Beta Portal Release Notes | ThreatLocker Help Center

2.23.0: 7/3/2025

New Features

Added the ability to search by username on the Computers page
Added the ability to publish Configuration Manager policies to the Community
Added the ability to set and use Approval Request template responses
Added the ability to download a Community Web Control policy to the top or the bottom of your current list
Added search bar to the ServiceNow integration Catalog dropdown
Added support for Global Groups in the Store
Added support for macOS application in Detect policy conditions
Added Configuration action type in Detect conditions
Added a hyperlink to the target application from the Maintenance Mode history logs
Minor UI improvements on the Help Desk
Added UI support for Installation Legacy mode (requires Windows Agent 10.3, coming soon)
Made clarifying improvements to the message displayed when attempting to register a domain that is already registered to another party
Added the ability to monitor the TL DB file to macOS computers in Detect

Bug Fixes

Resolved an issue in which a Detect modal was not closing when returning to parent
Resolved an issue in which emails were failing to send when responding to a Detect alert
Resolved an issue in which adding a label to a Detect policy was incorrectly opening the save and publish to Community dialog
Resolved an issue in which changing a ThreatLocker Detect policy action from Call Rest API to Call Webhook was incorrectly resulting in an error
Resolved an issue where password reset emails were not being sent to email addresses that contain a + character
Resolved an issue in which saving or canceling a Web Control policy was resulting in a console error
Resolved an issue in which the username text was not displaying properly when using Chrome in dark mode
Resolved an issue in which an error message was incorrectly being displayed on the Create Computer Group sidebar before an error was made
Resolved an issue in which the Applies To dropdown was not displaying a default value when creating a new Application policy for a macOS, Linux, or XP application
Resolved an issue in which a clear button was incorrectly being displayed in the Web Control Category dropdown when nothing was selected
Resolved an issue in which the deploy policies button was bouncing irregularly when it should have been turning red
Resolved an issue in which portal dashboards were extending outside their borders when displayed on a highly zoomed-in screen
Resolved an issue with search not working for Web Control Tags in the sidebar
Resolved an issue in which disabling the Default policy was not correctly flagging in the Health Center as a permit all policy
Addressed an issue in which the special characters listed in the portal User sidebar were not correctly displaying all characters that cannot be used
Resolved an issue in which Tags could be saved with the same name
Resolved an issue in which displaying more than 10 tickets in the Resolved Ticket dialog box was not permitting navigation to the second page of tickets
Resolved an issue in which typing http:// or https:// in front of a domain in Web Control policies was incorrectly displaying an error
Resolved an issue in which the Deploy Policies button was incorrectly displaying red due to an Approval Request being actioned for a single endpoint
Resolved an issue in which a scheduled Application Control policy was incorrectly permitting Elevation to be set to expire
Resolved an issue in which the default Elevation time frame was not correctly being honored in Approval Requests
Resolved an issue in which Global custom banners were not being shown on child organizations
Resolved an issue in which moving a policy to parent did not also move the application, resulting in the inability to delete the application when the policy was removed
Resolved an issue in which MacOS policies were not displaying correctly for Globals and Show All
Resolved an issue in which a user with View Computer permission was unable to start a maintenance mode when combined with a maintenance mode permission
Resolved an issue in which a message was being incorrectly displayed when an Isolation mode was removed
Resolved an issue in which an application deleted on Instace A was not replicated to customer instances

2.22.3: 07/1/2025

Bug Fixes

Resolved an issue where using the Network Direction filters in the Unified Audit, Inbound or Outbound, would cause an error

2.22.2: 06/27/2025

New Features & Improvements

Added visibility of the last logged-in username to the Computers page and the last 5 logged-in users on the Computers sidebar

2.22.1: 6/25/2025

Bug Fixes

Resolved an issue in which policies were not being updated correctly when an Approval Request was actioned
Resolved an issue in which Approval Requests were displaying matching applications for files that did not match the applications listed in the dropdown
Resolved an issue in which Community-published Cloud Detect policies were incorrectly requiring Endpoint Detect to be enabled before they could be downloaded
Resolved an issue in which monitored path links were not opening an Application Control sidebar where the path could be added

2.22.0: 06/24/2025

New Features & Improvements

Added visibility of Built-In Applications that are no longer being updated by the ThreatLocker team
Added a tooltip to the Azure Integration sidebar to make it easier to understand
Added Web Control policy category to the Community
Added better support for display on the Web Control dashboard when the screen is zoomed in
Added new Agent Setting to enable setting multiple relays
Added a link to the Unified Audit from the Computer sidebar so users can quickly search the Unified Audit for the specified computer name
Added logic to close the Deploy Policies hover over when the deploy button is selected
Added a confirmation message when saving Store settings
Made minor alignment improvements on the Application Control Policy Management dropdown
Made alignment improvements on the Computer Group sidebar
Made alignment improvements on the Edit User sidebar
Added new filter rules of Greater Than or Less Than in the Unified Audit for File Size, Parent Process: File Size, and Destination Port
Added a warning and confirmation message that is required to be acknowledged in order to delete, disable, or change the policy action on the Default Deny policy for Application Control

Bug Fixes

Resolved an issue in which the Deploy Policies button was incorrectly displaying red due to an Approval Request being actioned for a single endpoint
Resolved an issue in which Linux policies were unable to be copied using the Copy Policies dialog
Resolved an issue in which duplicate values were incorrectly being saved as duplications in Elevation Control module
Resolved an issue in which the Transport Layer filter in the Advanced Search of the Unified Audit was not working
Resolved an issue in which Datto PSA was incorrectly populating duplicate services
Resolved an issue in which a Cloud Detect policy was unable to be edited for a child organization when logged in to the parent organization
Resolved an issue in which creating an Application Control policy with Elevation was incorrectly defaulting to a 1 hr time limit
Resolved an issue in which the Deploy Policies hover-over was incorrectly opening in the upper left corner when pressing the button without waiting on the the hover-over to load
Resolved an issue in which the Username filter in the Unified Audit when used with the contains rule was acting as a starts with instead of contains
Resolved an issue in which the ThreatLocker Portal display settings were not overriding browser display settings
Resolved an issue with selecting a Built-In application on the Application Control, Policies page would cause a portal error that would redirect the user to the Health Center
Resolved an issue where leading or trailing spaces on Unified Audit search filters were not being removed properly

2.21.3: 06/18/2025

Bug Fixes

Resolved an issue in which Forgot Password was not accepting correct SMS codes
Resolved an issue in which the Computer name was not being displayed on the Application Control > Applications > Existing Policies tab

2.21.2: 06/17/2025

Bug Fixes

Resolved an issue with the Forgot Password feature producing 400 errors, preventing Password Reset Emails from being sent

2.21.1: 06/16/2025

Bug Fixes

Resolved an issue that occurred when a username with a '+' symbol in the email address, that is linked through SAML, would not receive a working password reset link and would show an error on use
Resolved performance issues on the company mapping tab of the ConnetWise integration

2.21: 06/13/2025

New Features & Improvements

Added the ability to select mobile devices in the Network Control Object dropdown
Added a Forgot Password link on the login page
Added a Support PIN visible in the Help menu
Added a new user permission for "View Integrations" that will allow read-only access to the integrations page
Added new user permissions, "View Storage Control Policies" and "View Storage Control Devices", that will allow read-only access to the relevant Storage Control pages
Added display of the date/time a Detect Alert was received on both the main Threats grid and the Alerts sidebar
Added the ability to create a Detect Action that references Linux or Mac policies
Added Is Trusted IP and Is Not Trusted IP as conditions in Cloud Detect
Added display of the Maintenance Mode ID in the Maintenance Mode logs
Added the ticket details tab on Web Control Approval Requests
Added visibility of Modules enabled and disabled in the System Audit
Added portal support for Detect in Linux - Require Linux Agent 3.0 (Coming soon)
Added UI support for Conditional Learning mode for Mac Agent 4.2
Improved the wording of the Agent restart request confirmation window

Bug Fixes

Resolved an issue in which the Datto integration was failing to retrieve clients if they had gone from Inactive to Active
Resolved an issue in which the Check In totals were incorrect
Resolved an issue in which it was possible to open multiple Module dropdowns at once on the Organizations page
Resolved an issue in which inserting an invalid URL once in an Endpoint Detect policy was causing the API test to continually fail even once a correct URL was inserted
Resolved an issue in which ThreatLocker Built-in Network Tags were incorrectly being displayed in the Web Control Categories dropdown
Resolved an issue in which attempting to log in from a geo-restricted area was displaying an incorrect error message
Resolved improper verbiage used in warning dialog presented when changing computer group learning to create policies on the group level
Resolved an issue in which an Incident Response was unable to be completed without also setting a Recommendation
Resolved an issue in which Agent Settings were unable to be reordered from the main grid
Resolved an issue in which the Enable auto refresh checkbox disappeared when the window was resized
Resolved an issue in which Web Control and Cloud Detect policies were able to be saved with a name that was just empty spaces
Resolved an issue in which multi-select buttons on the Approval Center were overlapping the Status dropdown on smaller screens
Resolved an issue in which users with a view-only permission were able to select different options on the Organization edit, even though they couldn't save them
Resolved an issue in which the Install key and the Group Identifier in the Computer Group sidebar were not click-to-copy
Resolved an issue in which the page containing Web Control Tags was not always displaying the correct page number when changing the filter
Resolved an issue in which users without Super Admin permission were unable to use the Copy Policies feature
Resolved an issue that prevented users from accessing the Tags page in the Web Control module, despite having the module enabled
Resolved an issue in which a Detect Exclusion with the same parameters as an expired one was unable to be saved
Resolved an issue in which an endpoint with a date over a month in the past was causing Detect alerts to not be displayed on the master alert board
Resolved an issue with the auto-populate feature of storage control policies not working when a file extension is entered without a wildcard as the monitored path
Resolved an issue in which helpdesk tickets were incorrectly changing to status Updated by Customer when a ThreatLocker employee added a comment
Resolved an issue in which the Office 365 integration sidebar was not requiring the user to save the integration
Resolved an issue in which changing the Organization in the Copy Policies dialogue resulted in an invalid search
Resolved an issue in which the application list was not being displayed alphabetically when creating a new Patch policy
Resolved an issue in which Cloud Detect alerts were unable to be cleared using the multi-select feature
Resolved an issue in which Web Control Approval Requests actioned and added to an existing policy were being incorrectly placed within the policy hierarchy
Resolved an issue in which attempting to search by 2 computer groups in the Unified Audit was not working as expected
Resolved an issue where an error did not present on being stopped when attempting to add duplicate file path or selected application entries into a Storage Control policy
Resolved an issue in which customer was unable to apply a hash only or custom rule in the response center
Resolved an issue in which the unused modules banner was incorrectly being displayed for customers on trial and internal test organizations
Resolved an issue in which Detect Executive Reports were being sent with an inaccessible URL

2.20.2: 6/20/2025

New Features & Improvements

Added a new Agent Setting, Disable Network Cache, that will allow an IP address to be added and disables the caching of actions from that IP address on the applied to agents
Removed the disabled section for UAC branding from the Computer group and Organization sidebars
Removed the ability to delete Agent Settings from the portal

2.20.1: 6/6/2025

Bug Fixes

Resolved an issue in which the products displayed in the modules dropdown were incorrectly linked to other products, causing unexpected behavior when trying to disable and reenable products
Resolved an issue with Unified Audit logs generated from a machine's time and date that was set to before the audit retention period was not showing with the time of receipt to the database with a modified time and date note

2.20.0: 6/5/2025

New Features & Improvements

Added a new operator of Includes for Action Type Conditions in Detect
Added email validation to the Detect Report scheduler
Added new Detect Actions to enable and disable Web Control policies
Added the ability to create a new Policy from within the Incident Response dialog
Added an Applies To in Cloud Detect policies to select from available Tenants, or to apply to all Tenants
Added the ability to initiate a Windows Defender scan as a Detect Action
Added a 'Show Count' checkbox in the System Audit to help improve loading and searching speeds
Added Organization names to the Computer Groups dropdown on the Devices > Computers page when using Include Child Organizations
Added a confirmation message when a new Storage Control policy is created from an Approval
Added a confirmation message when an Elevation Control policy was successfully deleted
Updated Icons on the Applications page
Moved all Elevation branding to the new Agent Settings page
Added the ability to create and use Approval Response Templates
Added new View Roles permission that provides read-only access to User Roles
Added new View Computer Groups permission that provides read-only access to the Computer Groups page
Added a new View Tags permission that provides read-only access to the Tags page
Added a new user permission, View Local Admin Settings, that provides read-only access to the Elevation Control module
Added two new permissions: View Network Control Policies and View Network Control Authorization Hosts that provide read-only access to the corresponding pages
Added the ability to specify file paths and extensions for monitoring with Ringfencing and/or Storage Control
Added a new page to configure monitored file paths and extensions for use with Ringfencing and Storage Control
Added a new SolarWinds Service Desk Integration
Added a new Agent Settings page that will hold settings sent to the Agent, like Elevation UAC branding, to make it quicker and easier to manage
Added logic to prevent a user from enabling conflicting Configuration Manager Policies
Added a new pop-up window when hovering over the Deploy Policies button to show the policies that are pending deployment
Added new permissions for View Application Control Applications and View Application Control Policies to allow users to view but not edit these items
Added tracking of API usage
Added the ability to select the Sync date for the Datto Autotask integration

Bug Fixes

Resolved an issue in which the Applies To dropdown in creating new scheduled reports with ThreatLocker Detect would give a portal error message
Resolved an issue in which selecting the computer count on the Computer Groups page was redirecting to the Computers page, but it was not loading any results
Resolved an issue in which the Advanced Search in the Unified Audit was disappearing when the page was resized
Resolved an issue in which a long Created By name in the Permit Application sidebar would not wrap, causing it to run off the page
Resolved an issue in which certain users were unable to scroll the matching applications dropdown from a Unified Audit execute log
Resolved an issue in which the first entered Baseline path on the Computer Group sidebar was unable to be removed
Resolved an issue in which the dialog box was being closed once a version was selected when using the Patch Now button
Resolved an issue in which super admin child users were unable to turn on the Use Parent Settings for Cyber Hero Approvals
Resolved an issue in which the policy list was not refreshed when copying a policy to the list
Resolved an issue in which default admin accounts were incorrectly displaying in the Elevation Control page as being removable when they cannot be removed
Resolved an issue in which the underscore character was not accepted when being used in password creation
Resolved an issue in which Automatic Learning was defaulting to System Policies Only when being enabled from the Computers page
Resolved an issue in which marking a patch as resolved was displaying an incorrect confirmation message
Resolved an issue in which using brackets and braces in an API body from a Detect policy was breaking the body
Resolved an issue in which the additional details were not correctly being displayed in expanded Network Unified Audit logs
Resolved an issue in which IPv6 addresses showing on the last check-in field would cause an overlap between columns
Resolved an issue in which users without Super Admin permission were unable to use the Copy Policies feature

2.19.6: 6/6/2025

Bug Fixes

Resolved an issue where the profile picture in the portal was failing to display due to unsupported file types being used
Resolved an issue with invalid organization identifiers caused by unsupported characters

2.19.4: 5/29/2025

Bug Fixes

Resolved an issue in which an organization was unable to update the Datto integration ticket settings
Resolved an issue in which the Office 365 Connector was unable to be configured with the Cloud Control module and not the Cloud Detect module
Resolved an issue in which the impacted computers count for Patch Management was incorrect
Resolved an issue in which the Detect scheduled executive summary was not sending at the scheduled time

2.19.3: 5/29/2025

New Features & improvements

Added support for SHA 512 in the SAML integration, configured via a drop-down menu

2.19.2: 5/27/2025

New Features & improvements

Added the ability to select the Sync date for the Datto Autotask integration
Added Test button when setting up Detect actions to send to RestAPI or Webhook to test that it has been configured correctly

Bug Fixes

Resolved an issue that prevented isolated Approval Requests from loading in the portal

2.19.1: 5/23/2025

Bug Fixes

Resolved an issue where the Applies To configuration for an Application Control policy was being set to 'Entire Organization' after the new policy sidebar was closed and opened again

2.19.0: 5/22/2025

New Features & Improvements

Added an Upload button on Install action type Unified Audit entries
Added a dropdown list of values to the Keyword input in the Advanced Search in the Unified Audit when selecting Encryption Status
Added a banner to display if there are ThreatLocker Modules being paid for that aren't being utilized
Made improvements to the validation when adding files to an application to prevent the ability to add duplicates
Added links to the Unified Audit from an Approval Request.
Added the ability to use Enter button for making line breaks in CHM instructions
Added new permissions Edit User Store and View User Store to control the ability to create or view Store items
Added display of the Last Version Change for ThreatLocker Version in the Computers sidebar
Added hyperlink to the Application sidebar from the Unified Audit
Added the ability to search by process in the Unified Audit by clicking the parent process in an expanded Unified Audit entry
Added a 'Show Count' checkbox in the System Audit to help improve loading and searching speeds
Added display of the date/time a Detect Alert was received on both the main Threats grid and the Alerts sidebar
Added display of OS type on the Patch Policies page
Made improvements to the email sent for Web Control escalated requests
Added display of all information available on the Devices main grid in the sidebar

Bug Fixes

Resolved an issue in which Resolve All button in Patch Management module was not working as expected
Resolved an issue in which changing the Organization in the Copy Policies dialogue was resulting in an invalid search
Resolved an issue in which the Group By Count was not exported when exporting Unified Audit results
Resolved an issue in which the Office 365 integration sidebar was not requiring the user to save the integration
Resolved an issue in which caching was creating the inability to select applications in the Add to Application dropdown in the Unified Audit
Resolved an issue in which the Install Computer window was incorrectly displaying the Computer Group dropdown on smaller screens
Resolved an issue in which the Health Center Unified Audit tile was displaying incorrectly when using a display zoom greater than 100 % combined with a browser zoom of less than 100%
Resolved an issue in which the Applies To in the copy storage policies dialog was not correctly defaulting to what was selected on the main page
Resolved an issue in which hitting ESC from an Application Approval sidebar was resulting in errors
Resolved an issue in which having more than 1 maintenance mode enabled at a time was incorrectly displaying separate timers
Resolved an issue in which the Health Center tile for Monitor Only Policies/Computers was not including all policies that could be in monitor mode
Resolved an issue in which the Add Storage Device button was incorrectly displaying for devices that were not removable external devices
Resolved issues in the Response Center where the tabs on the right were covering the title of the page on a smaller screen
Resolved an issue in which the Filter White Noise option in the Unified Audit was not filtering out Tamper Protection logs
Resolved an issue in which the time until secured on the Devices page was not displaying when Disable Tamper Protection was enabled
Resolved an issue in which Suggested Policies were unable to be added to other groups when opening the Suggested Policy window from a group that already had that policy applied
Resolved an issue in which macOS applications were not showing in the Detect application condition dropdown
Resolved an issue in which Cloud Detect logs in the Unified Audit were incorrectly displaying with a clickable hostname
Removed unused "Title" field on the Request Window Appearance settings
Resolved an issue in which promoting a policy with multiple applications applied to it would incorrectly promote just 1 application
Resolved an issue in which the White Noise Filter in the Unified Audit was not working as expected
Resolved an issue in which Global policies were incorrectly displaying on grandchild organizations when they shouldn't have been because they do not apply to them
Resolved an issue in which macOS applications with global policies were being incorrectly displayed as impacting all OS types and not just macOS
Resolved an issue with downloaded Community Cloud Detect policies in the parent organization being removed when copied to a child organization

2.18.6: 5/21/2025

Bug Fixes

Resolved an issue in which Storage Approval Requests were unable to be actioned by users with appropriate permissions
Resolved an issue in which some customers could not enable products from the Organization page Modules dropdown

2.18.5: 5/19/2025

Bug Fixes

Resolved an error caused when starting the 'Patch All' function from the Missing Updates page for Patch Management

2.18.4: 5/16/2025

New Features & Improvements

Added a new search filter to the Unified Audit, Computer Id, that allows users to filter and group by a specific machine's computer Id

Bug Fixes

Resolved an issue with an error preventing users from adding the Datto integration

2.18.3: 5/15/2025

Bug Fixes

Resolved an issue with the Datto integration that caused an error when attempting to load contracts
Resolved an issue with downloaded Community Cloud Detect policies in the parent organization being removed when copied to a child organization
Resolved an issue that prevented the generation of custom reports in the portal

Portal 2.18.2: 5/13/2025

Bug Fixes

Resolved an issue in which products couldn't be selected from the Products dropdown on the Organization page

Portal 2.18.1: 5/12/2025

New Features & Improvements

Added a new Executive Summary Report to provide a monthly summary of Detect activity
Added the Copy Policy feature to ThreatLocker Detect
Added a new column on the Web Control page to display if a policy is Scheduled or has an Expiry
Added a button to the banner that informs users if they need to set up Endpoint Response Settings which will open the configuration sidebar
Added links to the Unified Audit from an Approval Request
Added an Include Child Organizations checkbox on the Missing Updates page and sidebar
Added a banner to display if there are ThreatLocker Modules being paid for that aren't being utilized
Minor UI fix on Patch Policy sidebar
Made improvements to the Products dropdown on the Organizations page to make it more intuitive and user-friendly
Label change on the Detect Dashboard Top Alerts chart
Improved the display of Approval Request timing to more accurately display TTR
Added an Upload File to the Approval Request sidebar
Made improvements to the validation when adding files to an application to prevent the ability to add duplicates
Added better validation when adding custom rules in an Approval Request to prevent adding duplicates
Made improvements in the Unified Audit to open the Web Control DNS Server sidebar when selecting the Hostname from the Unified Audit sidebar
Changed label from Inherit Status From Group to Inherit Status From Computer in the Application policy sidebar
Added validation to the file exclusions section of Application Policies to prevent the ability to add an empty rule
Added validation to the file exclusions section of Application Policies to prevent the ability to add an empty rule

Bug Fixes

Resolved an issue with exporting Unified Audit Reports with certain Group By's
Resolved an issue in which the Monitor option was inaccessible for Application Deny policies
Resolved an issue in which tag types were not accessible as expected in the portal
Resolved an issue in which disabling Cyber Hero Management at the Parent level was preventing child-level approvals from being actioned or escalated
Resolved an issue in which Application Policies were displayed in the incorrect order when using the Show All Policies option
Resolved an issue in which deleting a Store item did not remove it from the Portal
Resolved an issue in which attempting to close a sidebar on a list with 400+ items was causing the page to temporarily freeze
Resolved an issue in which disabling an Application Policy was incorrectly hiding it from the Enable Application Policy list in Detect
Resolved an issue in which bundles and PSA contracts were unable to reload in the Datto integration sidebar
Resolved an issue in which patches were being displayed for a version older than the currently installed version
Resolved an issue in which searching for Baseline action type in the Unified Audit was not working as expected
Resolved an issue in which an application deleted on A was not replicated to customer instances
Resolved an issue in which sorting by TL Version was not displaying in the correct order
Resolved an issue in which exporting the Unified Audit was changing the time displayed
Resolved an issue in which the Health Center widget was not displaying macOS policies
Resolved an issue in which recommendations in Detect were always displaying as if they were made by the Cyber Hero Team instead of reflecting the username of the Organization's own tech if not made by the Cyber Hero Team
Resolved an issue in which parent organization Tray Branding was not being replicated down to child organizations
Resolved an issue in which Cloud Detect module was reachable when that module was not enabled
Resolved an issue in which all Super Admins of a Partner Organization could be removed, leaving the Organization without a super user
Resolved an issue in which Detect Policy Action to enable or disable a Cloud Detect policy
Resolved an issue in which the Maintenance Modes dropdown was showing empty when a computer was Isolated or Locked Down
Resolved an issue in which a file without a hash could not be added to an application from an Approval Request
Resolved an issue in which a very long Organization name was being cut off
Resolved an issue in which Datto integration could not be created
Resolved an issue in which the export from the Devices Page was displaying an incorrect header for the Denied Count
Resolved an issue in which the Office 365 integration sidebar was not requiring the user to save the integration
Resolved an issue with Web Control approval requests displaying the incorrect request time
Resolved an issue in which bulk action pop-up windows were not being opened under the correct action
Resolved an issue in which the Missing Updates tile on the Health Center was not displaying the correct number of missing updates on the graph

Portal 2.17.4: 5/8/2025

New Features

Added a 'Show Count' checkbox in the System Audit to help improve loading and searching speeds
Added support for Cyber Hero MDR policies to accommodate different OS types
Added support for different OS types when making Detect policies

