect sidebar when creating a policy
- Made improvements to how the Detect Alert Center displays on lower resolutions
- Removed the unnecessary Body field for Detect Call Rest API/Call Webhook Actions using the DELETE Method
Bug Fixes
- Fixed an issue with the Super Admin Child permission, where it was able to move an application to the parent organization
- Fixed an issue with password reset for SAML on beta.threatlocker.com
- Fixed an issue with Cyber Hero privileges for DAC reporting tab
- Resolved an issue with a field validation error being displayed unexpectedly when creating a Detect policy utilizing the 'Create Connectwise Ticket' Action
- Resolved an issue with a Call Rest API/Call Webhook Detect Policy Action failing when configured as an IP versus FQDN
- Resolved an issue with not being able to disable or delete Cloud Detect policies on a Child Organization from the Parent
- Resolved an issue with a field validation error being displayed unexpectedly when creating a Detect policy utilizing the 'Send Email' Action
3.0.2: 8/8/2025
Bug Fixes
- Resolved an issue where selecting an application from the 'Add to Application' search results with multiple matches would incorrectly choose the closest match instead of the selected one
3.0.1: 8/8/2025
Improvements
- Improved wording of and streamlined available options for Network Control policies by Process
- Improved DAC layout of compliance chips
Bug Fixes
- Resolved an issue where the 'Patch Now' button appeared for applications with patches still undergoing testing
3.0.0: 8/6/2025
New Features & Improvements
- We are excited to open up the new Defense Against Configuration (DAC) feature to Beta. Please reach out to your Account Manager or Sales Representative for additional details
Navigating the Defense Against Configuration Dashboard | ThreatLocker Help Center - Added new Syslog Ingester feature
How to Install the Syslog Ingester | ThreatLocker Help Center - Improved Portal API memory usage and performance
- Changed the default for the 'Notify Requestor' checkbox on Approval responses to checked
Bug Fixes
- Resolved an issue where approving an application with permanent Elevation was creating an expired policy in specific circumstances
To view beta portal release notes for version 2.25.2 and lower, please visit: Beta Portal Release Notes - Version 2.25.2 and lower | ThreatLocker Help Center