Portal 2.17.3: 5/7/2025

Bug Fixes

Resolved an issue in Network Control by removing the ability to add tags as a destination option for inbound policies and also as a source option for outbound policies, causing behavior that is not expected in the agent

Portal 2.17.2: 5/6/2025

New Features & Improvements

Added a new feature that allows users to search Detect policies based on labels applied to them to better identify a category a policy may belong to

Bug Fixes

Resolved an issue with Web Control approval requests displaying the incorrect request time
Resolved an issue with data properly displaying in the Detect Dashboard graphs when filtered for a specific endpoint and using 'Include Child Organizations'
Resolved an issue where a computer specific Detect policy was being erroneously displayed as applying to Entire Organization when the specific computer was removed

Portal 2.17: 4/30/2025

New Features & Improvements

Improved the messaging when a new policy would never be matched because of policies placed above it in the hierarchy
Changed the labeling of Approval Requests that were not approved from Ignored to Rejected
Updated the display of ThreatLocker Cyber Heroes to ThreatLocker Cyber Hero team in email responses
Added an additional confirmation popup when selecting Restart ThreatLocker Agent on All Devices
Made minor UI adjustments to the Web Control policy sidebar
Made UI improvements to pop up messages on Application Control and Patch Management modules
Changed the label of Hostname in the Unified Audit to Asset Name
Added an Upload button on Install action type Unified Audit entries
Added a copy URL to the Unified Audit sidebar
Added a hyperlink to the hostname from Approval Requests
Added better validation when creating Web Control policies
Added a new button to the Unified Audit log sidebar that allows users to add a Web Control policy based on the audit log
Added the ability to schedule and expire Web Control policies
Added a new action type in the Unified Audit for DNS
Added support in the portal for macOS devices in the Patch Management module
Added display of Computer groups on the Devices page with the ability to filter by group for easier device management
Improved System Audit logging for Patch Management actions taken by administrators in the portal
Updated the Response Center, Approvals tab, status dropdown label for 'Escalated from the Cyber Heroes' to 'Escalated from the Cyber Hero Team'
Added support for macOS to user Triggered Installation Mode

Bug Fixes

Resolved an issue in which the Web Control dashboard was failing to load the Top Blocked Domains chart
Resolved an issue with the trial expiration banner appearing in the portal with the incorrect date of expiration
Resolved an issue in which Unified Audit advanced searches were case sensitive
Resolved an issue in which ServiceNow tickets were not correctly populating the Assignee
Resolved an issue in which users were able to copy policies between organizations without the appropriate permission
Resolved an issue in which Computer Groups were not being populated in the Applies To dropdown when creating Web Control policies
Resolved an issue in which the tab buttons were overlapping the page title on the ThreatLocker Detect Alert center on smaller screens
Resolved an issue in which the Effective Action column was missing from Unified Audit exports
Resolved an issue in which on smaller screens, the buttons on right hand side of the Users page were unreachable
Resolved an issue in which Global Web Contol policies were unable to be edited/updated
Resolved an issue in which adding to application from the Unified Audit was incorrectly resetting the hash if a different selection was made and then attempting to go back to the hash
Resolved an issue in which the ThreatLocker portal version was being displayed as white text, making it invisible
Resolved an issue in which Scheduled Detect policies were failing to display a start time
Resolved an issue in which incorrect order status was preventing customer login
Resolved an issue in which the buttons on the Missing Updates tab were not returning to full size when a minimized window was maximized
Resolved an issue in which moving a device was not updating its IP record in the new location
Resolved an issue in which Store names were not correctly wrapping to fit in the allotted space
Removed a no longer functioning Add to Store button from the application sidebar
Resolved an issue in which requesting a write action was resulting in the Request incorrectly defaulting to having Read selected
Resolved an issue in which the maintenance API was not allowing a computer to be placed in Tamper Protection Disabled
Resolved an issue in which application files were not being added or removed in real time
Resolved a UI issue seen with multi-select dropdowns when using Mozilla Firefox browser
Resolved an issue where the TLAPS password icon on the Devices page was not displaying when using sorting or filter options
Resolved an issue where Cloud Detect incident details were missing when viewed in the Detect Dashboard
Resolved and issue where users were able to download Cloud Detect policies from the Community without a warning dialog to advise that the same policy already exists
Resolved an issue with Health Center displaying positive results incorrectly for Applications that exist in more than one Policy
Resolved an issue where a Cyber Hero had access to view a child org set to no access through the parent org set to full access

Portal 2.16.4: 4/24/2025

Bug Fixes

Resolved an issue with the File History tab on Elevation Approval Requests not loading results properly

Portal 2.16.3: 4/23/2025

New Features & Improvements

Updated the report 'Override Use (Including Child Orgs)' to use the new Unified Audit search
Updated the report 'Blocked Files in the Selected Date Range' to use the new Unified Audit search
Updated the report 'Applications Installed/Updated by Specific Hostname' to use the new Unified Audit search
Updated the report 'Denied Files by Count' to use the new Unified Audit search
Updated the report 'Application Use in the last 30 days' to use the new Unified Audit search
Updated the report 'Computers with Duplicate Computer IDs' to use the new Unified Audit search
Updated the report 'USB Serial Numbers' to use the new Unified Audit search
Updated the report 'Top 10 Applications in the last 30 Days' to use the new Unified Audit search
Updated the report 'Top 10 Applications in the last 7 Days' to use the new Unified Audit search
Updated the report 'Users per Application in the last 30 Days' to use the new Unified Audit search
Updated the report 'Users per Application in the last 7 Days' to use the new Unified Audit search
Updated the report 'Blocked Files in the last 7 Days' to use the new Unified Audit search
Added the ability to search attribute dropdowns in the Unified Audit
Added the ability to combine 2 separate Group By functions when using Advanced searching the Unified Audit
Added a Count column in the Unified Audit when using Group By to show how many items are included in that grouping

Portal 2.16.1: 4/17/2025

New Features & Improvements

Updated naming for ThreatLocker Detect user permissions
- Renamed 'Edit/View ThreatLocker Detect Policies' to 'Edit/View All ThreatLocker Detect Policies'
- Renamed 'View/Manage ThreatLocker Detect Remediation' to 'View/Manage All ThreatLocker Detect Remediation'
- Renamed 'View/Manage ThreatLocker Detect Threats' to 'View/Manage ThreatLocker Detect Threats'
Added a new user permission section, with new permissions, for Endpoint Detect
- New user permission 'View Endpoint Detect Policies'
- New user permission 'Edit Endpoint Detect Policies'
- New user permission 'View Endpoint Detect Remediation'
- New user permission 'Edit Endpoint Detect Remeditation'
- New user permission 'View Endpoint Detect Threats'
- New user permission 'Edit Endpoint Detect Threats'
Added a new user permission section, with new permissions, for Cloud Detect
- New user permission 'View Cloud Detect Policies'
- New user permission 'Edit Cloud Detect Policies'
- New user permission 'View Cloud Detect Remediation'
- New user permission 'Edit Cloud Detect Remeditation'
- New user permission 'View Cloud Detect Threats'
- New user permission 'Edit Cloud Detect Threats'
Added a new user permission section, with new permissions, for Cloud Control
- New user permission 'View Cloud Control'
- New user permission 'Edit Cloud Control'
- Removed Network Control permissions from Cloud Control Named Locations/Microsoft 365 access pages
Added a new user permission section, with new permissions, for Mobile devices
- New user permission 'View Mobile Devices'
- New user permission 'Edit Mobile Devices'
- Removed View/Edit Computers permissions from the Devices, Mobile tab
Added a new user permissions section for Web Control
Added a new user permissions section for Patch Management

Portal 2.16: 4/16/2025

New Features & Improvements

Improved the System Audit logs for deleting computers, computer groups, or applications to now be a 'Delete' action type, rather than 'Modify'
Updated the colors on the Unified Audit Summary chart for the Web Control Dashboard to be red and green for denied and permitted activity
Added a confirmation prompt when attempting to delete a Patch Management policy
Added additional logging for troubleshooting Datto integration errors
Made readability improvements to the Detect Dashboard bar graphs
Changed the Detect Dashboard widget filters button label to Update instead of Search to more accurately represent the functionality
Changed the default Detect Dashboard Timeframe filter to "30 Days"
Reordered the Detect Dashboard Timeframe widgets filter
Added an additional timeframe filter of "30 Days" to the Detect Dashboard widgets
Made UI improvements to Upcoming Patches page in Patch Management module
Added Patch Management user actions to the System Audit
Updated the Web Control Policy Actions UI controls to buttons with icons for better usability
Added Instructions and Guidelines for Web Control Cyber Hero Management
Changed Policy display text from "No Policy" to "Manually Patched" for Applications that are manually patched
Added support for macOS devices and Applications in Patch Management
Added Insights button to Approval Requests to display additional information about the requested file
Added Linux Stub Installer download option
Updated the invalid OTC code error message for conciseness and readability

Bug Fixes

Removed Installation Mode from the Devices page as this mode will only be accessible when completing an Approval Request in the Response Center
Resolved an issue that prevented files with multiple certificates logged from the MacOS agent to only show a single certificate in the Unified Audit
Resolved an issue with 'Created By' process not being included in the notes section for application definitions
Resolved an issue in the Detect policy sidebars where policy names in the dropdown were unreadable for Policy and Previously Matched Policies conditions
Resolved an issue that prevented users from promoting a Mac Application Policy to a Global level
Resolved an issue where the Get or Download button was covering the application name for the End User view of the Store
Resolved an issue where selecting 'Add to Policy' on file ringfencing events in the Unified Audit did not auto populate the file path from the action log to the exclusion section of a policy
Resolved an issue with copying Mac Application Policies causing Ringfencing configurations to not be copied properly
Resolved an issue where Application Policy names with an '&' symbol was not displaying properly in the portal
Resolved an issue with the 'PolicyGetByID' portal API endpoint not returning specific parameters
Resolved an issue with updating a parent tag with items from a child organization not properly updating the tag when shared by different organizations
Resolved an update issue with the MAC 4.0 beta version
Resolved an issue with Co-Managed Direct Support that allowed helpdesk access to Child Orgs admins
Resolved an issue during the Copy Policy Process, a message has been added to inform users they are copying a policy that is already contained in the target location

Portal 2.15.3: 4/10/2025

New Features & Improvements

Added a dropdown to the login page that allows a user to override which instance they login to

Bug Fixes

Resolved an issue in which when login restrictions were set to disallow a Country and allow a specific IP address within that country was incorrectly denying login from the permitted IP address

Portal 2.15.2: 4/8/2025

New Features & Improvements

Added a new advanced search field, filter by Computer Group, to the Unified Audit when using the New Search
Added support for creating Detect policies for macOS endpoints
Updated the policy description for the Configuration Manager Defender SmartScreen Configuration policy
Updated the description in the Configuration Manager CVE-2013-3900 WinVerifyTrust Signature Validation policy
Updated the description for the Configuration Manager CVE-2023-44487: HTTP/2 Rapid Reset Attack policy

Bug Fixes

Resolved an issue in which newly added permissions for Web Control were preventing users from editing non-Web Contol tags
Resolved an issue in which API Users were not being restricted by Geo-Restrictions
Resolved an issue in which the copy link button on the user sidebar was causing the main User page to be non-functional
Resolved an issue in which the Permit Application button was not working from Baseline logs
Resolved an issue in which tags were failing to load
Resolved an issue in which Cloud Detect was incorrectly looking for Cloud Control to be enabled to access
Resolved an issue in which the Configuration Manager policy Configure memory dump file & recovery options was not behaving as expected
Resolved an issue in which the Testing Environment was not able to handle file names with non-alphanumeric characters
Resolved a typo in the Configuration Manager Set Password Protected Screen Saver policy
Resolved an issue in which the Stub Installer was unable to uninstall ThreatLocker if the update channel was set to Don't Update
Resolved an issue in which the Configuration Manager policy CVE-2013-3900 WinVerifyTrust Signature Validation was not correctly being applied
Resolved an issue in which the Configuration Manager 'Turn off multicast name resolution (mDNS) (LLMNR)' policy was not being fully enabled even when set to enable

Portal 2.15.1: 4/3/2025

New Features and Improvements

Added Cloud Detect and Cloud Control to the Products dropdown
Added a new service that updates the Last Policy Match
Made visual improvements to the Web Control Policies page

Bug Fixes

Removed items that were incorrectly added to the Unified Audit Actions dropdown
Resolved an issue in which the New Unified Audit search was not displaying the computer's maintenance mode

Portal 2.15: 4/2/2025

New Features and Improvements

Added the Access Device ID to the Edit Device sidebar
Made the new Web Control Dashboard the default and first tab in the Web Control Module
Added support for creating Detect policies for macOS endpoints
Added an additional Notify on Request option for Web Control in the User sidebar
Enhanced Policy Action column on Web Control Module to allow administrators to toggle between Permit and Deny on page
Improved system audit logging to include details when a policy is modified to include the Kill Running Processes option
Improved the Billing page by now allowing users to manually enter Billing Emails rather than using a dropdown
Made improvements to how the Patch Management user interface deals with patch policies set to patch immediately
Enhanced how Impacted Computers are displayed in Patch Management
Added new permission titled "View Computers - Managed Organization Only", which allows an Admin to view computers at the applied Organization level only

Bug Fixes

Resolved an issue where child organizations HelpDesk tickets were no longer visible if the organization was deleted, they are now moved up to the parent organization on deletion
Resolved an issue that prevented users from accessing the Microsoft 365 module if Network Control was not enabled for the organization
Resolved an issue where Web Control Tags were showing in Application and Network Control
Resolved an issue with the computer sidebar when using the GetDNForComputerName option that caused the Deploy Policies button to be covered
Resolved a UI issue with the ThreatLocker Detect tab, on a computer sidebar, when accessed while ThreatLocker Detect was not enabled for that organization
Resolved an issue where the Unified Audit filter for "Secured" was also showing devices in learning mode with the new search enabled
Resolved an issue with added and renamed Azure/Entra groups displaying as a 'blank' in the Azure integration once reloaded
Resolved an issue with the sorting and ordering of approval requests in the Response Center when including child organizations
Resolved an issue in which the Unified Audit advanced search was incorrectly including destination IPs when choosing to show only source IPs
Resolved an issue in which users were unable to create rules using the Process Path in conjunction with a Full Path
Resolved an issue in which when login restrictions were set to disallow a Country and allow a specific IP address within that country was incorrectly denying login from the permitted IP address
Resolved an issue where the View Computers permission applied via a role at the parent level would incorrectly allow devices from child organizations to be viewed

Portal 2.14.3: 3/29/2025

New Feature

Made a change to Web Control policies to only permit one category per application for simplicity

Bug Fixes

Resolved an issue in which the new search in the Unified Audit was not displaying the Permit Elevation or Add to Application buttons
Resolved an issue in which the Unified Audit was not displaying certain files as matching existing applications
Resolved an issue in which the URL from and expanded entry in the Unified Audit was not being copied correctly when selecting the link button

Portal 2.14.2: 3/27/2025

Improvements

Improved the billing page with more informative error reporting in the event adding a payment method fails

Portal 2.14.1: 3/26/2025

New Features

Added a brand new Web Control dashboard
Added visibility of details section in the Unified Audit for DNS logs
Made improvements to the display of warnings and errors in the Risk Center

Bug Fixes

Resolved an issue in which the calculations displayed on the Missing Updates Health Center tile were incorrect
Resolved an issue in which Registry activity and Certificate changes were not correctly being displayed in the Risk Center

Portal 2.14: 3/25/2025

New Features

Added Include Child Organizations option on the Detect Dashboard
Made improvements to the Top Alerts widget to be Top Alerts by Device
Added the ability to open the Exclusions sidebar from the computer sidebar via clicking the hostname
Added the Detect Dashboard to the Detect Module and will default to it being selected when the module is first opened
Added the ability to select Organization admins in the Reviewed By dropdown in Detect Recommendations
Added a new action type in the Unified Audit for DNS
Added confirmation message when successfully deleting applications

Bug Fixes

Resolved an issue in which the EnableRemotePresence option was not being saved on the target machine
Fixed multiple User Contact issues with the Mutual Action Plan
Resolved an issue with the Application Control Module that would not display the status options for Secured/Monitor/Inherit when Request is enabled
Resolved an issue in which deleting an organization that had User Roles applied to it would change the User Role to apply to All Organizations
Resolved an issue in which Detect conditions to enable/disable another module policy was incorrectly tied to the ThreatLocker Protect bundle
Resolved an issue in which selecting the additional files tab and attempting to add multiple files to an approval was not working and not showing an error
Resolved an issue in which closing the Organization sidebar before it was fully loaded resulted in an error
Resolved an issue in which the computer ID was being omitted from Unified Audit logs using the new search
Resolved an issue where destination was not updating after updating a tag name
Resolved an issue in which editing the name of a DNS server was incorrectly causing an error message that the IP address already exists
Resolved an issue in which Web Control policies were incorrectly defaulted to add the policy to the bottom of the list
Resolved an issue in which pressing Patch Now on a pending Patch policy was failing
Resolved an issue where unable to update an existing Application with a 'Path Only' file
Resolved an issue with Tags not being populated when Ringfencing an Application

Portal 2.13.1: 3/18/2025

New Features

Added better detail to ConnectWise tickets to show what type of request is being made
Added display of 'bytes' when file size is hovered over
Added additional confirmation messaging when deleting items in Storage Control, Config Manager, and the Devices page
Added message to inform users to not rename the PKG file when downloading and installing Mac Agent
Added a link to external Cyber Hero Approval Instructions from the Cyber Hero Instructions tab
Added new New filters in the Unified Audit: Group By "Port" and "Network Direction - Inbound/Outbound"
Added a new feature to Unified Audit to group by Port and Network Direction
Added new ThreatLocker DNS service as part of Web Control
Added the ability to set DNS servers as ThreatLocker Objects for applying to Web Control policies
Added support for Order by in Patch policies
Added the ability to enable/disable Patch policies from the main grid
Added the ability to enable/disable and delete Patch policies en masse from the main grid
Added the ability to mark patches as complete from the main grid individually and en masse
Added an Upcoming Patches tab to the Application sidebar to display all pending patches for the selected application
Added display of non-patch-managed applications that are missing updates
Added lazy loading in the Network Control Policy sidebar Objects dropdown to better accommodate large lists of objects
Added a hover over on the Patch Policy schedule button to display the required Windows Agent version
Added the ability to Ringfence with Insights on Approval Requests
Added a new permission category for Web Control with 2 new permissions of Edit Web Control Policies and View Web Control Policies
Added display of all applications with missing updates in the Missing Updates Health Center tile

Bug Fixes and Improvements

Resolved an issue in which ConnectWise tickets weren't being closed when using a custom auto-close delay
Resolved an issue in which very long file names uploaded to a help desk ticket were being cut off at the file extension, causing the upload to fail
Resolved an issue in which attempting to open File History was displaying an error for certain applications
Resolved an issue in which the Modules dropdown on the Organizations page was accessible by users with incorrect permissions
Resolved an issue in which the New Search was not correctly displaying Deny (Option to Request) actions
Resolved an issue in which the last check in column was not updating Access Device check ins
Resolved an issue in which File History was only displaying one certificate
Resolved an issue in which navigating to a blocked page while also logged into the ThreatLocker portal was displaying an expired token page
Resolved an issue in which maintenance modes were incorrectly requiring a user to be selected when selecting to apply to all users
Resolved an issue in which the target dropdown was not populating when copying Network Control Policies
Resolved an issue in which merging and deleting applications from any page other than the first page would send the user back to the first page once an action was complete
Fixed a minor type on the Top Alerts graph in the Detect Dashboard
Changed the Detect Dashboard Recommendations widget popout to a dialogue
Resolved an issue in which Global groups were incorrectly being displayed in Storage and Network Control
Resolved an issue in which saving a domain Ringfencing exclusion with ipv4 in the name would incorrectly be saved despite an error being displayed
Resolved an issue in which incorrectly formatted data in Ringfencing exclusions that had previously been saved were preventing new correctly formatted exclusions from being saved
Resolved an issue in which incorrectly formatted data in tags that had previously been saved were preventing new correctly formatted tag items from being saved
Resolved a minor UI bug on the Elevation Control module that caused the line below column headers to break
Resolved an issue in which search parameters were not being reset after navigating away from a page in the Endpoint Detect module
Resolved an issue in which domains could not be saved in tags with a wildcard at the end
Resolved an issue in which the domain x.com could not be saved in Tags
Resolved an issue with domain names not supporting numerals in Organization Settings
Resolved an issue in which a long Store name was going behind the New Store Policy button
Resolved an issue in which Endpoint Detect policies were unable to be opened from an alert on a machine in a child organization
Resolved an issue in which multiple Elevation Control policies were being deleted when only one was selected
Resolved an issue in which clicking the Create button multiple times created duplicate policies
Resolved an issue in which deleting an admin was not removing the corresponding contact in the CRM
Resolved an issue in which end users were receiving a popup to run their requested application before the application was added to the local apps.db
Resolved an issue in which the ThreatLocker Not Detected label was incorrectly displayed in the Unified Audit
Resolved an issue in which the Datto PSA integration was failing to map contracts
Resolved an issue in which an extra space in the Config Manager MS WordPad Vulnerability: Disabled key policy was causing the policy to fail
Resolved an issue in which Datto PSA integration was unable to load contracts
Resolved an issue in which ThreatLocker Cyber Hero ownership was not being removed when escalating the request back to the client
Resolved an issue in which one client was unable to copy a Global policy to the Global Workstations group
Resolved a minor UI bug on the Patch policy sidebar in which the Patch Version dropdown was being squished
Resolved an issue with custom computer names being removed in the portal when the agent check-ins without a custom computer name being sent to automatically update the custom name

Portal 2.12.1: 3/13/2025

Bug Fixes

Resolved an issue in which certain deny logs on a single instance were returning an error when attempting to permit
Resolved an issue in which Storage requests were incorrectly being opened as Web Control requests

Portal 2.12: 3/10/2025

New Features and Improvements

Added support for Bearer Token use in Detect Send to API actions
Added an All Policies option when viewing Web Control Policies
Improved the Detect Dashboard Incident Outcomes Chart readability and time precision
Added a static redirect page when Web Control blocked access to a targeted page

Bug Fixes

Resolved an issue where manually entered usernames were not being accepted on Web Control policies
Resolved an issue in which merging and deleting an application from any page other than the first page would send the user back to the first page once an action was complete
Resolved an issue in which the Any Deny filter was not working as expected using the New Search in the Unified Audit
Resolved an issue in which username searches in the Unified Audit were failing using the New Search
Resolved an issue in which the Storage Control Copy Policy target organizations and groups dropdown would load empty
Resolved an issue that prevented the modification of hash values when defining custom rules
Resolved an issue in which Global-Group policies were incorrectly being displayed when Show All Policies is selected
Resolved an issue with SMS notifications being delivered when configured on an application policy to notify an administrator on request

Portal 2.11.4: 3/5/2025

New Features and Improvements

Added a new Patch Management module: Patch Management | ThreatLocker Help Center
Added a new Web Control module: Web Control Module | ThreatLocker Help Center
Added a new Detect Dashboard: Detect Dashboard | ThreatLocker Help Center
Added a new Microsoft 365 (changing label to Cloud Control) that contains Cloud Detect and M365 Conditional Access
Added a new Insights button on expanded Unified Audit entries and Approval Requests to show known file behavior and interactions based on 90% of the ThreatLocker customer base
Made improvements to the User Application Store: The Application Store | ThreatLocker Help Center
Added the ability to set previous policy match as a condition in Detect so you can now chain behaviors together
Added a tooltip prompt on the Computers page that will inform users of a Windows machine not being able to update due to needed minimum OS requirements
Added additional Swagger documentation for System Audit API calls
Improved the UI for the Unified Audit sidebar by adding a More Details section and adding copy buttons to each line item
Added new Detect condition called 'Previously Matched Policy'
Added a new banner to warn Admins when a Named Location exceeded the 2,000 unique IP address limit
Improved ThreatLocker Detect responses to include more actions
Improved the Detect Dashboard Incident Outcomes Chart readability and time precision
Changed the Path column in Response Center to Details to better reflect column contents
Improved Deploy Policies and Approval Requests to better supports new Tags for Patch Management
Added Application Name to Advanced Search and Group By to the new Unified Audit Search
Added a popout page for the Detect Dashboard Recommendations widget

Bug Fixes

Resolved an issue in which company mapping in the Datto integration was not correctly saving
Resolved an issue in which Elevation Exception policies were not being displayed on the main grid if they contained no exceptions
Resolved an issue where selecting application rules in a specific order would generate a "You can not have a Created By only rule" error
Resolved an issue with Application Control Policies not being created for Linux and Windows XP Operating Systems
Resolved an issue with deleting Configuration Manager policies occasionally resulting in an error
Resolved an issue where the Applies To field was not reset after the Applications Existing Policies sidebar was closed
Resolved an issue with updating existing applications in the Permit Application sidebar was not auto populating a suggested application name
Resolved an issue in which Admins from a moved organization were able to viewed on the Elevation Control Local Admin Users and Groups page
Resolved an issue with being unable to deploy policies while having the Edit or View Organizations permission. This will be added as a new permission in future builds for more granular control
Resolved an issue in which adding Ringfencing exclusions from the Unified Audit were incorrectly defaulting to the IPv6 type
Resolved an issue that allowed a user to enable multiple Disable ThreatLocker Detect maintenance modes at the same time
Resolved an issue where a maintenance mode end date wasn't properly updated when entered manually
Resolved an issue where the 'Secured' and 'Unsecured' Filter By options were no longer available after filters had been cleared
Resolved an issue where enabling/disabling a policy was not being logged in the unified audit when performed from the sidebar
Improved System Audit logging with Storage Control policy changes and how they are recorded
Resolved an issue where enabling/disabling a policy was not being logged in the unified audit when performed from the sidebar
Resolved an issue with resetting a user's password and an error being given when OTC is enabled
Resolved an issue with Saved Searches in the Unified Audit where the parameters from the start and end dates were causing incorrect searches
Resolved an issue with using the Select All checkbox on the Elevation Control module page in which it would select more objects than what was currently displayed on the page
Resolved an issue where Store Elevation Policies were not being Ringfenced.
Resolved an issue with Restart Agent Portal command not being sent to older Windows Agent versions
Resolved an issue where the Named Locations exceeded IP's banner was causing a 403 error
Resolved an issue in which the Certificate SHA was not being added when attempting to add it from the Unified Audit
Resolved an issue in which Store categories were being incorrectly displayed when the category contained an &
Resolved an issue with using an End Date filter option where selecting 00:00 AM was causing the field to go empty

Portal 2.10.3: 2/13/2025

New Features

Added a new tab on the Devices page for "Mobile (Beta)" where admins can invite end users to install the ThreatLocker Access app in preparation for using 365 Conditional Access control
Added a new tab on the Network Control page for 365 Conditional Access

Bug Fixes

Resolved an issue in which the Permit Elevation and Add to Application buttons were not being displayed in the Unified Audit when utilizing the New Search
Resolved an issue in which policies set for Azure Users and Groups were incorrectly saving the UserGroup as text instead of the correct value
Resolved an issue in which the Advanced Search Filters were not being displayed in alphabetical order

Portal 2.10.2: 2/12/2025

Bug Fixes

Resolved an issue in which passwords were unable to be reset when MFA was enabled.

Portal 2.10: 2/5/2025

New Features and Improvements

Added display of a message on the Computers page that an agent restart is required after changing Options
Added the ability to customize the Elevation UAC window (Requires Windows Agent 9.7 or greater
Added a new Reload Tenant Groups button on the Azure integration sidebar to resync the tenants from Azure
Incorporated a 'New Search' option in the Unified Audit to greatly improve loading speeds
Made improvements to the New Search feature in the Unified Audit to better display Network results and Linux baselines

Bug Fixes

Resolved an issue in which parent admins were able to edit a child organization from outside the US when the child organization was ITAR-compliant
Resolved an issue in which suggested rules were being created using an unverified certificate
Resolved an issue in which IPv6 addresses were unable to be input into Tags
Resolved an issue in which a specific organization's Cloud Detect response settings for child organizations were pulling down incorrect data and that data was then unable to be edited
Resolved an issue in which active alerts were not displaying as expected when a "Disable ThreatLocker Detect" mode was scheduled but the computer time was set earlier than the start time of the mode
Resolved an issue in which the copy policies function in Network Control did not populate the correct policy list on the initial load
Resolved an issue in which the computer sidebar was incorrectly displaying a permission error for Detect when the user was not trying to access the Detect tab
Resolved an issue in which the application name was not being displayed below built-in applications
Resolved an issue in which the Action Type Baseline was not returning results when selected from the Advanced Search in the Unified Audit
Resolved an issue in which status was not properly being displayed in the System Audit when removing Lockdown or Isolate or when switching from one to another
Resolved an issue in which Cyber Hero Instructions were not being correctly formatted on the Organization page
Resolved an issue in which editing a Storage Control Policy's order was incorrectly not accepting negative numbers
Resolved an issue in which the Elevation Control Local Administrator Users and Groups page was not correctly being exported to CSV
Resolved an issue in which Super Admin permission was incorrectly being required before a user could expand an IP address on a Unified Audit entry
Resolved an issue in which some Approval Requests were not being included in bulk actions, even when selected to be included
Resolved an issue in which the bottom-most Unified Audit log was partially obscured when viewing on a minimized screen
Resolved an issue in which 417 errors were not correctly being displayed by the portal
Resolved a UI glitch on Detect policies that use a policy condition containing a Tag
Resolved an issue in which Admins from a moved organization were able to be viewed from the Elevation Control Local Admin Users and Groups page
Resolved an issue in which adding Ringfencing exclusions from the Unified Audit were incorrectly defaulting to the IPv6 type
Resolved an issue in which the Advanced Search in the Unified Audit was case-sensitive
Resolved an issue in which Azure users and groups were failing to load in the selected users and groups dropdowns in policies
Resolved an issue where a 417 error was received when attempting to create or update a tag containing a domain with a period in it
Resolved an issue where end users were unable to open the Store from the tray
Resolved an issue in which an update to the Azure Integration caused groups on older Integrations to not sync properly

Portal 2.9.3: 1/24/2025

Bug Fixes

Resolved an issue where selecting 'View Unified Audit' on the Threats tab was not loading the Unified Audit as expected
Resolved an issue in which clicking the Denied Count on the Computers page was not loading the Unified Audit as expected

Portal 2.9.2: 1/22/2025

Improvements

Preview release of ThreatLocker Store UI in anticipation of future release

Bug Fixes

Resolved an issue in the Software Health Report where text would be cut off in the 'Areas Recommended to Review' section
Resolved an issue in the Software Health Report that would list applications in the 'Areas Recommended for Review' section in the incorrect order. Applications are now correctly listed by their rating, placing the application with the highest combined score at the top
Resolved an issue with the Datto integration where unit counts that were set to 0 were not updating properly for Service/Bundles

Portal 2.9.1: 1/13/2025

Bug Fixes

Resolved an issue on the Computers page that displayed 'Inherited From Group' which showed incorrectly for computer agent versions when the targeted computer has a specified agent version not set from the computer group

Portal 2.9.0: 1/10/2025

Improvements

Update the iconography and the verbiage for the Local Administrator Users and Groups page
Added a new Subcategory selection option for the ServiceNow integration.
Updated the verbiage on the Computers sidebar from 'machine' to 'computer'
Improved the Copy Policy feature of Network Control Module to improve the user experience
Updated the Computers page naming convention to 'Devices' and updated the Access Tab to 'Mobile'
Added a new column for the ThreatLocker Agent version to the Computers page.

Bug Fixes

Resolved an issue where canceling a Remediation MFA request would not properly terminate the request
Resolved an issue in which the HALO PSA integration was failing to update due to caching of the Integration ID
Resolved an issue that prevented end users from clearing Cloud Alerts
Resolved an issue and improved the User Workflow when clearing Cloud Alerts
Resolved an issue where Ringfenced records were incorrectly displaying the 'Add to Tag' feature
Resolved a display issue when scrolling to the bottom of the Computers page
Resolved a button display issue on the Install Computer form when using smaller display formats
Resolved a display issue with a tooltip in the side panel of the Elevation Control Module
Resolved an issue with Unified Audit create policy process that would prevent a policy being created in scenarios where a certificate has special characters
Resolved a Unified Audit display issue while saving a rule on an application update that would prevent the rule from returning to its original state
Corrected and Improved the Elevation Notification user experience and relabeled the form to Elevation Notification
Resolved an issue with Advanced Search with Unified Audit which worked incorrectly with the 'Not Equals' option.
Resolved an issue with being able to select Objects in Network Control Modules
Resolved an ADMIN permission issue with the Application Control Module.
Resolved an issue in which custom Detect banners were being displayed after they had expired
Resolved an issue in the Application Control Module with saving the autofill values during new policy creation
Resolved an issue in which Storage Control Policies were not correctly being loaded and displayed
Resolved an issue in which a canceled MFA request was incorrectly displaying as a new MFA request on the mobile app
Resolved an issue when putting a computer into Learning or Install Modes would default to creating new policies at the Organization level. This now requires the end user to select a level from the 'Applies to' drop down list
Resolved an issue in which scripts run using PowerShell ISE were not being audited as expected

Portal 2.8.1: 12/24/2024

Improvements

Enhanced portal stability

Portal 2.8.0: 12/20/2024

New Features

Added Approval Request APIs to the public ThreatLocker Swagger documentation
Added the ability to Copy Storage Control Policies
Added the ability to copy Network Control Policies to multiple destinations.
Added a new tab on Approval Requests to display other files that hit the policy that blocked the requested file on the hostname from 10 minutes before the requested file was observed up to 24 hours after the requested file was observed
Added support to display the Triggered Installation options for Approval Requests originating from computers running Mac Agent 4.2 or greater
Added support in the VDI Testing Environment to for various international character sets

Bug Fixes

Resolved an issue with the Add to Application feature of the Unified Audit that would permit an administrator to add a Full Path to an application definition that is already using a SHA256 hash parameter in custom applications
Resolved an issue with displaying computer groups in the Global subsection of the "Applies To" dropdown that did not follow the proper naming syntax needed to be considered a global group
Resolved an issue in which users were unable to create rules using the Process Path in conjunction with a Full Path
Resolved an issue in which the Remediator tab was incorrectly requesting MFA after the MFA was approved
Resolved an issue in Storage Control in which character limits in file paths were not correctly displaying a limit exceeded message
Resolved an issue in which empty spaces were able to be saved as domains in Tags
Resolved alignment issues with the Actions icons on the policies page
Resolved an issue in which users were unable to manually enter Start and End dates for Scheduled Maintenance
Resolved a grammatical error in the systray popup message for Schedule Maintenance
Resolved an issue with Application Control in which the Add New Policy sidebar was not consistently presetting the Applies To
Resolved an issue in which users were unable to set ThreatLocker Access for Solutions Engineers and Cyber Heroes independently
Resolved an issue with Storage Control that allowed blank values for Selected Users & Groups
Resolved an issue with creating blank fields in Endpoint Response Settings
Resolved an issue with 'Approve for Global Permission' individual User Permission that prevented Administrators from promoting policies to a global level
Resolved a priority and sequencing issue with the same User making multiple searches at the same time
Resolved an Application Control Permission when adding a Scheduled Maintenance mode for a Computer
Resolved a font sizing issue with the Response Center sidebar on larger display formats
Resolved an issue in which version numbers in file paths were being incorrectly displayed as if the version number was an IP address
Resolved an issue in the Unified Audit system that prevented the correct tagging of events with IPv6 addresses
Resolved an issue in which top level Organizations Tags were not inheriting down two sub organization levels
Resolved a grammatical error in the systray popup message for Schedule Maintenance
Resolved an issue in which the Modules dropdown on the Organizations page was being cut off partially for Organzations listed close to the bottom of the screen
Resolved an issue in which the Unified Audit advanced search was returning empty results when attempting to search for a Created By Process that Starts With or Ends With
Resolved an issue in which the auto populate button in Storage Control policies would not add file paths with file extensions included
Resolved a display issue on the Computers page where the Do Not Update version label was displaying over top of other information on smaller screens
Resolved an issue in which changing the 'Applies To' on the Application Control Policies page while on any page other than the first page of results would cause the page to appear blank until the page was refreshed
Resolved an issue in which Storage Control Policies that were created with expiration dates in the future were being displayed as Expired when they weren't
Resolved an issue in which the CSV export from the Computers page incorrectly included a column for a computer-specific update channel which is not a supported feature
Resolved a spelling error in the Configuration Manager policy 'Configure TLS (transport layer security) protocols'
Resolved a high visibility display issue when showing the Disable ThreatLocker Detect in Maintenance Mode

Portal 2.7.4: 12/18/2024

Bug Fixes

Resolved an issue with navigating between pages in the application files section while viewing an application

Portal 2.7.3: 12/12/2024

Bug Fixes

Resolved an issue with inviting new administrators from the portal that resulted in an error stating new password email failed to send

Portal 2.7.2: 12/10/2024

Bug Fixes

Resolved an issue in which using the 'Add to Application' button from the Unified Audit was resulting in an error

Portal 2.7.1: 12/5/2024

New Features

Added a new variable in Detect Email actions for the Organization
Updated the Elevation Control Module user interface and workflow to improve the user experience and the removal of users and groups from the Local Administrator group
Renamed the formerly named 'ThreatLocker Health Report' PDF file that can be downloaded from the portal to 'ThreatLocker Software Health Report'

Bug Fixes

Resolved an issue in which the Elevation Control module was incorrectly disabling local Administrators in the Remove All Except when it wasn't enabled
Resolved an issue in which users with appropriate permission were unable to promote to Global
Fixed issue with duplicating policies when promoting to Global
Resolved an issue in which promoting policies from machine level macOS to group macOS level was creating a duplicate application instead of moving the policy
Resolved an issue in which policies that were promoted to the Entire Org incorrectly resulted in duplicated Global level policies being removed
Resolved an issue in which ThreatLocker Access was being enforced as Read-Only even when it displayed Full Control
Resolved an issue in which macOS computers on Agent version 4.0 were not displaying check in status
Resolved an issue in which Self Approved items were not displaying a Run Now popup to the end user
Resolved an issue causing an error when inviting a user through the 'Invite Administrator' function in the portal.

Portal 2.7.0: 11/26/2024

New Features

Added the display of the Date/Time and IP address was first observed in the Computer Sidebar, IP Addresses tab
Added the ability to create a Network Control Policy from the Unified Audit slide out panel
Added the Requestor email to the body of an escalated Approval Request
Added the ability to export the information from the Administrators page

Improvements

Made improvements to the Token Theft Protection feature to remember the user's previous setting
Improved System Audit logging for users clearing all ThreatLocker Detect alerts
Modified the location of the Narrow Search feature of the Unified Audit to an icon next to the date/time displayed in the slide out panel
Minor UI improvements on the Storage Control main grid
Updated the display of date pickers on policy edit screens
Added the ability to use the certificate SHA as a custom rule
Improved Super Admin Child permission restrictions on maintenance modes
Added display of the Last Match date in the Application Control > Applications > Existing Policies tab
Added a Refresh button on the Application Control > Applications sidebar > Existing Policies tab
Added the display of the Computer Group Name to Existing Policies tab on the Application Control slide out panel
Added the ability to choose from existing Contacts when adding Stakeholders to a Mutual Action Plan
Improved Detect Policies to prevent saving without an 'Applies To' value
Added a new variable in Detect Email actions for the Organization
Made improvements to the Custom Notes feature to show on slide out panels
Made improvements to the handling of bulk maintenance modes being enabled/disabled when computers have custom notes that need acknowledged
Improved the policy listing order on the Application Control page

Bug Fixes

Resolved an issue with creating a New Local Admin exception in Elevation Control
Resolved an issue with being able to create the Default Deny policy for MAC Network Control
Corrected a display issue with spacing on the slide out panel in the Response Center for permitting applications
Resolved an issue in which the headers were not being included when exporting the Unified Audit
Resolved an issue in which the Copy Policies dropdown was not loading for Organizations with many groups and computers
Resolved an issue in which the existing applications dropdown in Approval Requests was loading very slowly
Resolved an issue in which user roles were unable to be applied to multiple organizations at the same time
Resolved an issue in which the Application Control page was experiencing slowness
Resolved an issue with deleting domain names within the Organization setup
Resolved an issue in which a computer was able to be placed into installation mode without selecting an application
Resolved an issue in which a process only rule was able to be saved as a custom rule
Resolved an issue which editing Ringfencing exclusions were not being logged in the System Audit properly
Resolved an issue in which Elevation maintenance modes were able to be started by users with incorrect permission
Resolved an issue in which Application Control Learning Mode was accessible by users without permission
Resolved a display issue with the Maintenance tab of the Computers slide out panel
Resolved an issue in which the Default Policy slide out panel was incorrectly showing an Elevation Appearance section
Resolved an issue in which a Storage Control approval was able to be saved with a blank interface
Resolved an issue in which the Datto integration was failing to pull PSA Contracts
Resolved an issue in which Maintenance Mode Start and End Dates were unable to be changed by inputting numerical values ONLY
Resolved an issue in which Super Admin users were unable to update Detect Policies on grandchild organizations
Resolved an issue in which a message stating Time Zone changes will reflect on a refresh was being displayed when Time Zone settings had not been changed
Resolved an issue in which emails were not sending to the Primary Contact
Resolved an issue that prevented newly invited administrators from being subject to enforced MFA requirements, as specified in login settings
Resolved an issue in which the All Computers report was displaying in an incorrect order
Resolved an issue with Custom Notes that required an Acknowledgment that was displaying an unclear message
Resolved an issue in which Maintenance Modes were being incorrectly overlapped
Resolved an issue in which users were incorrectly able to set a Maintenance Mode on computers with active alerts before acknowledging them
Resolved an issue that caused Custom Notes to display incorrectly on Approval Requests
Resolved an issue in which Mac 4.0 was not displaying the correct check-in status in the portal
Resolved an issue in which the Elevation Control module was incorrectly disabling local Administrators in the Remove All Except when it wasn't enabled
Resolved an issue with HaloPSA where incident tickets were not being generated as intended
Resolved an issue in which Approval Requests that are approved or ignored from the ThreatLocker portal were being poorly formatted in HaloPSA

Portal 2.6.6: 11/21/2024

Bug Fixes

Resolved an issue with invoice URLs redirecting improperly, causing the page to not be viewable, when clicked within a messaging platform that inspects and verifies URLs

Portal 2.6.4: 11/15/2024

Bug Fixes

Resolved an issue with logging in to the portal caused by an incorrect check on geolocation restrictions when signing in through SAML
Removed the pending deploy policies feature until performance is improved
Removed the Unified Audit Details tab on Approval Requests for design improvements

Portal 2.6.2: 11/14/2024

Bug Fixes

Resolved an issue where starting a chat with a Cyber Hero from the login page was not working as expected

Portal 2.6.3: 11/14/2024

New Features

Added a new feature to allow Administrators to be selected to receive specific Request Notifications for Elevation, Applications, and/or Storage
Added a hover-over on the Deploy Policies button to display System Audit records for pending policy changes - This feature is being rewritten in the next portal build

Added a new tab on Approval Requests to display the Unified Audit with results for the hostname from 10 minutes before the requested file was observed up to 24 hours after the requested file was observed
Added a link from the Denied File Count on the Computers page to open the Unified Audit filtered to show the timeframe of the denied count selected
Made improvements to the speed of loading the initial Unified Audit search by date/time
Added display of the Organization name on the Cloud Detect policy main grid
Changed the error message displayed when attempting to upload a profile picture that is too large
Added a check to look for the keyword 'mismatch' and change the color of the Certificate chip appropriately
Added additional character space for inserting a URL in the ServiceNow integration

Bug Fixes

Resolved an issue in which users were unable to effectively disable the Configuration Manager policy CVE-2021-34527: Configure Print Spool Service (Print Nightmare)
Resolved an issue in which the MFA method was being incorrectly cached when an admin was deleted
Resolved an issue in which certificate mismatches were being displayed in green instead of red
Resolved a minor UI bug on the Health Center page in which on small screens the progress bars could end up under the tile
Minor verbiage correction on the error message received when a user doesn't have permission to edit or create an application
Resolved an issue in which a leading or trailing space was not being trimmed as expected in Storage Control Policies > Selected File Paths
Resolved an issue in which there were no System Audit logs when a user failed login due to being blocked by geo-restrictions
Resolved an issue in which a single login was logging 4 login attempts on the Health Center page
Removed Harddrive Serial Number from the variable dropdown in Detect as it is not information that is collected
Resolved an issue in which the Create Configuration Manager Policy sidebar was incorrectly allowing the policy to be saved with the Applies To being blank
Resolved an issue in which ThreatLocker Detect policies were unable to be created using the Destination IP Matches condition
Resolved an issue in which the Home and End keys were not moving the cursor within a text field in the Unified Audit
Resolved an issue in which opening an Elevation Control Exception was incorrectly opening the Entire Organization level instead of the selected Exception
Resolved an issue in which a hostname hyperlink was not correctly opening the hostname sidebar when selected from an Approval Request
Resolved an issue in which Super Admin users were unable to update Detect policies on grandchild organizations
Resolved an issue in which specific API calls were incorrectly extending authentication token expiration
Add additional resolution to the issue in which the action log for the Detect policy TL.AAL.117 - Monitor Know Ransomware Notes was not generating
Removed the Enabled/Disabled button from the top of the Elevation Control Module > Remove All Except tab. Exclusions must be set and enabled or disabled from the sidebar
Resolved an issue where starting a chat with a Cyber Hero from the login page was not working as expected
Resolved an issue in which logins using SAML were failing

Portal 2.5.2: 11/14/2024

Bug Fixes

Resolved an issue where starting a chat with a Cyber Hero from the login page was not working as expected

Portal 2.5.1: 10/31/2024

Bug Fix

Resolved an issue in which the action log for the Detect policy TL.AAL.117 - Monitor Know Ransomware Notes was not generating

Portal 2.5: 10/25/2024

New Features

A new feature that allows ThreatLocker administrators to take ownership of approval requests, indicating to the rest of the team that an approval request is currently being worked on
A new feature was added to allow the editing of the subject line for emails generated upon ignoring an approval request from the Response Center
Created a new sidebar window that is accessed through the Unified Audit by selecting an IP address that contains a list of known devices in ThreatLocker that match the selected IP address
Added a link from the Denied File Counts on the Computers page to open the Unified Audit, filtered to show those denies
Added a new feature to let users select their preferred display timezone. Once selected, all date/times throughout the portal will be displayed to the user in their preferred display timezone
Added additional permission checks on the MaintenaceModeInsert API
Added the Reports page APIs to our published API documentation
Added the Unified Audit page APIs to our published API documentation
Added new buttons to Elevation Action Type logs in the Unified Audit, allowing administrators to permit the application with elevation or to add files to a new or existing application definition

Improvements

Improved ThreatLocker Detect functionality to support the use of wildcards in the CMD line parameters and IP address exclusion options
Improved custom rule input boxes to automatically resize once the contents fill the current input box size
Improved the Copy Policies target dropdown menu to include a search field to filter for a desired destination
The portal's Reports page has been renamed 'Custom Reports' to better suit its purpose. Only reports used within the last six months will be visible. Please reach out to the Cyber Heroes if there are reports you would like to see added back for your organization.
Improved the Cyber Hero response configurations for ThreatLocker Detect to highlight required information that is missing when attempting to save
On the Storage Control page in the portal, swapped the icons used in the top right for Policies and Devices to properly reflect the purpose of the tab
In response to customer demand, we have removed the Domain Name Parsing by Process configuration pages from the portal and moved back to using the Option to EnableDomainNameParsing.
Updated all "Health Report" references in the portal to "Software Health Report"
Improved portal usability by adding links to hostname objects in the portal that open the respective endpoint's Edit Computer side pane without leaving the current page
Improved the error messaging on the Edit and Create Administrator side panes to better indicate which field(s) need review before allowing the window to be saved
Improved the application definition side pane to be more clear on adding rules and also a confirmation message when pressing 'Save' on rules not added yet
Improved the email response that is sent from Cyber Hero Management escalated approval requests to also include the requestor's email address in the body

Bug Fixes

Resolved an issue in which the policy hyperlink was missing from the Detect Alerts sidebar
Resolved an issue in which creating a new Application Control policy defaulted to the Entire Organization level being pre-selected
Resolved an issue that made the options and tray settings for computer group settings not visible on Portal Version 2.4
Resolved an issue that prevented shorthand IPv6 exclusions for Ringfencing™ policies to be added
Resolved an issue in which the Datto PSA and Halo integration sidebars were not populating any Organization names in the dropdown until the user began typing first
Resolved an issue in which starting a Disable ThreatLocker Detect maintenance mode was incorrectly disabling any previous maintenance modes
Resolved an issue in which users were unable to use a parent tag on a child policy with appropriate permission
Resolved an issue in which users in a parent organization were unable to start a Learning mode for a child computer and target an application
Resolved an issue in which setting MFA to None resulted in the last login date on the Administrator page being blank
Resolved an issue in which when promoting a policy from group level (on the Edit Application Sidebar), the selection defaults to Global instead of entire org
Resolved an issue in which Computer groups were not populating when trying to copy policies
Resolved an issue in which the API to invite admins was not checking for the correct permission
Resolved an issue in which adding IP addresses to Login Settings was incorrectly resulting in an error
Resolved an issue in which the Network Control main page was caching the list of policies from the previous load, regardless of the policy level selected
Resolved an issue in which scheduling a maintenance mode was incorrectly resulting in the ThreatLocker Version appearing as though it is attempting to update
Resolved an issue in which the home and end button on the keyboard stopped working in the Permit Application window
Resolved an issue in which child organizations were unable to apply a policy if that exact policy was being used on the parent organization
Resolved an issue in which creating policies back-to-back resulted in the 'Applies To' in the 2nd New Policy changing to Entire Organization regardless of what policy level was selected on the main grid
Resolved an issue in which ThreatLocker Detect Alerts within the Response Center was incorrectly displaying the page number on the main grid when moving to different pages
Resolved an issue where a 401 error was given when targeting a child organization machine for a maintenance mode, while managing the parent organization, and attempting to add a targeted application belonging to the child organization
Resolved an issue in which an internet exclusion for *.sysmonitor.us was unable to be removed once added on Instance F
Resolved an issue in which the Organizations page was taking users back to page 1 after closing a sidebar on any other page
Resolved an issue in which Ringfencing Exclusions was automatically selecting\ the top option
Resolved an issue that prevented administrators with roles containing super admin permissions from being added to the Cyber Hero Management, send escalation to configuration option
Resolved an issue that caused applications to be added into a policy configuration when clicking out of the selection, caused by not effectively clicking the application name itself. A forced selection of the application is now required for it to be added to the policy
Resolved an issue with searching for objects in the Network Control policies not working as expected
Resolved an issue that reported incorrect computer counts for applications when policies were applied at different levels that overlapped
Resolved an issue where System Audit logs did not show the proper username for changes done to the Mutual Action Plan
Resolved an issue where the Ready to Secure status was given to computers that have not yet completed their baseline despite meeting all the other criteria
Resolved an issue where a mismatch in the ThreatLocker agent version was not showing properly on the Computers page when the endpoint is not on the same version that is assigned to the Computer Group, and the version is set to inherit from the group settings
Resolved an issue with clearing filters in the Unified Audit not properly clearing the start/end dates and times
Resolved an issue in which certificates with invalid characters were being automatically added as rules in Approval Requests, resulting in a 417 error

Portal 2.4: 10/17/2024

New Features

Added the ability to select a user role and open the User Role sidebar to provide visibility of the individual permission applied to that role
Added the Approval Request API documentation to our published API documentation
Added support for inserting a hyperlink into the custom tray branding Request Window Appearance message, which will be supported in Windows Agent Version 9.5 and above
Added a new tab on the Computer sidebar to display all IP addresses ThreatLocker has observed the computer to be associated with
Added the ability to click and copy all object IDs displayed in the Portal
Added a new Incident Response framework within the Detect sidebar to help guide incident responses and to better collect data for future reporting. See the associated KB article here: ThreatLocker Detect Alert Sidebar - Response Details
Added filters for all the columns in both Elevation Control tabs and for a new column "organization" in the first tab
Added a new feature to set Path and/or Process conditions on Application Control Learning or Installation Maintenance Modes that will trigger the maintenance mode once those conditions have been met (i.e., Learning Mode will start for a specific process) which will be available in Windows Agent 9.5 or greater

Bug Fixes and Improvements

Resolved an issue in which Admins were unable to assign roles to another admin with the correct permissions applied
Resolved an issue in which the last selected Condition in an application definition was locked when the sidebar was closed without saving and then reopened
Resolved an issue in which a character limit was not enforced when entering Cyber Hero Management instructions, resulting in performance issues
Resolved an issue in which the Unreachable Policy popup was incorrectly being displayed when moving a policy, stating that the policy being moved would be blocked by the policy being moved
Resolved an issue in which the Add to Application textbox was being prefilled incorrectly
Resolved an issue in which Admins with the correct permission were unable to select Organization Options at the time of creating an Organization
Resolved an issue in which computers in grandchild organizations were unable to have their maintenance modes changed from the Computers page main grid
Removed Super Admin-Child and Super Admin-Parent from being able to be applied when creating a new User Role. Any existing User Roles with either of these permissions will not be impacted.
Resolved an issue in which the banner informing users they need to configure their runbook was incorrectly being displayed even after the runbook was configured
Resolved an issue in which inputting incorrect casing when specifying a drive letter in Storage Control policies was bypassing the warning message that indicates monitoring the specified path will cause performance issues (i.e., C:\*)
Resolved an issue in which trying to reload PSA contracts in Datto resulted in an error
Added paging to the Existing Policies tab on the Application sidebar to resolve an issue in which it would fail to load when there was a large number of policies
Resolved an issue in which scheduling back-to-back maintenance modes on a computer was resulting in an incorrect display of the start and end date/time
Resolved an issue in which the details of a previously opened application were being displayed when selecting to create a new application
Resolved an issue in which deleted computers were being displayed incorrectly in the System Audit using the Organization ID instead of the Computer ID
Resolved an issue in which the number of applications displayed was limited to 25 regardless of what was selected
Resolved an issue in which the dividers in the Applies To dropdown menu were missing throughout the portal
Resolved an issue in which an Okta integration was unable to be deleted by a Super Admin
Resolved an issue in which Datto PSA Integration was returning Error 400 'Get PSA Contracts Error: Resource Not Found'
Resolved an issue in which Detect policies were unable to use a mapped parent Datto integration to create a ticket as an action
Resolved an issue in which parent-level tags were not accessible from child policies even with the correct admin permission
Resolved an issue in which computers were incorrectly displaying Application Control Monitor Only instead of Application Control Learning Mode during the initial Learning duration
Resolved an issue in which parent admins were unable to change maintenance modes on child organizations with the correct permission
Resolved an issue in which Domain Name Parsing settings were defaulting to disabled from the Network Control module
Resolved an issue in which unsupported options were being displayed on the Computer Group sidebar for Windows XP groups
Resolved an issue in which spaces were incorrectly included in domain name parsing settings, causing the setting to not apply
Resolved an issue in which organizations were incorrectly created with unset ThreatLocker Access permissions instead of the default settings (Cyber Heroes -Read Only and Solutions Engineers - Full Access)
Resolved an issue in which accessing the VDI testing environment was incorrectly requiring the Manage Application Control Learning Mode permission
Resolved an issue in which Unified Audit Saved Searches were not correctly applying if other parameters were selected on the main grid
Resolved an issue in which an active Okta Integration was incorrectly continuing to sync permissions after the associated SAML integration was removed
Resolved an issue in which users were incorrectly required to log in to the portal twice before a successful session could be initiated
Resolved an issue in which IP address geolocation data was not being saved correctly unless country login restrictions were set
Resolved an issue in which a warning banner was incorrectly being displayed for organizations that had Detect Response Settings detailed at a 'Global' level, not the 'Entire Organization' level
Resolved an issue in which users with appropriate permission were unable to promote policies to the 'Global' level
Resolved an issue where computers placed in Lockdown were not properly showing in the Remediation Tab in the Response Center
Resolved an issue where options for organizations created through an API were not properly inheriting options applied on the parent organization
Resolved an issue when applying Azure User groups to an application policy where the groups would appear as a string of zeros to now properly display the group name

10/11/2024: 2.3.5

Bug Fixes

Changed logic for an upcoming feature "Triggered Maintenace Modes" to only be visible when the supporting Agent version is installed

10/3/2024: 2.3.4

Improvements

Updated configuration options on macOS computer groups and deny with option to request policies for tray branding and behavior

Bug Fixes

Resolved an issue where Chromium Extensions were not matching showing existing application matches properly
Resolved an issue with date and time reporting NaN if an organization's time zone was missing
Resolved an issue where applications could not be removed from a policy if more than one application is applied

9/26/2024: 2.3.3

Bug Fixes

Internal only improvements and fixes

9/26/2024: 2.3.2

Bug Fixes

Resolved an issue in which turning on MDR for a child organization from a parent organization was not correctly turning on MDR for the child

9/25/2024: 2.3.1

Bug Fixes

Resolved an issue in which deleting computers was resulting in duplicate popups

09/24/2024 : 2.3.0

New Features

Added a new button labeled 'Narrow Search' on an expanded Unified Audit entry. When selected, it will open a new tab in the Unified Audit filtered for the specific hostname and organization, with the date/time set to start 10 minutes before the file was observed and end 10 minutes after the file was observed to help with quicker investigation
Added a new login feature for Enhanced Token Theft protection. When enabled, Threatlocker will validate both the session token and the IP address, to help prevent a token theft attack. Please note, if this is enabled, and you change IP addresses while logged in, your session will expire and you will need to reauthenticate.
Added a hyperlink to the Computer Group sidebar from within the Computer sidebar
Switched the buttons on the Administrators page to put Invite Administrator on the main grid and New Administrator in the hamburger menu
Added hyperlinks to Organization names displayed throughout the portal to open the Organization sidebar. Added a button on the Organization sidebar to 'Manage' the organization
Made the tags area in Ringfencing searchable
Added the ability to open the Role sidebar from the Administrators sidebar for better visibility of permissions included in a role
Added a scroll bar in the Action Log window within Detect
Moved the Options settings in the Organization sidebar to their own tab
Added caching of Timeout Settings on the login page so users don't need to reselect it at every login
Added additional information when user selects group learning to inform that it can lead to duplicate policies and could impact performance
Added better messaging to the Response Settings sidebar to make it more user-friendly
Made improvements to the Add Application sidebar to default to the same OS selection as the main grid
Made improvements to the Unreachable Policy popup to now hyperlink to the blocking policies and include the Applies To of the blocking policies
Added a filter on the Check-In tab to hide heartbeat check-ins
Added new filters on the Application Control Policies page to filter by policies with Ringfencing, policies with Elevation, and policies that just permit
Added a new field on Help Desk tickets, under the ticket history, for Approving Manager
Added further validation to ensure users have access to data returned in reports

Bug Fixes

Minor UI fixes on the Community page
Resolved an issue in which clicking View Ticket History in the Helpdesk was also loading Comment History
Resolved an issue in which Network Control and Storage Control policies were not being updated when a computer was moved
Resolved an issue in which exporting macOS policies was resulting in an empty spreadsheet
Resolved an issue in which the Billing Contracts dropdown was not displaying the first admin that started the ThreatLocker trial
Resolved an issue in which a first-time login was incorrectly causing an error
Resolved an issue in which computers could be secured via an Approval Request without first acknowledging applicable notes
Resolved an issue in which Existing Policies counts were not accounting for different OS types
Resolved an issue in which the System Audit was not displaying the names of modules that were enabled or disabled
Resolved an issue with consistency in the UI with the Lockdown button in the Remediation tab
Resolved an issue in which applications that were matching only based on a certificate mismatch were being returned in the Approval Request 'Matching Applications' dropdown
Resolved an issue in which duplicate results were incorrectly being returned when searching the Application page
Resolved an issue in which a SQL error was causing User auth tokens to expire
Resolved an issue in which the System Audit was not logging failed chat attempts
Resolved an issue in which the Datto Integration was not displaying the full list of sites in Datto
Resolved an issue in which the Enable Domain Name Parsing sidebar, when reached via the Network Control module required a process path to be entered before being able to enable it
Resolved an issue in which a message that "All Applications is not a recommended setting" was being displayed on Default Deny policies
Resolved an issue in which macOS applications were not displaying any Access icons
Resolved an issue in which macOS Chrome extensions were not showing a link to View in the Chrome Store
Resolved an issue in which the 'Details' section was not being displayed when first opening Endpoint Response settings
Resolved an issue in which a computer couldn't be screen-locked more than one time without displaying an error
Resolved an issue in which ticket emails were incorrectly pointing to the beta portal
Resolved an issue in which Unused Policies were not able to be deleted from within the Health Center
Resolved an issue in which the Super Admin role was not in parity with the Super Admin permission
Resolved an issue in which Detect alerts were able to be cleared without acknowledging applicable custom notes
Resolved an issue in which the System Audit did not permit searching a start date before the current EST time
Resolved an issue in which moving from page to page within the Unified Audit was opening subsequent pages to the same scroll area as the previous page (i.e., the bottom of the screen if the previous screen had been scrolled to the bottom)
Resolved an issue in which Manage Detect Threats permission was not permitting access to the Response Center Alerts tab, or the ability to place computers in to Isolate or Lockdown
Resolved an issue in which the Ready to Secure filter was not correctly filtering the Computers page
Resolved an issue in which the System Audit was not displaying what user roles or permissions were being added or removed from administrators
Resolved an issue in which changing a storage policy from Permit to Deny was incorrectly displaying a change in the policy condition
Resolved an issue in which Manage Detect Threats permission was not permitting access to the Response Center Alerts tab, or the ability to place computers in to Isolate or Lockdown
Resolved an issue in which Creating or Editing an Application Policy was incorrectly displaying errors despite having adequate user permission
Resolved an issue in which time was incorrectly displayed when set to UTC+9:30 Adelaide
Resolved an issue in which policies for hidden applications were unable to be copied or promoted
Resolved an issue in which Tamper Protection Disabled was selected by default when enabling bulk maintenance
Resolved an issue in which non-US based phone numbers were not being supported in the Email/SMS Admin on Request textbox on Deny policies
Resolved an issue in which users were forced to log in twice
Resolved an issue in which the TL Version hitbox had too small an area to be useable on the Computers page
Resolved an issue in which Scheduling policies were incorrectly defaulting to Monday instead of the current day
Resolved an issue in which setting a deny storage control policy with the option to request was not saving unless something was inserted in the email and message input boxes
Resolved an issue in which the Update Channel was incorrectly displayed in the portal on the Computers page. Update Channels are only configurable for Computer Groups, not individual computers
Resolved an issue in which scheduling maintenance modes were not resetting to default when scheduling 2 maintenance modes back to back

09/19/2024: 2.2.4

Bug Fixes

Resolved an issue in which files that matched by SHA256 were not showing as matching in the Approval Request dropdown
Resolved an issue in which parent applications were able to be learned into from a child or grandchild organization
Resolved an issue in which Detect policies could be created without having an 'Applies To' selected

09/18/2024: 2.2.3

Bug Fixes

Resolved an issue in which the Remediator was not starting once MFA was completed successfully
Resolved an issue in which the Allow Remediator permission was unable to be applied by a Super Admin

09/12/2024: 2.2.1

Bug Fixes

Resolved an issue where a helpdesk ticket from one organization was mistakenly saved under another organization's helpdesk when helpdesk staff closed the ticket from the first organization and then quickly opened a ticket for the second organization before the closing popup window was fully closed.
Resolved an issue in which users with Super Admin - Parent Only were able to assign themselves Super Admin or Super Admin - Child
Added additional permission validation to the UserUpdateAdministrator API
Resolved an issue in which Elevation Approval Requests were failing to get application matches due to a process path not being present in the action log
Resolved an issue in which MDR Alerts were not being populated in chronological order
Resolved an issue in which simplified IPv6 addresses were not being accepted into Ringfencing exclusions

09/10/2024: 2.2.0

New Features

Added the ability to search in the Assignment Group, Business Service, and Tags dropdowns on the ServiceNow integration Ticket Settings tab
Added better validation when entering new tag items
Added the ability to schedule and expire Cloud Detect policies
Added the ability to copy existing policies to child groups and child computers from the 'Copy Existing Policies' button, for all supported OS types
Added a %Policy Name% variable to be used in Detect emails to display the name of the policy that triggered the email
Added a button to create an Application Control Policy from the Application sidebar
Added a warning to the Deliver Optimization Service Configuration Manager policy that it may block updates from Windows
Added the ability to open Domain Name Parsing Settings from the Application Control module
Added display of the Organization name to the Computer sidebar
Added the ability to Clear Detect Alerts on a machine that is in Disable ThreatLocker Detect mode
Added the option to Include Child Organizations on the Detect page
Added display of Organization names on each alert on the ThreatLocker Detect Alert Center
Added the ability to search, filter and sort alerts in the ThreatLocker Detect Alerts sidebar
Added visibility of both Policy Action and Effective Action in Detect Alerts

Improvements

Made minor UI improvements on the Computers page
Made improvements to the formatting of the warning displayed when a profile picture was the incorrect size
Made improvements to the way ThreatLocker Version is displayed in the portal
Made UI improvements to the Check-In tab

Bug Fixes

Resolved an issue in which the Applies To was being set to unselected in the Application Control Policies sidebar
Resolved an issue in which connecting to the portal via a VPN was incorrectly forcing a logout even when the VPN's IP address is from a permitted location
Resolved an issue in which deleting Windows XP applications with policies was deleting the application and leaving the policy behind
Resolved an issue in which expanding a tile in the Health Center and attempting to press on any of the policies was resulting in an Undefined Error
Resolved an issue in which a ticket that was marked as "Confirmed Resolved by Customer" got automatically unassigned from the support agent and ownership has to be retaken
Resolved an issue in which the Manage Local Admin Settings permission was failing to provide users with access to the Elevation Control module
Resolved an issue in which a user was incorrectly logged out of the portal immediately after successfully logging in
Resolved an issue in which using the Search Function at same time of Sort Action on the Computers page was causing a 500 Error instead of "No Computer Found"
Resolved an issue in which filenames with whitespaces were not being accurately displayed in the Unified Audit
Resolved an issue in which ConnectWise RMM was not being displayed as a deployment method
Resolved an issue in which HelpDesk ticket information was failing to save if the text formatting was changed
Resolved an issue in which the Manager dropdown on the Administrator page was displaying API users
Resolved an issue in which Network Control Policies were displaying the Organization ID instead of the Organization name when viewing an existing policy
Resolved an issue in which using quotation marks in the search bar for keywords in the Unified Audit was not returning matching results
Resolved an issue in which creating a new Application Policy was not returning the correct OS type applications
Resolved an issue in which Network Control policies were displaying the Applies to Entire Org in the sidebar even when the policy did not apply to the Entire Org
Resolved an issue in which deleting an Okta integration was displaying an error referencing Datto
Resolved an issue in which matching parent-level applications were not available to child organizations unless the admin had super admin permissions
Resolved an issue in which organizations with an active DUO integration were unable to invite an administrator without MFA restrictions
Resolved an issue in which defaulted values in the dropdowns on the System Audit could not be cleared
Resolved an issue in which a user with Super Admin permissions was unable to approve applications for child organizations
Resolved an issue in which scheduling a Disable ThreatLocker Detect maintenance mode caused a blank maintenance mode to be displayed on the maintenance mode dropdown
Resolved an issue in which the Detect Runbook appeared empty initially when first loading from Beta
Resolved an issue in which Configuration Manager policies that were left using the default Applies To were incorrectly saving with a blank Applies To
Resolved an issue in which the option to apply policies to Users and Groups was incorrectly displaying for macOS policies
Resolved an issue in which the banner stating machines are not above 8.7.1 is present even when all machines are above 9.0
Resolved an issue in which Approval Requests being escalated back to the customer were failing when Use Parent Settings was selected in the Cyber Hero Instructions
Resolved an issue in which the Billing tab was incorrectly displayed to organizations that are not responsible for billing
Resolved an issue in which merging a ticket with an ampersand was changing the ampersand to "&amp"
Resolved an issue in which users with the Super Admin-Parent Only permission were incorrectly able to use the Include Child Organization Computer Groups checkbox

09/04/2024: 2.0.3.242

Bugs and Fixes

Resolved an issue where deleted applications would display as a matching application

8/30/2024: 2.0.2

Improvements

Made improvements to the loading of Matching Applications in Approval Requests

Bugs and Fixes

Resolved an issue in which the 'Edit Computer' permission was required in addition to an Approval permission
Resolved an issue in which Maintenance Mode permissions were not automatically including the corresponding Approval permission
Resolved an issue in which an 'undefined warning' was incorrectly received when attempting to permit an application via the Unified Audit
Resolved an issue in which Cloud Detect logs were not correctly being imported in a multitenant environment

08/23/2024: 2.0.1.234

New Features

Introducing the ThreatLocker Mutual Action Plan
- A new Project Management tool for Clients and their ThreatLocker teams to increase cross-team collaboration and communication, and improve productivity and resource management. The Mutual Action Plan page will only be visible once a plan has been created for you by your ThreatLocker Team.
- Read our KB here: Mutual Action Plan | ThreatLocker Help Center (kb.help)
Introducing an enhancement for Storage Control: The SharePoint Connector
- With this new connector, ingest your SharePoint and OneDrive logs and get visibility of your end user's behaviors in the Unified Audit.
- Read our KB here: SharePoint Connector for Storage Control | ThreatLocker Help Center (kb.help)
Introducing Self-Approvals
- A new option is available on any Deny Application Policy to allow end-users to self-approve their own blocked software.
- To read about how this new feature empowers select end-users while keeping their environments safe, read our KB here: Allowing End User to Self-Approve Applications | ThreatLocker Help Center (kb.help)
- Added logging in the Unified Audit from Self-Approved applications.
- Added the ability to view and edit the temporary application created when using the Self-Approval feature.
Introducing API Users
- Now, starting with the Administrators page, administrators can create a unique API administrator in the portal and assign specific roles to that API administrator.
- A unique API key will be generated which will allow the API User to interact with our portal.
- Swagger documentation is available for our published APIs and will allow external interactions with our portal.
- Read our KB here: API Users | ThreatLocker Help Center (kb.help)
Multiple new permissions are available related to segmenting different Learning Modes into different modules, like Application Control Learning Mode. Also added multiple new permissions related to segmenting different Learning Modes for single computers, like Approve for Single Computer (Application Only)
- For more information on ThreatLocker User Permissions, check out our KB here: User Permissions
Detect Exclusions now include an 'Applies To' dropdown, allowing clients to create exclusions for single endpoints, groups, or entire organizations
Approval Requests will now include information from our extensive product research. Information may be Risk & Business Ratings, Countries Where Code is Compiled, Known Levels of Access, Mitigation Strategies, and more. This information is provided to enhance an administrator's ability to research applications quickly and efficiently.
Added portal-side support to permit approval request emails to route to the ThreatLocker Mobile app when opened on a mobile device with the app installed
When using the ThreatLocker Remediator, MFA is now required and actioned via the ThreatLocker Mobile App.
- Learn more about the ThreatLocker Remediator here: The Remediator
Windows machines will have an Upload option on the Unified Audit sidebar for executable file logs. This will allow administrators to investigate files that the end user did not include on an approval request.

Improvements

Improved portal performance causing excessive memory usage in all instances where the 'Applies To' dropdown is used
Improvements to the HaloPSA Integration to now include Company Mapping and Ticket Settings
Made a logic change so that only the computer or computers with custom notes have their quick action dropdown menus on the Computers page disabled
Improved the Health Report to include browser extensions in the Areas Recommended for Review section
Added support for multitenancy in the Azure Integration
Added a checkbox on Tray Branding to make it easier for clients to mark fields as mandatory
In Approval Requests, if the policy that matches is at the parent level, administrators will get the message "A policy already exists for this application. There is no need to create a new one"
Made improvements to the Custom Notes feature to show on sidebars
Added a new Type to the ServiceNow Integration called "Service Request" that will map to the Service Request table in ServiceNow
The Logout timer on the Login screen now has a 15 minute option
Improved the Datto Integration by integrating with Datto Autotask PSA
Improved the System Audit to include the names of Modules that are being enabled or disabled by an administrator
Improved the notes section in applications for individual files to include the updated names of maintenance modes
Added a warning message to the 'Move Computer' popup to inform users that custom apps not permitted at the new level will not be moved with the computer, and that Lockdown or Isolation mode will be removed, and all Detect alerts will be cleared
Improved the dialog presented in the warning message in the 'Move Computer' popup box that informs administrators of security impacts to consider when the computer is moved to a new group or organization
A new field is available on Help Desk tickets, under the ticket history, for Approving Manager
Improved portal performance causing excessive memory usage in all instances of when the 'Applies To' dropdown is used
Improved portal performance of the Unified Audit when using the Permit Application page from an audit log
Improved logging in the Unified Audit from Self-Approved applications
Added the ability to view and edit the temporary application created when using the Self-Approval feature

Bugs and Fixes

Resolved an issue with ThreatLocker Detect, where a default expiration time is added, even when clearing the expiration manually
Resolved an issue with the ServiceNow Integration where escalation notes from Cyber Heros were not included in the ServiceNow ticket
Resolved an issue in which Detect Alerts could be hidden by the pagination bar if the window was not fully expanded
Resolved an issue where line breaks in the customer guidelines for Cyber Hero Management settings were not displaying correctly on the approval request
Resolved an issue in which the System Audit was not logging failed chat attempts
Resolved an issue in which searching the Community for any policy and selecting an Item Type resulted in an error
Resolved an issue in which the Unified Audit > Permit Application > Copy Link button was failing to generate a working link
Resolved an issue in which closing an Application Control Policy sidebar from the secondary tab was resulting in UI issues the next time the sidebar was opened
Resolved an issue in which a maintenance mode could be changed without acknowledging an associated note
Resolved a UI glitch on the Computers page in which the OS and Computer Group were disappearing from the display after setting a maintenance mode from the quick dropdown menu
Resolved an issue in which <Automatic> was incorrectly being displayed as an option for Installation Mode on approval requests
Resolved an issue in which a Certificate:[Object Set] rule was able to be saved from the Permit Application page
Resolved an issue in which the “Make Including a Message Mandatory” checkbox in the Tray Notification settings did not save if the user did not input text in the “Message” Box
Resolved an issue in which the 'Suggested Ringfencing' option was displaying incorrectly on macOS Approval Requests for policies that do not include 'Suggested Ringfencing'
Resolved an issue in which the portal was showing the ability to customize the Tray from the default-deny policy on macOS workstations although it is not yet supported by the macOS agent
Resolved an issue with Tray settings for Mac computers where they would not update on 'Save'
Resolved an issue in which removing conditions in a Detect policy also removed Occurrences
Resolved an issue in which Administrator names were incorrectly displaying with ??? instead of Arabic characters
Resolved an issue in which IPv6 addresses were not correctly importing into Tags from the Unified Audit "Add to Tag" feature
Resolved an issue in which Approvals that were escalated from the Cyber Heroes, and then actioned by selecting 'Authorize Cyber Heroes to Permit' link, were resulting in a 500 error if there was no text in the Additional Details field
Resolved an issue in which the progress checkpoints box on the Computers page was failing to populate if a second computer was selected without closing the first progress checkpoint box
Resolved an issue in which Detect exclusion options that were over the supported character limit were still displaying as options in the exclusions dropdown, and erroring when attempting to add them
Resolved an issue with saving companies mapped in the Halo PSA integration
Resolved an issue in which 'promoting policy' from one group to another group resulted in the policy being duplicated and the original policy remaining, and when promoting the policy from a group to the entire org level, all policies were compiled into the entire org policy
Resolved an issue in which policies were unable to be promoted from Entire Org to Global
Resolved an issue in which promoting policies from machine level macOS to group macOS level was creating a duplicate application instead of moving the policy
Resolved an issue in which Local Admins that were deleted from the local computer were reappearing in the Elevation Control > Remove Selected page because the computer they were deleted from is offline
Resolved an issue in which exporting from the Computers page was only returning a single page of data and not all pages
Resolved an issue in which using the New Administrator Button caused a bad admin/user error when the contact already exists
Resolved an issue in which Organization settings were incorrectly displaying "Prevent users of this organization receiving emails from ThreatLocker" on parent level organizations
Resolved an issue that would not force a full check-in on the endpoint for when a notification was sent through MDR
Resolved an issue in which the Co-Managed Direct Support product was incorrectly required to permit users to contact the Cyber Heroes for non MSP customers
Resolved an issue in which the Inherit from Group option was being duplicated in the Computers page > Update Version popup window
Resolved an issue in which users were unable to view child Storage/Network Policies from the Unified Audit when viewing a child log from the parent org
Resolved an issue in which clicking between the Lockdown and Isolate buttons from the ThreatLocker Detect tab of the Computer sidebar was not displaying the notes window
Resolved an issue in which the Full Path was not correctly displaying in Approval Requests when that path included square brackets
Resolved an issue in which the Application Control Search by Filter was not returning Open Source applications
Resolved an issue with the Network Tab on Endpoint Detect where more than 100 results would populate on the initial display of logs
Resolved an issue in which the banner informing users that MDR requires version 9.0 when all of the organization's computers were already updated to the supported version
Resolved an issue in which the Configuration Manager policy "Audit incoming NTLM traffic (Restrict NTLM)" was not saving
Resolved an issue with the Cyber Hero Managed Detection and Response banner which stayed even after administrators had configured their playbook
Resolved an issue with the 'Applies to' count when approving an application at the Global level
Resolved an issue with pagination on the Unified Audit which showed inconsistent results
Resolved an issue where some System Audit logs did not show the options added/removed to Org/Group/Computer
Resolved an issue where computers with Tamper Protection Disabled and also in Learning Mode would not populate in the portal based on certain filter combinations
Resolved an issue with Tags where improperly formatted IPV6 tags could be entered and saved
Resolved an issue that caused an error message for organizations that have over 2100 computers and were using the filter for Computers Installed over 4 or 7 Days
Resolved an issue where time was displayed inconsistently based on browser settings or the Organization's timezone settings
Resolved an issue with how the Schedule Policy option displayed scheduled times for policies to run in the future
Resolved an issue with consistency in the UI with the Lockdown button in the Remediation tab
Resolved an issue with ticket creation and the ConnectWise integration that involved being on the correct CodeBase version
Resolved an issue where a scheduled report would not populate as expected
Resolved an issue that allowed administrators to copy Storage Control policies into a Global computer group
Resolved an issue with deleting an application without an existing application control policy will show a warning message as if a policy still exists
Resolved the sorting filters on the Elevation Control page not working as expected
Resolved an issue with existing Configuration Manager policies not being able to change the Applies To configuration
Resolved an issue where, when an application was denied by hash, the hash would not be visible in the Permit Application function
Resolved an issue with missing whitespace in filenames within the portal, causing file exceptions to not match as intended
Resolved an issue in which we were incorrectly checking for cyber hero management instructions when opening the organization sidebar for organizations without cyber hero management
Resolved an issue in which the Mutual Action Plan page was unable to support non US-based phone numbers
Resolved an issue in which users with Super Admin Child permission were unable to set maintenance modes or chat with support
Resolved an issue in which users were unable to clear multiple Cloud Detect alerts
Resolved an issue in which the ThreatLocker Team section of the Mutual Action Plan was not loading
Resolved an issue in which the Applies To section of an Approval Request was incorrectly defaulting to "Entire Organization"
Resolved an issue in which Organizations with Read-Only Access was showing an error when attempting to expand a Unified Audit entry
Resolved an issue in which uploading a profile picture was incorrectly requiring the Edit Admin permission
Improved the Domain Name Parsing Settings to include processes monitored by default. These will not be editable.
Resolved an issue in which users were unable to use the 'Select All' button in the Suggested Policies window
Resolved an issue where the 'Applies To' configuration of Storage related approval requests was not properly defaulting to 'This Computer'
Resolved an issue that prevented administrators of a parent organization from opening a Cyber Hero chat while managing a child organization
Resolved an issue where copying policies using inactive or hidden applications would not copy the application properly to the newly created policy

07/16/2024: 2.0.0

New Feature: Cloud Detect

ThreatLocker Cloud Detect will identify unexpected and unwanted behavior in your Microsoft 365 cloud environment, which could indicate a potential cyber incident.

ThreatLocker Cloud Detect policies will use Microsoft 365 Logs and Detect policies to communicate with ThreatLocker administrators about any potential indicators of compromise discovered. Policies can be customized using any fields from the Microsoft 365 API (requires a Microsoft Entra P2 license) or Microsoft Graph API (included with a Microsoft Entra P1 license) logs to meet your specific requirements. Using a Microsoft Entra P2 license with Cloud Detect, policies can be created to alert and respond to:

Users with leaked credentials
Sign-ins from anonymous IP addresses
Impossible Travel to atypical locations
Sign-ins from infected devices

The Cloud Detect module is automatically included with ThreatLocker Detect but requires an active Office 365 Connector.

Quickly adopt and share ThreatLocker Cloud Detect policies via the ThreatLocker Community.

Add temporary or permanent policy exclusions to Cloud Detect policies per user account or for the entire organization.

Lock out user accounts in response to activities observed in that account, and unlock the account again in the Remediation tab of the Response Center once the activities have been verified.

Cloud Detect Policies are included in Cyber Hero MDR. Cloud Detect requires a separate playbook. For more information on configuring a Cloud Detect playbook, please see the associated article: Cyber Hero Managed Detection and Response or reach out to a member of the Cyber Hero Team.

Improvements

Improved the Health Report to include research data found for Mac OS based applications
Improved the Health Report to include browser extensions that have research data.

Bug Fixes

Resolved an issue with the Health Report formatting incorrectly on preview by only including an export option in the portal

07/08/2024: 1.8.6

New Features

Added the ability for administrators to deploy policies for a single endpoint, rather than for the whole organization. This can be done from the Computers Page> Edit Computer side pane.
Added a Monitor Only mode for Storage Control
Added a Monitor Only mode for Network Control
Added ThreatLocker Unified as an item in the modules dropdown on the Organizations page.

Improvements

Improved the Configuration Manager policy for Scheduling Secure Free Space Delete to allow users to select the day of the week (on weekly) or day of the month (on monthly) on frequency settings, and added a Task Run Time setting.
Minor UI improvements in the Partner Resources page.
Minor UI improvements to Configuration Manager Set Administrator Account Password policy.

Bugs and Fixes

Resolved an issue where the character '&' would cause HelpDesk tickets to change to saying '&amp' instead.
Resolved an issue that would cause duplicate HelpDesk tickets to be created if the 'Chat Now' button was pressed more than once before the chat starts.
Resolved an issue preventing administrators from managing tags due to permissions.
Resolved an issue that would prevent child organizations from adding administrators due to a trial-based error, despite not being on a trial.
Resolved an issue where a 500 error was presented on using the Upload and Delete File feature for files not containing a certificate.
Resolved an issue in which parent applications were not selectable when adding to an application from the Unified Audit of a child organization with the appropriate user permissions to access parent applications.
Resolved an issue that would allow administrators to add Elevation to an Application Control policy and save it despite Elevation not being enabled for the organization. Also improved the display of policies using Elevation when Elevation is not enabled, presenting a 'gray' icon in the policies action column.
Resolved an issue in which users were able to create 'ANY' conditions using Does Not Contain or Does Not Match which resulted in excessive policy matching and alerting.
Resolved an issue where suggested custom rules for adding to an application on the Permit Application page were showing path only rules.
Resolved an issue in which the Windows Defender Virus and Protection Settings policy became inaccessible after the character limit for exclusions was exceeded.
Resolved an issue in which Super Admin parent users were unable to use parent organization applications with child policies.
Resolved an issue in which copying Network Control policies was failing and returning a 401 error.
Resolved an issue in which large Health Reports were not displaying correctly.
Resolved an issue when adding multiple items in the Unified Audit to a tag would add the IPv4 but not add domains as a text entry.
Resolved an issue with the Remove Unused Applications feature where applications that had a recently deleted policy would not be removed.
Resolved an issue with viewing TLAPS passwords on the Computers Page not working when viewing more than one TLAPS password without refreshing.
Resolved an issue in which logs that included square bracketed parameters were not showing as matching an application.
Resolved an issue in which tickets were not being correctly assigned to the technician participating in the live chat session.
Resolved an issue in which user permissions were not being synchronized correctly.
Resolved an issue in which not all groups were being displayed in the OKTA integrations group dropdown.
Resolved an issue in which browser extensions were having incorrect research information applied to them.
Resolved an issue in which duplicate applications were being displayed in the Health Report.
Resolved an issue in which parent organizations were unable to view child organization Windows computer groups using the Windows filter.
Resolved an issue when adding a network exclusion to a Ringfenced policy from the Unified Audit would not auto populate the correct value type with the correct data. Also resolved for adding to a tag.
Resolved an issue in which the Request Monitor Button was not visible on some Child Organizations' Detect Policies.
Resolved an issue when new organizations are created, and those organizations are not inheriting template policies, settings, and options from the template organization.
Resolved an issue with HelpDesk tickets that caused push notifications through the mobile device when commenting on the author's own ticket as an update.
Resolved an issue in which parent level user roles were incorrectly being inherited by child organizations.
Resolved an issue in which the Super Admin Logged-in Only permission was permitting the user to edit child organization computers.
Resolved an issue in which the portal login time limit could be manipulated using DevTools.

07/2/2024: 1.8.5.192

Improvements

Improvements to the Mac Baseline and Learning Processes related to linking learned items to individual endpoints
Improved the process to how Detect Alerts populate on the ThreatLocker screen when MDR is enabled
Added a new Save button in Application > Application Files sidebar to let users choose when to commit changes to rules
Added a calendar to the Schedule Secure Free Space Delete policy in Configuration Manager to set the task run time
Added a scrollbar on the Heatlh Center page
Added a character limit to the custom notes input box
Added additional logging in the System Audit from the Billing page
Made improvements to the Elevation Control > Remove All Except Excluded Local Administrators Enable/Disable button to make it easier to tell if the product is enabled or disabled
Added display of the OS type icon in all "Applies To" dropdowns so users can better distinguish between different OS types, making it easier to be sure the correct selection is being made
Added additional validation in the Response Center to prevent the use of special characters \ % _ [ ] when making custom rules with the certificate parameter
Improved the error message that results from attempting to merge applications with the same name
Added validation to ensure emails sent from the CRM are send by the logged in user to prevent email spoofing
Added validation to prevent the ability to save empty exclusions for Microsoft Defender in the Configuration Manager policy, "Defender Virus & Threat Protection Management Configuration"
Added the ability to edit/update Linux policies - Alpha Only
Integrations - add ability to edit credentials
Added the ability for grandchild orgs to use the Parent Level Settings sidebar
Added Global and Global groups to the Applies To level in Configuration Manager
Policy statuses have been added to Mac applications
Added a checkbox on the Request Window Appearance sidebar to easily mark fields as mandatory for end users to include when sending an Approval Request
Made improvements to Detect policies 'Occurrence Frequency' to be more logical and user friendly
Made improvments to the Applications page and Health Report. Now, flags will be from where code is compiled for these applications
Added support for Text in Network Control Destinations so users can specify domain names
Added a feature to turn the Deploy Policies button red if changes are made on the Elevation Control > Remove Selected or Remove All Except tabs
Improved the logic for the Learning Mode Progress bar on the computers page to also consider machines with an indefinite learning mode maintenance period and display properly
Improved the logic that shows a machine as being in 'indefinite' learning mode duration to only check the current date and time against the end date and time of the mode to determine if it is 'indefinite'
Improved branding options in the portal that allows Tray Branding messages or email address fields to be made mandatory with the use of a checkbox
Added API support for Mac OS with the use of global groups

Bugs and Fixes

Resolved an issue where a scheduled report would not populate as expected
Resolved an issue in which users were unable to start a chat session if not logged in
Resolved an issue in which an admin account that was created automatically when a trial was started was unable to receive a password reset
Resolved an issue in which the Configuration Manager policy Audit Incoming NTLM Traffic was not saving
Resolved an issue with the Halo Integration where Organizations were not showing in Customer Mapping
Resolved an issue in which Lockdown and Isolate were not starting/stopping as scheduled due to end user computer time setting changes
Resolved an issue in which icons were failing to load in the Upgrade ThreatLocker version dropdown
Resolved an issue in which attempting to search the Unified Audit using both the main search grid and the Advanced Search was incorrectly permitting the selection of multiple "Actions" which resulted in unexpected search results
Resolved an issue some clients experienced in which attempting to sign in with SSO was unnecessarily including the response URL being passed in the request, which resulted in a query string longer than could be handled by Microsoft 365
Resolved an issue in which admins were unable to add to application when the Edit Application Control Applications permission was applied
Resolved an issue in which System Applications were incorrectly being shown as temporary when they were not
Resolved an issue in which 'Show All Policies' checkbox was not displaying Global policies
Resolved an issue in which Instance A was being called upon every time users logged in
Resolved an issue in which users were unable to select OS types other than Windows when creating new Application Control policies
Resolved alignment issues with headers in the CSV export of the Unified Audit
Resolved an issue in which the number of affected groups and computers was displaying incorrectly on Approval Requests
Resolved an issue in which users with Co-Managed Direct Support were unable to access the Help Desk
Resolved System Audit logs showing the incorrect hour for policy expiration times
Resolved an issue in which the 'Edit Application' button on any report was incorrectly directing the user to a legacy window
Resolved an issue in which the Products dropdown was extending below the bottom of the page
Resolved an issue in which MacOS applications were not being displayed as Ringfenced in the Existing Policies tab
Resolved an issue where temple User Roles were not being created on new parent organizations properly

05/29/2024: 1.8.4.165

New Features

Added a new permission "View Computers" that will provide view-only access to the Computers page
Added a new permission "Install Computers" that will provide access to the Install Computers button and view-only access to the Computers page

Improvements

Minor UI improvements to make 'Disabled' buttons more apparent

Bugs and Fixes

Resolved an issue where LiveChat would not start if the user was not logged in to the portal
Resolved an issue in which DUO MFA was being bypassed, permitting users to log into the portal without MFA
Resolved an issue in which the CSV export from the System Audit page was displaying information under incorrect column headers
Resolved an issue in which the view password icon was covering part of the password field in the Administrator sidebar
Resolved an issue in which a Trial Banner was appearing for customers who were not on trial
Resolved an issue in which changing the status in the helpdesk dropdown did not refresh the page
Resolved an issue in which a CSV export of Detect results was incorrectly formatted if a certificate was present
Resolved an issue in which copying policies from one location to another was incorrectly displaying a warning message

05/28/2024: 1.8.3

New Features

Added a button to enable/disable Elevation Control > Remove All Except product
Added the ability to view/edit Domain Name Parsing Settings in the hamburger menu on the Network Control page
Added the ability to view baseline logs from the Detect sidebar 'Anytime' instead of capping the time limit
Added a 'Beta' label to the portal version number if it is a Beta version

Improvements

Changed the display name of the ThreatLocker Ops permissions to say ThreatLocker Detect Permissions
Added more validation to the Domain Name Parsing Settings sidebar to prevent entering duplicate entries
Added clearing of active alerts when a computer is put into Disable Detect Alerts maintenance mode

Bug and Fixes

Resolved an issue in which newly created Application Control policies were not being assigned the correct order number
Resolved an issue in which the Domain Name Parsing scroll list was running into the header
Resolved an issue in which users were incorrectly receiving an error when attempting to remove a Local Admin
Resolved an issue in which network Ringfencing exclusions were being copied incorrectly as 'text' when being added from the Unified Audit
Resolved an issue in which exporting results from the Computers page was not displaying the correct information
Resolved an issue in which applications with the incorrect OS type were being displayed when enabling maintenance mode
Resolved an issue in which a Logon message set within Configuration Manager was incorrectly displaying the body of the message in the title field
Resolved an issue in which the Configuration Manager policy for Set Administrator Account Password was not correctly displaying missing complexity requirements when editing an existing policy
Resolved an issue in which scheduling maintenance appeared to not be applying when performed through the sidebar instead of the quick dropdown
Resolved an issue in which SMS MFA was not being honored
Resolved an issue in which Configuration Manager policies were able to be saved with null attributes instead of resulting in an error
Resolved an issue in which the pagination footer was being cut off on the Reports page
Resolved an issue in which the Health Center Remove Management widget was loading very slowly
Added support for Unicode and non-Unicode characters in the Hostname field on the Computers page and the Unified Audit page
Resolved an issue in which OTC could not be turned off by an administrator
Resolved an issue in which sortingcomputers by last check-in was resulting in a timeout

05/21/2024: 1.8.2.159

New Features

We have added the ability to set custom messages per Organization, Computer, or Computer Group that will be displayed according to the settings applied to the custom message
We have added a toggle on the Elevation Control > Remove All Except Excluded Local Administrators tab to enable/disable the product. Please note that once a user selects the Disabled button, it will become an Enabled button, and a configuration will be set at the Organization level with no Exclusions. If left unedited, once Deploy Policies is selected, all users will be removed from the Local Administrators groups in the entire organization, except for the default Administrator accounts. If Exclusions are desired, please set all Exclusions before clicking the Deploy Policies button
We have added the ability to specify a Manager for Administrators on the Administrators page
We have added the ability for customers to save Remediation scripts in their private Community page as "Remediation Policies." Remediation Policies can be run directly from the Community page by selecting the target endpoint. Please Note: This requires ThreatLocker Detect to be enabled and the Remediation Service to be installed on the target endpoint

Improvements

Added policy support for the upcoming release of Windows XP agent
Added a hyperlink to application names displayed in the Unified Audit sidebar as long as they are not a built-in
Added messaging to inform users that rescan baseline does not create new application definitions or policies
Updated warning banner on new Configuration Manager policies to reflect the proper ThreatLocker version 9.0
Added a message to indicate when Cyber Hero Management has not been configured
Creating child organizations will now inherit options enabled by the parent organization
Made improvements to the display of the Health Report
Improved the copy policies function to properly reflect OS types associated with the destination
Added messaging to show users if they are creating a policy that would be irrelevant due to higher-ranked policies taking precedence
Added Group name to the text displayed when creating custom rules to inform the user which computers/groups will be impacted by changes
Added the ability for users to enter/update their own billing and mailing addresses in the Billing Page
Moved Health Report processing to occur overnight so daily there will be a fresh Health Report ready to download at the click of a button instead of requiring the user to wait while the report processes
Added a Condition in ThreatLocker Detect for Policy Name
In the Application Approvals sidebar, we have added more information around "How many computers will this affect" to now include the computer group name the computer is associated with

Bugs and Fixes

Resolved an issue with CHMDR playbook instructions set on a global level not showing in alerts for child organization alerts
Resolved an issue in which applications were failing to fully delete, causing them to reappear
Resolved a minor UI issue on the Organizations page in which border lines were appearing out of alignment
Resolved an issue in which the Password Protected Screen Saver policy in Configuration Manager was applying time in seconds instead of minutes
Resolved an issue in which the ITAR tag was not properly displayed on the Organizations page
Resolved an issue in which Network Control policy settings were not being copied when using the Copy Policy function
Resolved an issue in which users were unable to action an approval request without enabling a maintenance mode unless they had edit computer permission
Resolved an issue in which approval requests were incorrectly removed when a computer was moved from one organization to another
Resolved an issue in which organizations with Co-managed direct support enabled were being displayed as not enabled
Resolved an issue in which password reset emails were resulting in an error
Resolved an issue in which users with sufficient permissions were unable to approve storage requests
Resolved an issue in which enabling and disabling products was causing incorrect message banners to be displayed
Resolved an issue in which adding or editing conditions on a Detect policy was incorrectly redirecting the user to the top of the page
Resolved an issue in which Application export to CSV was not including 'Notes'
Resolved an issue in which Super Admin users were incorrectly unable to delete another administrator
Resolved an issue in which attempting to search for integrations after a previous search attempt returned no results would also return no results, even with the integration present
Resolved a display issue in which part of the billing page was being cut off on a mobile-sized screen
Resolved an issue in which the pagination bar was not lining up correctly with the main grid and the bottom of the screen on multiple pages
Resolved an issue in which Super Admin Child user were able to view and use applications at the parent organization level
Resolved an issue in which the Unused Polices tile on the Health Center was showing incorrect results
Resolved an issue in which mobile app pushes were not being sent to users using the beta app
Resolved an issue in which users were unable to switch between Update Existing and New Install when actioning an approval request
Resolved an issue in which parent organizations were not available as Source Objects in child Network Control policies
Resolved an issue in which the Health Report was failing to export for large organizations
Resolved an issue in which emojis were not visible in Help Desk ticket chat histories
Resolved an issue in which tickets were not being correctly assigned to the technician participating in the live chat session
Resolved an issue with computers not showing the proper deny count on the Computers Page
Resolved an issue where, after a new Portal Release, users would need to hard reload to access the new version

05/06/2024: 1.8.1.151

Updated 05/15/2024

New Features

Added Linux OS visibility to the portal in preparation for the new supported OS
ThreatLocker Detect will allow users to delete a file directly from an endpoint. ThreatLocker will also upload a copy of the file as a precaution or for inspection
Organizations with overdue invoices will now be locked out of their accounts. Based on permissions, administrators will be directed to either the billing page or to remove protection from all endpoints.

Improvements

Improvements to the Computers page loading times
Improvements to the display of the Health Report
Made improvements to Detect policies to ensure a Full Path or Process Path condition is set before using the CMD Line Parameter as a condition
Added column sorting to the Threats page
Improved the logic on Computers Applied for application policies when there are duplicate policies in place
To reduce the occurrence rate of false positive results, vendors with a high false positive rate have been omitted from the logs in the ThreatLocker Detect Alerts sidebar
Within ThreatLocker Detect, we will now exclude Jiangmin's results from malicious results checks
Added the ability to promote policies from the Existing policies tab on the Application sidebar
Improved Help Desk flow by making a comment mandatory on tickets set to Not Resolved
Improved the System Audit to include a warning when an incorrect format was used in the search filters
Added visibility of the PsScriptPolicyTest policy denies into the Unified Audit, with the ability to filter them out by Removing White Noise

Bugs and Fixes

Resolved an issue where the Health Center showed the error: 'Specified Credentials are invalid.'
Resolved an issue preventing Mac computers from being removed from a Windows group
Resolved an issue with errors during the password reset process with accounts linked to SSOs
Resolved an issue with the password reset process intermittently timing out
Resolved alignment issues with headers in the CSV export of the Unified Audit
Resolved an issue with parent tags being removed from a child organization Network Control policy as a source when saved
Resolved an issue where line breaks entered into the Request Window Appearance would not be displayed properly. We no longer accept the line break in the configuration
Resolved an issue in which the Ready to Secure label on the Computers page was incorrectly displaying when sorting by Denied Count
Resolved an issue in which the System Audit was showing false Denied actions when modifying the end date on a learning mode schedule
Resolved an issue in which message banners were not visible when using light mode
Resolved an issue in which admins were unable to edit ThreatLocker Detect policies without Community permissions
Resolved an issue in which clearing a large amount of Detect Alerts was causing a timeout
Resolved an issue in which the Issuer and Assertion were not visible until after a SAML integration was saved
Resolved an issue in which the RedirectURL was not being removed when users attempted to remove it
Resolved a minor formatting issue in which the word 'Tag' was cut off in Detect policies using Source or Destination IP address as the condition
Resolved an issue in which the Ready to Secure progress bar was not displayed on Learning Mode durations of less than 5 days
Resolved an issue in which choosing to Log in as Admin when requesting access to a Storage Control deny was redirecting to the Legacy Portal
Resolved an issue in which Domains were not being correctly validated before saving.
Resolved an issue in which password reset links were not working as expected
Resolved an issue in which some customers were receiving an error when attempting to delete Application Control policies
Resolved an issue in which users could not switch from Update Existing to New Install after inserting data into the text field
Resolved an issue in which access icons were incorrectly displaying in duplicate for some applications
Resolved an issue in which the Request Monitor Button was not visible on some Child Organizations' Detect Policies
Removed the ability to add Windows applications to a MAC policy through existing policies on the Applications page
Resolved an issue when using the Login as Admin function from the request access popup, SAML linked administrators will now be redirected to the application request properly.
Resolved System Audit logs showing the incorrect hour for policy expiration times
Resolved an issue with simulated denies and any combination of other filters not showing correct results
Resolved an issue that would show admins the option <Automatic> for Installation maintenance modes in the application dropdown
Resolved cases where an error message would generate upon administrator login
Resolved an issue with the permission "Super Admin Child" for administrators on the parent level that would allow them to create policies on the parent level
Resolved an issue on the Computers page when using the Restart Service for all devices function on the parent level would also restart services on the child organizations. This now only happens if you select the "Include Child Organizations" option on the Computers page
Resolved an issue where MFA restrictions were not being applied properly to newly invited administrators and now requires proper setup of the allowed MFA methods
Resolved an issue in which customers in Australia were not receiving emails from the Cyber Heroes in response to Approval Requests
Resolved an issue where Customer Guidelines were not displaying on old approval requests when Cyber Hero Management was enabled for the first time
Resolved an issue in which macOS storage requests were defaulting to the USB interface being selected
Resolved an issue where the OS version for computers on the Computers page was not showing
Resolved an issue where approval requests for a computer were removed when the computer was moved to a new computer group. These will remain as long as the machine remains in the same organization
Resolved an issue with end-users without Co-Managed Direct Support being able to open Helpdesk tickets
Resolved an issue where sending a password reset from the Administrators page would cause a timeout issue
Resolved an issue on the Administrators page where resetting a password with a previously linked SSO account would cause a 417 error
Resolved an issue with the Approval Process where adding RingFencing for PowerShell to an approved application would not include the "Windows PowerShell (Built-In)" application and policy
Resolved an issue when creating a Helpdesk ticket for another organization from a child organization would cause a 400 error
Resolved cases where creating an elevation with an expiration application policy would create a duplicate permit policy despite a policy already existing
The System Audit will now display when an administrator views the Helpdesk page
Resolved an issue where moving computers between locations (groups, organizations, etc.) could change the policy history to the incorrect version
Resolved an issue in the Health Center where the IP address of logins was incorrectly showing as (0,0)
Resolved an issue where administrators were not receiving request access emails from Storage Control policies
Resolved an issue that would prevent former DUO MFA enforcement from being removed if the DUO integration was no longer being used
Resolved an issue where password resets would not require MFA upon the next login
Resolved an issue that allowed all zero hashes to be entered as a rule in applications
Resolved an issue where IDs for portal objects were not displaying

04/22/2024: 1.8.0.127

New Features

We have added local administrator management options. For organizations with Elevation enabled, this feature will provide a way to remove users from local Administrator groups. This is accomplished by either selecting the users to remove or creating a list of exceptions that will remain in the local Administrators group and automatically removing the rest. For information on this exciting new security tool, view the newest KB article: https://threatlocker.kb.help/elevation-control-module/
The ServiceNow integration is now available. All ServiceNow integrations may require a Business Analyst Scoping call to expand the functionality of the default options. The Calendly link to schedule a call is available on the ServiceNow KB. https://threatlocker.kb.help/servicenow-integration/

Improvements

Made improvements to notification banners to display information to customers without blocking any portal functionality
Removed email on policy match for MAC applications as this feature does not function for MAC
Added an issue in which the calendar was closing automatically after selecting an end date when attempting to schedule a maintenance mode, even if a start date was not selected
Made improvements to the Computers page to help improve loading screen times
Added the ability to promote policies from the Existing policies tab on the Application sidebar
Computers Page - Add Learning Progress Bar to computers set to Indefinite Learning
The Integrations dropdown will only show available options once users begin typing
The Unified Audit now has a Deny Application option on the sidebar

Bugs and Fixes

Removed Global Groups from the Applies to dropdown in Network Control, as Network Control does not yet support global groups
Resolved an issue where the Message section of the Tray Notification Customizations would allow more characters than supported. The current maximum for this field is 80 characters.
Resolved an issue with Helpdesk unassigned tickets not populating correctly
Resolved an issue on the Organizations page where the main grid was showing the incorrect number of secured machines
Resolved an issue in which the Ignore button was not functional until the page was refreshed
Resolved an issue where Super Admin Child accounts would get a 401 error on several pages
Resolved an issue with Detect where blank conditions or actions could be saved
Resolved an issue in which Tax Certificates were unable to be submitted using South Dakota as the selected state
Resolved an issue in which attempting to add to policy for Network Control from a Unified Audit entry was incorrectly adding the address as text in the textbox
Resolved an issue where Detect Exclusion options were fully visible
Resolved an issue where the history from a chat with a Cyber Hero would not save to the Help Desk ticket
Resolved an issue with ThreatLocker Detect exclusions being sent down to the endpoints when the Deploy Policies button is pressed
Resolved an issue in which computers using Installation mode were being incorrectly counted as "Secured" on the Computers Page
Resolved an issue in which part of the Reports page was being cut off on smaller computer screens
Resolved an issue in which LiveChat was incorrectly causing an error on close
Resolved an issue in which email addresses were not able to be added to the Organization settings page for Escalation settings
Resolved an issue in which the bottom policy on the ThreatLocker Detect page was not viewable on a vertical monitor
Resolved an issue in which wildcards were incorrectly able to be saved in Canary File Paths in Detect Conditions even though they would not work
Resolved an issue in which adding IP addresses to tags from the Unified Audit was incorrectly inserting text along with the IP address
Resolved an issue in which the memory usage was being incorrectly reported in the Computers sidebar
Resolved an issue in which Storage approvals were incorrectly including backslashes for macOS
Resolved an issue in which special characters were causing an error when creating passwords
Resolved an issue in which a 400 error was being received when using the Remove Unused Applications button, although it was successfully removing the applications
Resolved an issue in which customers in Australia were not receiving emails from the Cyber Heroes in response to Approval Requests
Resolved an issue with ThreatLocker Detect that prevented a logged-in administrator from accessing their integrations for actions for child-level Detect policies
Resolved an issue with ThreatLocker Detect where the Delete and Upload File button would remain after a file was deleted
Resolved an issue that triggered an error when trying to delete a child application from within a parent organization
Resolved an issue with enabling/disabling Cyber Hero Management and the corresponding Cyber Hero Access settings
Resolved an issue with Storage Control preventing administrators from adding a device to a storage policy
Resolved an issue with SAML on mobile
Resolved an issue in which a type in the Permitted tag was causing the permit to be displayed in red in the System Audit

04/10/2024: 1.7.9.114

Improvements

The Legacy Portal is now depreciated. Contact a Cyber Hero if you are experiencing any difficulties with this change.
Improved the Datto Integration to now require HTTPS as a requirement for the PSA Zone URL
The Configuration Manager banner is updated to reflect 8.8 as the required Windows Agent for the upcoming changes
Text options for Outbound Network Control destinations, for example domains, are coming soon
The ability to request monitoring of personal Detect policies is now available in ThreatLocker Detect. Once requested, the policy will be locked while the Detect team reviews the policy. If they approve, the policy will show as Monitored, and if they deny the request, the policy will unlock. Communication about this process will be available via the HelpDesk ticket created during the request
A Portal banner has been added for any clients that have enabled Cyber Hero Detection and Response but have computers running a version lower than 8.7.1. This service will not protect as intended on machines running less than 8.7.1 and should be updated immediately
ThreatLocker Detect Alerts Center now shows Snoozed alerts as a filter option
When Cyber Hero Managed Detection and Response is enabled, all active alerts for the Organization will be cleared
Added a CSV export option on the Computers page to simplify data collection
Clarified the Detect total threat levels. Now, the Computer’s total threat level is displayed on the main grid, and the policy’s impact on the alert is displayed in the slideout

Bugs and Fixes

Resolved an issue with Network Tags not showing for ThreatLocker employees
Resolved an issue where Detect Exclusion options were fully visible
Improved the Network Control Object Challenge timeout to a maximum of 1000ms. The default time is now set to 300 ms
Resolved an issue with the use of Tab within the description of a new Help Desk ticket
Resolved an issue with Mac computers receiving an error when Learning or Installation Mode fails
Resolved an issue where moving a computer to a new group would display incorrect learning settings after the move
Resolved an issue with Configuration Manager where the Policy Expiration field on new policies was prefilled with the current date/time
Resolved an issue in ThreatLocker Detect where alerts became unactionable after authenticating using the QR code feature
Resolved an issue with the Learning Monitor Mode Duration of 45 Days
Resolved an issue where the Copy Existing Policies option would copy policies out of order
Resolved an issue where the System Audit logs for Elevation Policy creation were incomplete
Resolved an issue with the Copy Existing Policies, where changing the source Organization would remove the destination Organization
Resolved an issue with Copy Existing Policies where a success message would show even if improperly configured
Resolved an issue where emojis were not showing correctly in HelpDesk ticket comments
Resolved an issue with unclear password requirements
Network Control Policies can now be copied between organizations or child organizations
Resolved an issue where the ThreatLocker Testing Environment would not open as expected for all approved file types
Resolved an issue where moving computers within the same organization was removing computer-level policies
Resolved an issue where administrators were unable to specify the global group when using installation mode for a new application
Resolved an issue with quotes where the address field would not support longer addresses

04/04/2024: 1.7.8.105

Improvements

Added display of the exact date/time to entries in the Response Center
Made improvements to Outbound Network Control policies to add Text in dropdown for Destinations to make setting destinations more user-friendly
Made improvements to the Application Control Policies sidebars to automatically scroll down after selecting 'Assist with programs that require local administrator privileges"

Bugs and Fixes

Resolved an issue in which password reset labels were being displayed incorrectly
Resolved an issue in which pressing the Enter button after typing a title for a storage policy was incorrectly triggering the 'Publish to Community' button
Resolved an issue where deleting a policy from the Application Control Policies page would not log the name of that application in the System Audit
Resolved an issue where deleting a Child Organization would not delete the associated Administrators
Resolved an issue with Product Research where the incorrect research would populate intermittently on the Application Control page
Resolved an issue with ThreatLocker Detect where the Canary File Path condition would allow the path to end in unsupported characters
Resolved an issue with simulated denies and any combination of other filters not showing correct results
Resolved an issue where deleting an application would redirect to the first page of the main grid on the Applications page
Resolved an issue where domains were still attached to a specific organization after the organization had been deleted
In the Application Approvals sidebar, we have added more information around "How many computers will this affect" to now include the computer group name the computer is associated with

03/29/2024: 1.7.7.103

Improvements

Added the ability to delete local admins from a computer and to specify exceptions from within the ThreatLocker portal
Made improvements to the pagination count on the Unified Audit
The Unified Audit will no longer show total issue counts based on search results. A checkbox option will now allow administrators to show that information
Made improvements to the All/Any conditions in ThreatLocker Ops
On the Storage Control Edit/Create policies sidebar, the policy expiration slider has been updated to a date/time picker
Made improvements to loading the history and comments in Help Desk tickets

Bugs and Fixes

Resolved an issue with CHMDR instructions where instructions for Cyber Heros were being cut off
Resolved an issue with invoices showing a balance even though the total due had been submitted
Resolved an issue in which some computers' ThreatLocker Version did not update according to the Update Channel set for their group
Resolved an issue in which the System Audit wasn't capturing policy status changes made from the Edit Policy sidebar

3/27/2024: 1.7.6.95

Improvements

Made performance improvements when executing Unified Audit searches using a wildcard in the full path input box
Added a label on Outbound Network Control policies to show that it requires TL Version 8.6.1 or greater
Added a warning to inform users that combining All/Any conditions in ThreatLocker Ops/Detect policies requires TL Version 8.7 or greater to work as intended
Made improvements to the Applications page to display a yellow warning label instead of a red one
Minor UI improvement on the Computer Groups page to display the update channel with chip styling
Added a message banner to inform users that once Cyber Hero Managed Detection and Response is enabled, they must reach out to their Solutions Engineer to configure their runbook
Made improvements to the messaging displayed when attempting to view a locked module
Minor UI improvements to the Tags sidebar

Bugs and Fixes

Resolved an issue in which attempting to view the TAPS password on the Computers page was resulting in an error
Resolved an issue in which admins were able to see and select parent level applications when selecting to add to Matching Application from the Unified Audit and Approval Requests
Resolved an issue in which a Captcha loop was created when retrieving results from Virus Total using ThreatLocker Hash instead of SHA
Resolved a minor grammatical errors on the Computer Groups sidebar

03/21/2024: 1.7.5.93

New Features & Important Updates

ThreatLocker Ops has been renamed ThreatLocker Detect
The Health Report is now available for all clients and can be run from the Health Center
Starting in version 8.7, Configuration Manager will support the option to Revert back to the original Windows configuration. This change means that all Configuration Manager policies created prior to 8.7 will no longer be editable and will need to be recreated in the new format. Older Configurations will continue to work until a new Configuration is put in place to change the setting. Any computer installed after the release of 8.7 will not be covered by the legacy policies. Please reach out to your Solutions Engineer or a Cyber Hero for more information about this change
ThreatLocker Ops/Detect Any & All Conditions has been seperated to allow for both to be used within a policy. Moving forward, the logic is that All of X conditions and Any of Y conditions must be met for the policy to be matched

Improvements

The OKTA Integration now supports Workforce Configurations where previously only OAuth0 was supported. Workforce configurations will use OKTA groups instead of roles
The Learning Period options now include 45 days as an option
On the Computers Page sidebar Network Tab, Outbound traffic will parse the Destination, Inbound will parse the Source
On the Computers Page sidebar, on the Network Control tab, private IP addresses will not be scanned for maliciousness
Resolved an issue with the Computers Page sidebar on the Network Control Tab where Inbound traffic was reported as Outbound, and vice versa
Windows machines can now use the Baseline All Paths Except option found in the Computer Group Settings sidebar
The Legacy Logon page now reflects the message "The ThreatLocker legacy portal has been deprecated. Please log into the live portal at https://portal.threatlocker.com."
Improved the Import Policies process to ensure users select a destination prior to actioning the change
Added Organization, Hostname, Hash, Certs, etc. to the CyberHero Escalation email sent to administrators

Bugs and Fixes

Resolved an issue with SAML requests where the incorrect Issuer ID was being sent out
Resolved an issue with an expired API key for the Map on the Health Center page
Resolved an issue with the ThreatLocker Ops/Detect CSV export feature that was unresponsiveResolved an issue with editing Certificates if there was more than one certificate suggested
Resolved an issue with LiveChat where a chat started from inside an existing ticket would show the ticket owner as the person who started the chat
Resolved an issue where Tag names were not updating inside policies when they were changed
Resolved an issue where deleting an application would cause a 400 error even though the application was deleted successfully
Resolved an issue on the Computers Page Network Control Sidebar, where the Transport Layer was incorrectly labeled as Serial Number
Resolved an issue on the Unified Audit that provided different search results based on Policy Name or Policy ID
Resolved an issue with Storage Control where deleting a machine and then deleting a storage device associated with that machine would cause an error
Resolved an issue with a client-specific error when approving a global policy with an expiration
Resolved an issue with the Okta Integration sidebar that didn't allow scrolling through groups
Resolved an issue with inconsistent date pickers between the Schedule Maintenance options
Resolved an issue where formatting on the Computers page was malfuctioning at very large or very small screen resolutions
Resolved an issue with the Password Manager Keeper, where it would not fill in the OTC code
Resolved an issue with the Pagination on the Approvals Page

03/19/2024: 1.7.4.89

Improvements

OKTA Integration now supports Workforce configurations where previously only OAuth0 was supported. Workforce configuration will use OKTA groups instead of roles
New banner will alert administrators if there is an overdue invoice
Added a warning message when setting Enforce User Access Control Setting Configurations in Configuration Manager that it is not compatable with Elevation Control
Added the Take Ownership option for the ThreatLocker Ops Threats page
Added the ability to press the enter key when inputting ticket details in Approval requests and be taken to the next line
The Applications Policies page now includes a 'Show All Policies' checkbox which will show all policies in hierarchal order from Global down to Computer Group

Bugs and Fixes

Resolved an issue in which a banner across the top of the screen was displaying incorrectly on smaller screens
Resolved an issue in which child organizations were able to view global as an option when promoting policies
Resolved an issue in which ThreatLocker Ops policies viewed in the Community were not populating all values when opened for the first time
Resolved an issue in which the incorrect warning message was being displayed when attempting to set a maintenance mode without completing all necessary components
Resolved an issue in which the process ID was being incorrectly included when clicking Add to Application from the Unified Audit
Resolved an issue with the 'Remove Unused' Button which was not removing applications
Resolved an issue with the Remediation Tab in the Response Center where errors were populating related to permissions
Resolved an issue with the Unified Audit filter for 'Computers Installed Over 7 Days Ago' which was not showing the correct data set

03/08/2024: 1.7.3.80

Improvements

The remdiator will not be accessible by admin users and the permission "Allow Remediation" will no longer inherit to any super admins
On the Computers Page, 500 is now an option for pagination
Improved page loading speeds on the Unified Audit
In ThreatLocker Ops, the Delete File function will require Version 8.7 or above, and a success message was added when a file is deleted
Added a warning message if an Administrator attempts to navigate away from a page with an unsaved Manintenance Mode
When chatting with a Cyber Hero, the logged in administrator's name will show, rather than the primary contact of that organization
In the System Audit, the Entity ID field will now return Storage and Network Creates, Updates, and Deletes
In the Administrators sidebar, a Reset OTC option is now available
Added a message on the Install Computers page that informs the user that renaming the Stub Installer could cause the installation to fail

Bugs and Fixes

Resolved an issue with scaling and the Reports Page, where zooming in over 125% with a monitor resolution of 1920 x 1080 caued infomation to get cut off the screen
Resolved an issue with slow loading times on the Maintenance Type dropdown on the Computers Page slideout
Resolved an issue where a user role could not be applied to multiple organizations unless that role had already been applied to one
Resolved an issue where the Application Control page was displaying too many countries
Resolved a formatting issue in which the Unified Audit summary on the Health Center Page was extending out of its box when extended across multiple screens
Resolved an issue in which opening File History in an approval was generating an excessive amount of logs in the System Audit
Resolved an issue in which adding file exclusions for Ringfenced Command Prompt policies was incorrectly auto populating the command arguments
Resolved an issue in which the Ready to Secure filter on the Computers page was incorrectly displaying computers that still Need Review
Resolved an issue in which some customers on a single instance were unable to log in using the SAML integration
Resolved an issue in which some customers were receiving errors when trying to permit applications from the Unified Audit using a custom rule
Resolved an issue in which Ringfencing icons were being incorrectly displayed for browser extensions
Resolved an issue in which child organizations were able to view and action parent level approvals
Resolved an issue in which the Needs Review progress bar on the Computers page was opening a Unified Audit search starting the date of installation instead of four days from the current date
Resolved an issue in which a link to Release Notes on the login page news feed was requiring the user to navigate to Facebook before being taken to the KnowledgeBase

03/05/2024: 1.7.2.77

New Features

When searching with the hostname filter (not advanced filter) it will now be an exact search unless the wildcard * is used
The Remediator MSI is available with options in x64 and x86

Improvements

The Refresh Policies interval on the Computer Groups slideout label now reflects Heartbeat Interval Seconds and has an upper limit of 300 seconds
When creating a new parent organization, the "Threatlocker Override Codes" application will no longer be created. The method of obtaining these codes is no longer used on agent version 7.6 and above. Codes are available from the report on all updated agent versions
The Threatlocker Ops sidebar section for Applies To is now type-searchable
Network Control policies will now update the Group Names when the group name is changed and when that group was used as an Object in the policy

Bugs and Fixes

Resolved an issue with Approval Requests where an error message displayed "Violation of Unique Key constraint"
Resolved an issue in which resetting an administrator password incorrectly redirected users to an "Are you lost?" page

02/29/2024: 1.7.1.71

Improvements

When an endpoint is in Disable Ops Alerts Maintenace Mode, the options to Lockdown and Isolate will be disabled

Bugs and Fixes

Resolved an issue where IPv4 Tags were adding as text
Resolved in issue with the Unified Audit File History where all results were not being populated as expected
Resolved an issue with ITGlue Password Manager not interacting with our Login page as expected
Resolved an issue with Safari Password Autocomplete function not working with our Login Page as expected
Resolved an issue with the Subscriptions page in Community where subscription data was not being stored as intended
Resolved an issue with the Computers Page Baseline option where Baseline All Paths Except Selected option was not saving as intended
Resolved an issue with Bitwarden inserting saved passwords on our Login page
Resolved an issue that allowed Adminstrators to schedule multiple of the same Maintenace Modes at the same time

02/27/2024: 1.7.0.70

Bugs and Fixes

Resolved an issue where if an endpoint had multiple maintenance modes, an error would trigger when trying to secure
Resolved an issue where the Remediator would not auto-scroll down through the last run commands
Resolved an issue with the disconnect for the Remediator by adding redundancy to the stop / exit action
Resolved an issue that triggered an error when trying to delete a child applicaiton from within a parent organization

02/27/2024: 1.6.9.63

New Features

ThreatLocker Managed Detection and Response is available to clients who have purchased ThreatLocker Ops. Cyber Heros will manage and respond to all Ops alerts and respond according to client's directions, up to and including locking down or isolating an endpoint, contacting a designated client with information about an alert, and adding or managing policies within Ops
The ThreatLocker Tray will now alert end-users of our research on their software requests, including software name and company name, countries of operation, levels of access to their systems, and software categories. This will allow end-users insight into the software they are requesting and help guide their decision-making process prior to requesting the approval
Introducing the Remediator. ThreatLocker Ops clients will now have the ability to download and enable a tab in the ThreatLocker Ops sidebar which will interact with the PowerShell of an endpoint, all from within the ThreatLocker portal
Introducing our integration with Halo PSA! Once integrated, tickets in the Approval Center will show in the Halo portal, and when actioned or closed, reflect that status change in Halo as well

Improvements

Okta users who have also integrated with SAML are now able to control ThreatLocker Administrator settings from Okta, including:
- Creating, removing, deleting, updating users,
- Adding new groups to users
- Adding and removing established groups to users
Three new conditions will be available in ThreatLocker Ops; Countries, Categories, and from Risks. Policies can be created to monitor for software running from certain countries, from certain software categories, and for known risks
When the new Disable Ops Alerts maintenance mode is enabled, the ability to lock down or isolate an endpoint will be disabled
ThreatLocker Ops now includes a 10 minute Snooze option. This option will temporarily hide all current alerts and allow Administrators to review any new incoming alerts to determine threat level of that endpoint
On Mac application policies, the policy status is now available to be changed from a dropdown on the Policy page, including options to Inherit, Secured, and Monitor

Bugs and Fixes

Resolved an issue where users were logged out unexpectedly due to valid authorization tokens being marked incorrectly
Resolved an error where applying the same role to multiple child organizations on the same Administrator caused an error
Resolved an issue where formatting on the Computers page was malfunctioning at very large or very small screen resolutions
Resolved an issue that prevented Administrators from creating 8 character passwords
Resolved an issue with the ThreatLocker Ops sidebar in the Baseline tab which was displaying incorrect data
Resolved an issue with placing a child endpoint into Learning or Installation mode and the visibility of applications of both child and parent applications
Resolved an issue where opening a Storage Control request for a child account in the Response Center would trigger a 400 error
Resolved an issue where Tags in the Destination section of a new Network Control policy were unavailable
Resolved an issue within the Unified Audit with the wording of a policy set to Monitor status. The sidebar will now say "Monitoring Policy"
Resolved an issue with the left side navigation bar and how it resizes as screens are resized
Resolved an issue where deleting a child organization would not delete the domain, preventing clients from registering a new account with that domain
The Help Desk Ticket window now allows for more room in the Summary section when creating an offline ticket

02/16/2024: 1.6.8.55

Improvements

In ThreatLocker Ops, policies can now be applied to the Global level
In the Options section on the Computers Page, Computer Groups Page, and Organization Page has been updated so clients can view Master Only-enabled options and remove them if necessary
Added a Snooze button on ThreatLocker Ops Alerts to temporarily hide current alerts for a set period of time
Throughout the portal, we have added a 'Copy Link' options to share URLs for certain pages with other ThreatLocker Administrators
Government Azure Tenants are now supported using Office 365 SSO using either Microsoft Global Services or Microsoft US Government

Bugs and Fixes

Resolved an issue where scheduling a maintenance period through the advanced Wrench Icon was not setting the end time ahead by an hour

02/14/2024: 1.6.7.50

Updated 02/16/2024

Improvements

A new status of Not Learned is now available in the Approval Center. During automatic learning, if ThreatLocker can’t name a file (for example, from the downloads or documents folder), we don’t learn the file. This status will now be visible in the Approval Center with a blue background to help understand how these files were first identified by ThreatLocker.
The End User License Agreement (EULA) popup will now populate when users install on a new endpoint and redirect to the Computer Group page after accepting
On the Organization Page, the License Count column has been updated to the License Method
In the ThreatLocker Community, Configuration Manager Policy has been removed as an option from Item Type
On the Computers Page, the Denied Counts for each endpoint have been added for each endpoint for the last 1/3/7 days
On the Install Computer Groups page, under Actions, the Download Installer popup now includes a sharable URL link once a group is selected, which can be entered on an endpoint to install that endpoint into the selected group. Users will choose Stub or MSI, and x64, or x86 versions

Bugs and Fixes

Resolved an issue with the Trial feature and Incident Responce companies which caused the trial to not start as intended
Resolved an issue on the Application Control page showed too many country flags for Countries of Opperation

02/13/2024: 1.6.6.45

Improvements

Updated several Legacy portal reports to pull data from the new portal

Bugs and Fixes

Resolved an issue with multiple bad attempts at adding MFA 6 DIGIT CODE
Resolved an issue with the billing for Configuration Manager and ThreatLocker Ops
Resolved an issue with editing login settings for child organizations and MFA settings
Resolved an issue with Product Research related to how Business Rating and Concern Rating were displayed based on value
Resolved an issue when searching and including empty spaces before or after an Application name
Resolved an issue with the visibility of certain modules based on selection in the Organizations Modules dropdown related to combinations of Application Control, Elevation, Default Deny, and Ringfencing
Resolved an issue from 1.5.0 where exporting Application Definitions would not include all definitions in the export
Resolved an issue with updating an Administrator role which would log a Deny action in the System Audit

02/07/2024: 1.6.5.37

Improvements

PERMISSIONS CHANGES: To view Ops and all incuded sidebars, users will need a combination of Ops and Unified Audit permissions, either view or manage. For visibility only, we recommend:
- Allow View Checkin History
- View Unified Audit
- View ThreatLocker Ops (Edit option available)
- View Ops Alert Threats (Manage option available)
- View Ops Alert Remediations (Manage option available)
- Edit Computers
Improved messaging in ThreatLocker Ops if user does not have correct permissions

Bugs and Fixes

Resolved an issue with some ACH payment methods failing to add
Resolved an issue with the ThreatLocker Ops Sidebar and API return issues
Resolved an issue where some users couldn't view the ThreatLocker Ops tab on the Computers slideout
Resolved an issue with the SAML integration passing a 400 error if the description field is left blank

02/02/2024: 1.6.4.32

Updated 02/07/2024

Improvements

Community will now publish directly after the user confirmation is complete
Improved the location of the Read/Write setting on the Storage Control Policy sidebar to help users avoid misconfiguring policies unintentionally
Improvements to ThreatLocker Ops Alerts sidebar to reduce false positive occurrences
Community will now publish directly after the user confirmation is complete
Improved messaging in ThreatLocker Ops if user does not have correct permissions
PERMISSIONS CHANGES: To view Ops and all incuded sidebars, users will need a combination of Ops and Unified Audit permissions, either view or manage. For visibility only, we recommend:
- Allow View Checkin History
- View Unified Audit
- View ThreatLocker Ops (Edit option available)
- View Ops Alert Threats (Manage option available)
- View Ops Alert Remediations (Manage option available)
- Edit Computers
Changed the location of the Read/Write setting on the Storage Control Policy sidebar to help users avoid misconfiguring policies unintentionally

Bugs and Fixes

Resolved an issue with ITGlue when used as a password manager, where the login page would break on insert and not reload
Resolved an issue with the Incactivity Log Out Timer which, when set to 24 hours, was logging users out after 24 hours regardless of activity levels
Resolved an issue with the SAML integration passing a 400 error if the description field is left blank
Resolved an issue with ThreatLocker Ops not accepting multiple contact emails in the Policy Actions section
Resolved an issue where deleting an application immediately after creating a new application would result in a 400 error and the application would not be deleted
Resolved an issue with setting new Maintenance Modes where, after adding the new mode, the end date would not reset as expected
Resolved an issue where updating an administrator would result in a 400 error
Resolved an issue where

02/02/2024: 1.6.3.29

Improvments

Improved the icons for computer versions on the Computers Page
- When the machine is checking in under the targeted version and it is set to inherit the group, it will show the group icon before the version number
- When the machine is checking in under the targeted version and it is set to target a specific agent version rather than inherit from group, it will show the Computer icon to the left of the version
- When the machine is NOT checking in under the targeted version and it is set to inherit the group, it will show a mismatch, with the correct version being [group icon] [targeted group version]
- If the machine is NOT checking in under the targeted version and it is set to target a specific agent version rather than inherit from group, it should show a mismatch, with the right number being [computer icon] [targeted computer version]
User agreements have been added to Community for any user attempting to download a policy or publish a policy for the first time

Bugs and Fixes

Resolved an issue in which leaving a trailing space in a policy name could cause a policy rule to not match
Resolved an issue on the Organizations Product dropdown to hide both Application Audit and Application Control when ThreatLocker Protect is enabled as they are included in that package

02/02/2024: 1.6.2.28

New Features

Our OKTA integration is now available for public beta testing using SAML. This configuration will be based on OKTA roles.

Improvements

Cyber Hero Management "Read Only" permission will now include Read Only access to the Computer Groups page
Added a "Beta Testing" tag to our Okta Integration
Improved the workflow for Mac Create Application to default to Mac Applications when actioned from a Mac Group
Added the ability to see and use multiple certificates when creating custom application definitions from files that have more than 1 certificate

Bugs and Fixes

Resolved an issue with Permit Application where adding a new certificate would hide visibility of all other included parameters
Resolved an issue with our Partner Resources section connecting to the incorrect file server
Resolved an issue where promoting a child organization to the parent level would change Built-In applications to custom applications
Resolved an issue that prevented clients from viewing the save button on the Computer Groups Settings sidebar
Resolved an issue some users experienced when filtering the Unified Audit by Computers in Secured Mode and Unsecured Computers
Resolved an issue some customers experienced when attempting to access the Response Center Approvals tab with limited approval permissions
Resolved an issue with the visibility of the last entry on the list of computers on the Computers Page
Resolved an issue with the Remove Isolation icon in the Response Center not disappearing once isolation was removed

1/30/2024: 1.6.1.23

New Features

ThreatLocker has released Community, a place to share policies used within the ThreatLocker Platform. Users will have the ability to share policies they use for the benefit of the collective, copy published policies to implement in their environment, view featured or popular policies, and follow policy creators, such as ThreatLocker, to continue to see their posts.

Improvements

Added 2 new permissions Manage Community and View Community. Manage Community permits the user to publish their own policies on the community and download shared policies from the community. View Community provides the user with view-only permission of the community
Made improvements to the System Audit to now reflect both the Organization and the Computer Group that computers are moved to and from
Minor UI improvements in the Ops Alerts sidebar
Added visibility of Mac applications within the view all option on the Application Control > Applications page
Removed the option to send email on policy match from Application Control and Storage Control policies as this is now centrally managed using ThreatLocker Ops
Increased the character limit for ThreatLocker Ops Policy names up to 100 characters
Improvements to the scheduling maintenance modes user flow, ensuring Maintenance Modes are properly added prior to closing the sidebar
Made improvements to ThreatLocker Ops, simplifying the process of specifying Applications and Policies in Ops Actions and Conditions

Bugs and Fixes

Resolved an issue on the Computer Groups page where the incorrect Windows version was displayed as the latest version
Resolved an issue that caused comments in Help Desk tickets to load slowly
Resolved an issue on version 1.5.0.14_C, where moving machines from a child to a parent organization would create unnecessary policies
Resolved an issue in ThreatLocker Ops where conditions that include IP addesses were being automatically duplicated
Resolved an issue in which rating and download count was reset when a policy was republished to the community
Resolved an issue in which the Event Log ID was not being displayed within the ThreatLocker Ops Alerts sidebar
Resolved an issue in which ThreatLocker Ops Conditions were not reloading when a variable was changed
Resolved an issue in which the Does not Match operator in ThreatLocker Ops was only selectable once per the All condition
Resolved an issue with the web browser tab displaying the incorrect ThreatLocker page title
Resolved an issue in which the Computer Groups tab was not visible from a mobile browser
Resolved an issue some customers experienced when attempting to access the Response Center Approvals tab with limited approval permissions
Resolved an issue which prevented an existing contact from being invited as an administrator
Resolved an issue with ticket loading speeds in Help Desk

1/26/2024: 1.6.0.20

Improvements

The File History tab on the Approval Request sidebar will now show up to 30 days of history
Througout the portal, date and time will be shown in exact amounts with an approximation available as a hoverover
A banner has been added to beta.threatlocker.com to alert users that using Beta is not recommended, and the preferred site is portal.threatlocker.com
Clients will now receive a warning when attempting to delete a Global group and be required to type DELETE to proceed
On the Computers page, the flags for Inactive and Offline computers have been made more prominent
On the Application Control page, when the "Include Child Organizations" checkbox is selected, the associated child organization names will be displayed behind the name of the application in parenthesis
Improved Help Desk logs in the Ticket History section, including logging when a ticket is viewed but not altered
The Customer Resource Portal is now available with a limited selection of articles, white papers, resources, and branding

Bugs and Fixes

Resolved an issue that prevented users from opening a chat with a Cyber Hero
Resolved an issue with the visibility of certain modules based on selection in the Organizations Modules dropdown related to combinations of Application Control, Elevation, Default Deny, and Ringfencing
Resolved an issue with mobile browsers not showing Login Settings on the Administrators page
Resolved an issue with scheduling a maintenance mode in the Schedule Maintenance slideout related to setting Start Date / Time
Resolved an issue with Super Admin clients and the landing page not directing to the Health Center on Login
Resolved an issue which prevented an existing contact from being invited as an administrator
Resolved an issue with the ThreatLocker Ops Installs tab not displaying "Known Threats Only" properly
Resolved an issue with the Approval Center Testing Environment that prevented users from progressing if a testing environment was unavailable
Resolved an issue with the button sizing of multi-select options on the Network Control page
Resolved an issue with the visibility of the last alert on the Alerts tab in the ThreatLocker Ops sidebar
Resolved an issue on the Help Desk page where highlighting all text would cause an unexpected page shift to one side
Resolved an issue where adding a child application to a parent application would cause an error
Resolved an issue with the Unified Audit "Add to Tag" which would not add network exclusions as intended
Resolved an issue with the auto-save function in the Description section of the Help Desk
Resolved an issue with pasting long amounts of text into the Comments section of the Help Desk
Resolved an issue with the Help Desk sections Summary of Issue and Description of Issue related to showing incorrect information when reopening a ticket
Resolved an issue with the refresh option in the Help Desk not updating the ticket status after it had been changed
Resolved an issue with the pagination counts on the Help Desk page
Resolved an issue with adding files during ticket creation on the Help Desk page
Resolved several issues with automatic emails generated throughout the ticket life cycle in the Help Desk

1/22/2024: 1.5.0.14_A, B, C

Improvements

Moving forward, if a form has missing information, the user will be directed to the correct tab to enter the information
The Add to Tag feature now supports adding multiple IP addresses at once from the Unified Audit, mimicking the ability to Add to Application
Ops Exclusions will now default to the preferred rule (Path, IP Address, etc.) based on the tab the exclusion is actioned from
Policy Order has been removed from ThreatLocker Ops

Bugs and Fixes

Resolved the discrepancy between the number of Approvals in the Response Center and the number displayed on the upper right page tab
Resolved an issue with special/foreign characters used in passwords which caused login fails
Resolved an issue with missing Web Data icons on the Application Control Module

1/19/2023: 1.5.0.14

New Features

When an adminisrator creates a new user, they will now have the option to choos roles and permissions for the newly invited user prior to finalizing the invitation
Our Legacy Helpdesk is now depreciated and all users will be directed to our new Helpdesk to access Cyber Hero Support, including during Chat. All previously open tickets have been migrated over, as well

Improvements

Resolved an issue where excessive clicking on create would allow users to make multiple organizations with the same information
ThreatLocker Ops side bar options are now in a tabbed format, improving usability

Bugs and Fixes

Resolved an issue with ThreatLocker Ops where viewing an Action Log the second time showed abreviated information
Resolved an issue with white spaced saved during password creation in the Administrator sidebar
Resolved an issue where Cyber Hero Management was enabled but full Cyber Hero permissions could be turned off
Resolved an issue related to turning modules on and off in the Organziations settings which caused a delay in access
Resolved an issue where super admin accounts managing a child account were unable to see parent applications via the maintenance mode side bar
Resolved an issue with selecting or adding a Tag from a parent level organzation to a managed child policy
Resolved an issue where Administrators with permission to create and assign roles or permissions could not add roles or permissions to other administrators
Resolved an issue with logging in on Instance G related to Microsoft O365 authentication
Resolved an issue with merging a child application into a parent application when managing the child organziation
Resolved an issue with the Remove White Noise filter in the Unified Audit which did not include policies with Null name values

1/15/2024: The beta portal has moved to LIVE!

portal.threatlocker.com will now direct to our new portal and legacyportal.threatlocker.com will be available for a short time to allow users to learn our new system and layout.

ThreatLocker Ops is also included in this new change and is now fully available to clients!

10/13/2023: Released to beta.threatlocker.com

Updated 12/08/2023

New Features

Instantly pay the total amount due on an invoice with a credit card or ACH using the Pay Now option
In Organization Settings, the ability to set an automatic signout to administrators based on a time limit is now available
Incident Recovery clients have the option to provide free 90-day trials for onboarding Incident Recovery accounts Contact your Account Manager for more information.
For Windows users, a new "Enable Computer Proxy Server" setting is available in the Groups Settings, and will allow for Proxy Settings to be set prior to installation of new endpoints
When a save button is disabled due to missing information in the form, a message will alert users to fill in the missing information
Added new buttons "New Policy" and "New Tag" to the Application Control, Application Policies, and Tags screens
The Azure integration now supports nested group mapping
We have added the Ignore option to Storage Requests
Added the Maintenance Settings button to all Learning Modes on the Computers Page
The Unified Audit will now filter by operating system to make sure that adding an application will match the destination operating system
In the Computer Groups settings, Excluded Processes options now include Network exclusions
ThreatLocker Cyber Heros can now enable Auto Refresh in Organization settings on behalf of Administrators. This will enable the option to be checked on the Health Center and the Approval Center.
We've added an additional message when deleting Configuration Manager policies to clarify intended behaviors
In Organization Settings, administrators can now toggle off the option to send emails to end users from NoReply@ThreatLocker.com
To increase security around MFA options, SMS will no longer be an option for newly created administrators

Improvements

Improvements to data validation on ThreatLockerOps Policy fields to ensure policies are written properly
Automatic emails will be sent when a card is declined from billing.threatlocker.com
Added a Created By column to the exported Unified Audit report
Added the ability to give users view-only access to the Computers page
The Check-In History feature is now available to all clients
Added a "Remove Unused" which will supply a calendar choice. Policies not matched before the date selected will be removed
Policies with schedules will now be highlighted with a calendar icon in the Policy Action column on the main Policies page
To improve clarity, Policy Status will only be displayed if the policy is a permit with Ringfencing or a deny.
The Computer Check-In tab now has a refresh button
Added the ability for users to select parent groups from the policy level dropdown and move policies to different organizations
Advanced Unified Audit settings now allow for muliples of certain Field choices
A warning has been added to the Computer Proxy Settings to alert users that disabling the setting will prevent communication with ThreatLocker
Proxy Settings are now known as ThreatLocker Relay Server settings
Mac computers incorrectly installed into a Windows group are now able to be moved out of that group
Storage Policies will now include a creation data
Storage Policy creation will now default to permanent
Automatic emails will be sent from billing.threatlocker.com when a card is declined during the Pay Now process
Added information to the System Audit, including who ended a Maintenance Mode if it was ended manually
We have updated the UI for Elevation to a slider to simplify the addition of Elevation time without the need to calculate time zone differences
Improved application visibility so that applications in grandchild organizations can be seen in parent organizations
Added Network Control policy options for Communication Protocols that includes TCP/UDP, TCP, and UDP. Policies will default to TCP/UDP
On the computers page, we have added a flag for any computer that needs to reboot
Throughout the portal, in any text input field, examples and directions will be italicized, and pre-filled data will not
Any portal activity that includes a change to the system like create, update, edit, delete, approve, etc. will now automatically refresh the page when the action is committed
Improved the Open Testing Environment button to include a check that prevents administrators from calling a new testing environment quickly and repeatedly
Improved the 403 error handling when a user's login token expires
In the Application Policies sidebar, if a policy is not attached to an application, "Not Found" will be displayed instead
Resolved an issue where, when moving a computer between organizations, the tags from the first organization would also be moved
Improved the logging in the System Audit of changes to Roles, including reads, modifies, deletes, and creates
Added the ability to create a policy at the same time when creating an application
Approval Center columns are now sortable
Improved and optimized the way table data is processed from various ThreatLocker databases
Improvements to data validation on ThreatLocker Ops Policy fields to ensure policies are written properly
Health Center Alerts are now displayed in a grid and are sortable
Added Approval Center filters on each column
Added an Operating System filter to the Application Control Page to limit views to Windows, Mac, or All
Removed the option to use unsigned certificates within an Approval Request
Added a new Front Page to highlight our new Beta Portal
The timeout for the Reports Page has been increased to 10 minutes to accommodate large report generation
Added an option to create an Application Policy as a new Application is being created
Added information to the SAML integration page to simplify setup
Improved the logging in the System Audit of changes to Roles, including reads, modifies, deletes, and creates
Throughout the portal, in a text input field, examples and directions will be italicized, and pre-filled data will not
Updated the Application Slideout option to improve clarity; "Kill Processes" is now "Kill Running Processes"
UI improvements to the Storage Policies sidebar, the Network Control Policies Slideout, and the Applications and Application Policies Slideout
UI Improvements to simplify the addition conditions for custom rules in the Applications Slideout and the Approval Center
UI on save buttons has been simplified and updated,
In the Application Policies sidebar, if a policy is not attached to an application, "Not Found" will be displayed instead of the policy
Improved the 403 error handling when a user token expires
Throughout the portal, the Log to Audit will be enabled by default and will not be available if the administrator selects "Deny" or "Ringfence"
Any page activity that includes a change to the system, like create, update, edit, delete, approve, etc., will now automatically refresh the page when the action is committed to the portal
In the Approval Request Slideout, the default will adjust to New Install if the file does not match a built-in or an existing application
Users with access to our new Health Center will be directed there on login. Users without access to the new Health Center will be directed to the Organizations page on login.
Throughout the portal, positive actions will be on the right (save, update, create, etc.)
Mac computers will now have the option to ignore chosen paths during baseline
From the Unified Audit, links to the associated policy will be included in the information sidebar
Sidebars are no longer dismissible when clicking outside the sidebar, stopping users from losing data without committing the changes
When Elevation and Ringfencing are not selected in the Modules option on the Organization page, the features related to these will be deactivated
Updated the UI for Elevation to a slider to simplify the addition of Elevation time without the need to calculate time zone differences
SMS will now include an agreement to receive messaging from ThreatLocker
Improved application visibility so that applications in grandchild orgs can be seen in parent organizations
Help Desk Emails have been reduced and will now only send when a ticket is opened, changed to In Progress, changed to Customer Input Required, when a comment is logged, or when it is marked resolved

Bugs and Fixes

Resolved an issue that stopped file history from loading properly on both the portal and beta portal
Resolved an issue where the Policy ID was not visible in Storage Control policies
Resolved an issue that prevented administrators from creating a Storage Control policy
Resolved an issue where ThreatLocker Suggested Policies were showing Windows options for Mac machines
Resolved an issue with the Add to Application function from the Unified Audit
Resolved an issue with automated emails related to the password reset process
Resolved an issue with the pagination on Ringfencing entries
Resolved an issue where Automatic was included in options for Application Maintenance Modes
Resolved an issue where adding a Ringfencing exception would require an edit to the exception prior to saving
Resolved an issue where exporting application definitions would include incorrect hash values due to CSV formatting
Resolved an issue where Mac and Windows policies were applied to policies incorrectly based on OS
Resolved an issue where Duo Integration settings were available without the integration enabled
Resolved an issue where the Maintenance Mode ID was hidden
Resolved an issue with the Record in Splunk setting in Application Policies
Resolved issues with the Ready to Secure and Needs Review filters
Resolved an issue where the Organization name displayed incorrectly based on the Managing Organization
Resolved an issue with the way certificates show on the Application Control page
Resolved an issue where the Promote option for a policy from the Application Control interface did not include a Global Group opiton
Resolved an issue where Computer Level policies in the Unified Audit did not show machine name
Resolved an issue where IPV4 and IPV6 values could be added to the wrong fields in Tags
Resolved an issue where Mac policies could not be copied into a Mac group
Resolved an issue where creating a group might not have default settings included
Resolved an issue with non-existent organizations showing in the Move Computers drop-down
Resolved an issue where the "Include Child Organizations" checkbox would not show as expected
Resolved an issue on the Computer Page where the Isolate/Lockout required 8.1. The required version is 8.2
Resolved an issue with the TheatLocker Service Restart message to improve clarity
Resolved an issue where Super Administrators could update from the "Update ThreatLocker Version (ALL)" option
Resolved an issue where an endpoint could go into Learning or Installation mode without selecting an application or hierarchy level, causing it to not learn as intended
Resolved an issue where adding a long text exclusion to a Ringfenced policy would parse the exclusion into different unique exclusions
Resolved an issue with Application Control where editing a policy would cause a 500 error
Resolved an issue with a redirect for users with expired trials
Resolved an issue with trailing spaces at the beginning and end of Ringfencing exclusions
Resolved an issue where the default deny policy would not update on save as expected
Resolved an issue with the Unified Audit when searching for simulated denies
Resolved an issue where https logs included a non-encrypted flag incorrectly
Resolved an issue with Ringfencing Powershell which would auto-populate more data than required
Resolved an issue with Silent Elevation missing from options in the Approvals page
Resolved an issue that allowed edit and move computer options at the Global level
Resolved an issue with Storage Control and auto-populating the same file multiple time
Resolved an error that occurred when changing policy level on existing policies
Resolved an issue some customers experienced when creating MAC Application Policies where built-ins would fail to load
Resolved an issue where deleting application definitions was not working as intended
Resolved an issue that prevented administrators from creating a Storage Control policy
Resolved an issue where the Policy ID was not visible in Storage Control policies
Resolved a 400 error with Add to Application
Resolved an issue preventing Mac Policies from being disabled
Resolved a 400 error when moving certain computers into Learning Mode
Resolved an issue with the Operating System filter, which failed to include all endpoints
Resolved an issue with a missing hardcoded character when setting up ThreatLocker Relay settings
Resolved an issue with lowercase serial numbers in Storage Control policies
Resolved a filter issue between "Computers in Monitor Only" and "Mode and Computers in Secured Mode" on the Unified Audit
Resolved an issue with Elevation that prevented the addition of Elevation during policy creation
Resolved an issue where the Ignore Request button was showing in Unified Audit sidebars
Resolved a 400 error when creating a new ThreatLocker Ops policy
Resolved an issue related to Cyber Heros having access to approve requests without 'Full Control' set on ThreatLocker Access
Resolved an issue with Mac Applications where "No Existing Policies" would display incorrectly
Resolved an issue with the Health Center that prevented the log resolving an issue in the System Audit
Resolved an issue with the View Approval button in the Cyber Hero Management Approvals Processed report
Resolved an issue with the Save Search feature in the Unified Audit which prevented administrators from saving a search
Resolved an issue with missing view for FireFox extensions in the View on System Lookup in the Approval Center
Resolved an issue with Tags where deleting all tags would give a 400 error
Resolved an issue with a 500 error sending more information than necessary
Resolved an issue where permanent elevation applied to a permanent policy would still create two separate policies
Resolved an issue showing MFA options on login without those settings being enabled
Resolved an issue with the order of filtering in the Unified Audit column and Pending status
Resolved an issue in Administrator settings that allowed users to select multiple MFA options
Resolved an issue where files matching by SHA would not show in the Matching Applications section of the Approvals window
Resolved an issue with Cyber Hero Management settings which forced clients to enter instructions when adding an email address
Resolved an issue with Global Policies notification that a policy for that application already exists
Resolved an issue with SAML interacting with Duo as a MFA
Resolved an issue that prevented file history from loading properly on both the portal and beta portal
Solved an issue in the Unified Audit related to timeouts by removing the Computer Groups filter from the Advanced Search Options
Resolved an issue with newly created administrators who were forced to use Duo Authentication when Duo was not enabled
Resolved an issue with the Help Desk related to uploading a file or attachment to a ticket
Resolved an issue in Computer Groups Settings where users could not select None on Create Policies on Baseline Upload
Improved search options in the Unified Audit to include that searching by Username no longer requires Domain
Resolved an issue with Application Control that prohibited Elevation and Ringfencing during policy creation even with those Modules enabled
Resolved an issue with Unified Audit advanced search filters not working as intended
Resolved an issue with Application Control where Created By would incorrectly display as <SYSTEM>
Resolved an issue where the Trial Expiration bar was not showing as intended
Resolved an issue in the Portal where policies for one organization would show in another organization as administrators went between organizations
Resolved an issue on the Computers Page where Parent Level applications were not visible in the Maintenance Mode drop-down
Resolved an issue where a small amount of Network Control Policies sometimes lost the ability to be updated
Resolved an issue that allowed computers with different operating systems to move into the same groups
Resolved an error in the Help Desk that caused the Ticket History to not populate as intended
Resolved an issue with Create New Applications where the Add to Policy option would not pre-populate all expected fields
Resolved an issue in the Help Desk where Chat Summaries were not being included in the ticket history once the chat closed
Resolved an issue where Elevation Policies were not ordered correctly on creation, causing the Elevation policy to be ignored
Resolved an issue with the application policy expiration setting that did not allow for permanent elevation once set at a lesser amount
Resolved an issue with the Switch to Portal and Switch to Beta links in the Portal
Resolved an issue with Storage Control and Authorization Hosts where Applies To level was not being applied as intended
Resolved an issue where the network policy count would not update when a network policy was deleted
Resolved an issue allowing administrators to select all built-in apps when creating/editing a policy
Resolved an issue where Child Organization Applications would not show permitted policies
Resolved an issue when trying to update ALL computer groups and we now exclude Mac groups from that update process
Resolved an issue with newly created administrators and their roles not applying to their account immediately
Resolved an issue when a child org level application is moved up to the parent level, the permitted policies are in place for that application were not visible
Resolved an issue allowing child level organizations to log in to the portal when the parent level had an expired trial period
Resolved an issue where the Deploy Policies button did not turn red when a Policy was updated
Resolved an issue with Grandchild organizations not generating the correct Authorization Key
Resolved an issue with the installation script which was not including the correct instance when downloaded
Resolved an issue where group level Cyber Hero Instructions were not available
Resolved an issue in the Help Desk where the Closed Tickets popup would populate without including the closed tickets to review
Resolved an issue where selecting items and then changing policy level would not de-select those checked items
Resolved an issue causing approvals in the Approval Center to appear out of order based on time
Resolved an issue with the Health Center that prevented the log resolving an issue in the System Audit
Resolved an issue that allowed clients add rules in process path for Microsoft Edge or Chrome
Resolved an issue with the Group By filter in the Unified Audit
Resolved an issue with Elevation that was creating a second policy unnecessarily

10/10/2023: Released to legacybeta.threatlocker.com

Improvements

Invoice Statements will now include a Payment Status that reflects the current status of each invoice listed on the statement
On the payments page, the Total Amount Due has been updated to reflect refunds

Bugs and Fixes

Resolved an issue with invoices marked Paid even after a failed payment had been processed
Resolved an issue where newly invited users were not added to their group or organization

10/9/2023: Released to beta.threatlocker.com

Improvements

Moved the Action Type column in between the Details and Policy Action columns
In the Unified Audit, wildcards (*) can be used in the Details/Paths fields. A tooltip now highlights this change
In the Unified Audit Advanced Search options, positives will be grouped together with an "Or" and negatives will be grouped together with an "And"
In the Unified Audit, if a non-approved ( ! | <> %” ) special character is recognized, an error message will appear
When a policy is set to Deny, the option to "Log to Audit" will not be available to configure. All Deny actions will be logged
When adding a new email to the Cyber Hero Management Escalation, the default instructions will apply if that field is left blank
Added a button to allow a policy to be created when creating an application
We've added Tags to ThreatLocker Ops
Our Azure Integration has been updated to allow .us sign-ins. This was a critical change to support GCC High Government Azure Tenant use
Nested groups and Sync option are now available in the Azure integration

Bugs and Fixes

Resolved an issue with conflicting data on login tokens related to API loops
Resolved an issue where Network Control Policy Tags were not sending correct data
Resolved an issue where, during an Approval Request, the Hash was not automatically added to an Application Definition when approved via a Maintenance Mode
Resolved an issue with Network Control Policies causing a 400 error
Resolved an issue in the Health Center which was causing timeouts on the Remote Management widget
Resolved an issue with SAML related to the SAML redirect
Resolved an issue with pagination on the Approval Center
Resolved an issue causing Client instructions to be hidden in the Approval Request details
Resolved an issue causing users to be logged out if they attempted to manage an organization without permissions
Resolved an issue in the Unified Audit Advanced Search which would fail to clear previous selections when starting a new search sequence
Resolved an issue where the Network Control System Audit logs did not include the policy level
Resolved an issue with the Copy Policies button related to excessive concurrent clicking
Resolved an issue causing users to be logged out when their permissions are changed. Sessions are only expired when the password is modified
Resolved an issue with the UI for the Help Desk and overflowing components
Resolved an issue where ThreatLocker Ops was not displaying correct information when the policy name field is null
Resolved an issue allowing browser extensions requests to include Elevation
Resolved an issue with the visibility of reports that contain over 30 columns

10/9/2023: Released to legacybeta.threatlocker.com

Improvements

Invoice Statements will now include a Payment Status that reflects the current status of each invoice listed on the statement
On the payments page, the Total Amount Due has been updated to reflect refunds

Bugs and Fixes

Resolved an issue with invoices marked Paid even after a failed payment had been processed

9/19/2023: Released to beta.threatlocker.com

Improvements

ThreatLocker Ops is now available for Clients

Bugs and Fixes

Resolved an issue with Facebook information on the beta homepage

9/15/2023: Released to beta.threatlocker.com

Improvements

Input directions are now displayed as italicized text
On the Application Control Page, policies can now be viewed by Built-ins, My Apps, or All
When an Approval Request matches a ThreatLocker Built-In Application, the option to open the Testing Environment will be less prominent but still available
UI Improvements to the Application Policy Slideouts
UI Improvements to the Unified Audit to improve the look and flow of information
Password Reset Emails will now come from noreply@threatlocker.com
In the Computers and Computer Groups Slide out, we have moved Tray Branding into a separate tab along the top
Included a "Reset Password" button on the update admin Slide out.
In Application Policies, Custom Rules (legacy feature) within Ringfencing will now only show for partners who are currently using a custom rule. Tags are now a separate field
When Elevation and Ringfencing are not selected in the Modules option on the Organization page, the features related to these will be deactivated
New Application Requests are now checked against multiple variables before creating a new policy, including Ringfencing and Policy Expiration
The Unified Audit timeout is now 5 minutes rather than 2
Added an end-user notification when an approval request results in the file being added to an existing application
Prospective partners will need to participate in a Demo prior to logging into the portal and beginning a trial
The Check-In History feature is now available to all clients
In the Unified Audit Advanced Search options, positives will be grouped together with an "Or" and negatives will be grouped together with an "And"
From the Organization's page, clicking anywhere in the organization table will open that organization in a new tab to manage. The settings icon will now open the settings sidebar
In the Unified Audit, the hostname will now automatically fill available hostnames based on the managed organization, including child organizations if that parameter is selected
The Create and Edit Password buttons now include the option to use SAML
Tooltip added to the Restart Service option with an explanation of available options
On the Computer's page, clicking the ThreatLocker Version will now open the Version dialog
Added the Maintenance Settings button to all Learning Modes on the Computer's Page
All Partners will now have access to the Check-In History, viewable on the Computer's Page

Bugs and Fixes

Resolved an issue with Facebook information on the beta homepage
Network Control Policies will now be grouped by source and destination locations
Resolved an issue that caused internet exclusions to not apply to policies immediately
Resolved an issue where updating a network control policy name would cause an error
Resolved an issue which prevented users from logging based on their instance
Resolved an issue with the visibility of "Trial Not Started"
Resolved an issue where the Deploy Policies button did not turn red when a Policy was updated
Resolved an issue where updating a network control policy name would cause an error
Resolved an issue on the Computers page where sorting by any column would reset the page size to 25
Resolved an issue with Maintenance History that would not include all data when viewing a child account from a parent account
Resolved an issue with the Unified Audit searching where opening an advanced search option but not including any options would cause an error
Resolved an issue with new Network Control Policies that would not properly update
Resolved an issue with the View Check In times
Resolved an issue with the way expiration polices populate based on existing/non-existing permit/deny policies
Resolved issue with Never Expire elevation policies showing incorrect elevation expiration date/time
Resolved an issue related to exporting large quantities of Unified Audit logs
Resolved an issue related to visibility and switching between pages in Network Control
Resolved an API issue with OS type which caused errors on Network Control
Resolved an issue causing users to not enter Certificate SHA values to an application in the Unified Audit
Resolved an issue with the option to copy Application policies from one child organization to another
Resolved an issue with the option to copy policies from one child organization to another
Resolved an issue causing approvals in the Approval Center to appear out of order based on time
Resolved an issue were a domain could be reused in multiple different organizations
Resolved an issue related to updating the information of a newly added administrator
Resolved an issue with the count of permitted policies
Resolved an issue where the Logon Scripts buttons were not functioning as expected
Resolved an issue with the Created By field not populating as expected

9/13/2023: Released to legacybeta.threatlocker.com

Improvements

All unique quotes will now generate a unique invoice. Appending a quote will also generate a unique invoice to reflect the changes.
Mac versions 2.1 or higher will not learn ThreatLocker Hash and only use SHA256
For Mac OS, Built-In applications will be applied during automatic learning
Organization owners will now see their managed organizations at the top of quotes and invoices
Private IP addresses are now visible in the portal on the computer's page
Site Mapping has been added to the ConnectWise Integration
Custom Rules for Google Chrome have been removed from the Rules Engine and will now only include hashes
Clients with overdue invoices will now receive an email with the information to avoid service interruptions
Threat level and Event Occurrence functionality are now included in ThreatLocker Ops

Bugs and Fixes

Resolved an issue with MAC baselining that allowed it to learn a file that was already denied by a standing policy
When creating groups, we will now check for existing policies prior to creating new policies

8/29/2023: Released to beta.threatlocker.com

New Features

Improvements

UI usability improvements to the Storage Policy sidebar
Improved the Move Computer function so that the learning schedule starts a day before the current date/time when enabling learning and rescan baseline
Changed requirements of new clients who sign up for a trial. They will now be required to attend a demonstration prior to logging in
Updated the visibility of Built-In Deny Policies on the Applications page
Updated several areas of the portal to be consistent across the platform
Included an option to open a new tab with a right-click

Bugs and Fixes

Resolved an issue where creating a storage policy with a path that ends with a wild card will add an additional “\*” to the file path
Resolved an issue where Duo MFA users' Log In activity was not logged in the System Audit
Resolved an issue in the Unified Audit where the Policy Last Match parameter was not populating results as expected
Resolved some discrepancies in language throughout the portal
Resolved an issue during a change of password that left the active token open for longer than expected
Resolved an issue causing a multi-select to clear when clicking outside of the multi-select options
Resolved a flickering that happened when hovering over the Refresh button on the Computers page
Resolved an issue with the Change Password button visibility and SSO options
Resolved an issue preventing child administrators from populating as a primary contact on a support ticket
Resolved an issue were a domain could be reused in multiple different organizations
Resolved an issue with the count of permitted policies
Resolved an issue where starting a trial would send an email to clients but not start the trial
Resolved an issue with saving Network Control policies
Resolved an issue with Trial start dates populating in the portal
Resolved an issue with the Copy Policy function where not all policies would copy

8/23/2023: Released to beta.threatlocker.com

New Features

Improvements to the Approval Center including clarification of language and simplification of the UI
Added the ability to notify the requestor of a denied request in the Approval Center

Improvments

Added the numeric value for a time zone in front of the time zone name
Changed font throughout the portal to improve readability
Password will now be cleared when the cancel button is pressed
Improved the Organizations side-bar to hide category levels if they are empty
Added an automatic refresh on the Add to Application window
Added a Deal Registration check prior to opening a trial for new users

Bugs and Fixes

Resolved an issue where the extension store links were not populating when approving an extension
Resolved timeout issues related to the Policy Count
Resolved an issue where "Adding to Application" instead showed "Approved" in the Approval Center
Resolved an issue where adding an exclusion to a Ringfencing policy for a child organization from the parent organization would cause a 400 error
Resolved an issue where a File's PID was added to the Add to Applicaiton Custom Rule list incorrectly
Resolved an issue with the count of permitted policies
Resolved an issue where the Logon Scripts buttons were not functioning as expected
Resolved an issue with SSO where users were not able to complete the process using Microsoft credentials
Resolved an issue where ignored approvals would show incorrect data
Resolved an issue where users were unable to pull Unified Audit logs when searching by "Created By"
Resolved an issue where users were unable to move a computer from the "Removed Computers" group into a Mac group
Resolved an issue with the HelpDesk comments section
Resolved an issue with Mac applications not deleting policies as intended
Resolved an issue causing the Organization Panel to not show alphabetically
Resolved an issue using non- ISO Latin alphabet in the unified audit
Resolved an issue that was causing an error when users were singing in with OTC and SSO
Resolved an issue that would not allow the created email on trial sign up to be sent
Resolved an issue that created duplicate computer groups
Resolved an issue with the count of permitted policies
Resolved an issue that was stopping new users from logging in after account creation
Resolved an issue with the Permitted Computers count on the Applications page
Resolved an issue with the page layout of Reports
Resolved an issue where already merged applications were showing when viewing "Include Hidden"
Resolved an issue with Organization-specific user roles when in the Mobile App
Resolved an issue with Approval Requests and Elevation and adding RingFencing, where partners were unable to add Elevation after they added RingFencing

08/18/2023: Released to legacybeta.threatlocker.com

New Features

Added Learning Mode (Hash Only) to the MAC
Site Mapping has been added to the ConnectWise Integration

Improvments

When creating groups, we will now check for existing policies prior to creating new policies

Bugs and Fixes

Resolved an issue with MAC baselining that allowed it to learn a file that was already denied by an existing policy

8/11/2023: Released to beta.threatlocker.com

Bugs and Fixes

Resolved an issue with Mac applications not deleting policies as intended
Resolved an issue with Network Control and policy application
Resolved an issue with AD Sync where policies were not applying as intended
Resolved an issue with a slow audit loading
Resolved an issue using non- ISO Latin alphabet in the unified audit
Resolved an issue with logos provided by UpLead. They are no longer available
Resolved an issue with the landing page for anyone with an expired trial
Resolved an issue with the ITAR Compliance setting
Resolved an issue where if you have an application attached to 2 or more policies, deleting the app would only remove one of the policies
Resolved an issue with collecting transcripts from LiveChat

8/9/2023: Released to beta.threatlocker.com

Bugs and Fixes

Resolved an issue with Options in the searching in the View/Edit sidebar
Resolved an issue with logos provided by UpLead. They are no longer available
Resolved an issue with the landing page for anyone with an expired trial
Resolved an issue by improving portal accessibility
Resolved an issue with Configuration Manager that would not allow a character count over 400 in the text message area
Resolved an issue that was causing duplicate entries in the Application Request sidebar
Resolved an issue with the permissions related to sharing policies in ThreatLocker Community
Resolved an issue caused by a failed login attempt not clearing the mfa field
Resolved an issue with the Threat Level in ThreatLocker Ops not resetting properly
Resolved an issue where moving a computer to a new organization would not trigger a rebuild on the applications database
Resolved an issue where the Unified Audit was showing in UTC and not local time
Resolved an issue with the count of permitted policies
Resolved an issue with geolocation data and null values
Resolved an issue with Network Control that allowed improper data to be added to a variety of fields
Resolved an issue that was stopping new users from logging in after account creation
Resolved an issue with the Permitted Computers count on the Applications page
Resolved an issue that threw a 500 error in the Permit Applications page
Resolved an issue with the Created By field not populating as expected
Resolved an issue with ThreatLocker Storage and Tamper Protection settings
Resolved an issue with RingFencing Read/Write options not populating when opened from the Unified Audit
Resolved an issue with the ITAR Compliance setting
Resolved an issue that was causing users to be logged out if a non-assigned organization was clicked
Resolved an issue with the deletion of User Roles at the Organization level
Resolved an issue with the Built-In application process
Resolved an issue with the Health Center RMM counts

Improvements

Added Community and ThreatLocker Ops to organizations with a demo status
Added a permission level for individual child (and grandchild) organizations

New Features

ThreatLocker has partnered with WhatFix, a digital adoption solution, to bring you on-screen support and insight within our new portal
Added the ability to sort by columns in the Help Desk

8/4/2023: Released to beta.threatlocker.com

Bugs and Fixes

Resolved an issue with Options in the searching in the View/Edit sidebar
Resolved an issue with how information in the Unified Audit displays within the bounds of the screen
Resolved an issue with the escalation of an Approval Request that never loaded properly
Resolved an issue with foreign characters and how they are processed by the search system
Resolved an issue with a delay in a new Tag populating in the portal
Resolved an issue with foreign characters and how they are processed by the search system
Resolved issues with View on Chrome Store and View on Edge Store buttons in the Permit Application sidebar
Resolved an issue with allowing Deny All/Permit All policies and Mac
Resolved an issue related to the login screen and which was based on permissions level
Resolved an issue with the number of users that populate in the User Roles page
Resolved slow load times for the Permit Application sidebar
Resolved an unnecessary error message that populated when removing products
Resolved an issue that was not transferring the date into the linked fields
Resolved an issue that hid parent groups from administrators and stopped administrators from selecting parent policies
Resolved an issue in Storage Control that was preventing auto-population of processes
Resolved an issue that showed Ringfencing as an option for Mac policies
Resolved an issue with the page layout of Reports
Resolved an issue with Community policy voting
Resolved an issue causing a 500 error in ThreatLocker Ops policy creation
Resolved an issue with the Exceptions in Ringfencing populating ports after IP addresses
Resolved an issue with Parent Organizations not being able to collect data in Child Organizations
Resolved an issue with the HelpDesk comments section
Resolved an issue with the ThreatLocker version
Resolved an issue with the Application Control CSV exports
Resolved an issue with the visibility of Built-In tags
Resolved an issue in the HelpDesk with who can be added as an administrator to a ticket, based on Organization level
Resolved an issue causing slowness in the Unified Audit
Resolved an issue where the portal check-in timer could be set lower than 8 seconds
Resolved an issue with the search feature on the Organizations page

New Features

Computer Audit Report and Event Logon Report, based on Configuration Manager policies, are now both available on the Reports Page

7/28/2023: Released to legacybeta.threatlocker.com

Bugs and Fixes

Resolved an issue with MAC and Network Control deny all policies
Resolved an issue with the Microsoft Office Built-In policy

Improvements

Improvements to the allowed variable to the Isolate feature in ThreatLocker Ops

7/28/2023: Released to beta.threatlocker.com

Bugs and Fixes

Resolved an issue with visibility of application parameters in the sidebar
Resolved several issues with SMS including not allowing users to validate an OTC without first entering a pin number
Resolved an issue where selecting Use Parent Settings in Cyber Hero Management would not save
Resolved an issue where selecting Use Parent Settings in Cyber Hero Management would not save
Resolved an issue in the Unified Audit where certain deny logs would throw a 500 error
Resolved an issue where newly created administrators would not be able to log in
Resolved an issue with the downloaded logs from the Unified Audit
Resolved an issue with Network Control where updates to Destination Location and Destination Port were not functioning as expected
Resolved and improved the warning message when updating all computer groups when MAC groups are included
Resolved an issue with unexpected trial expirations
Resolved an issue with the way seat counts are displayed
Resolved an issue in the Storage Policy sidebar to allow for the removal of a policy expiration
Resolved an issue where all green denies were also showing Monitor Mode incorrectly
Resolved an issue with the ITAR Compliance setting
Resolved an issue that was causing users to be logged out if a non-assigned organization was clicked
Resolved several issues on the Computers page related to filtering
Resolved an issue with the published invoice date
Resolved an issue where parent applications would not be visible in child organizations
Resolved an issue where existing users in chat were showing as Visitor
Resolved an issue with deleting a parent application when the application is also in a child organization

Improvements

Release version is now viewable on the login page and in the lower left corner of the screen when logged in
Organizations and sub organizations are now presented alphabetically
Improved the language in the popup after adding a file in the Create/Add Application sidebar
Improved the default zoom amount on the Health Center
In the Unified Audit, column widths can be customized by dragging the header to the desired width
From the Unified Audit, you can now click on the hostname and open up the Computer's sidebar

New Features

Added Ticket Status to the client view of HelpDesk tickets
Added a pre-chat form to LiveChat to collect user information
In Network Control, the new policy sidebar now includes a sample of pre-defined built-in ports
Added the 'Inherited from group' information on the Computers Page
Added a permission level for individual child (and grandchild) organizations
Microsoft 365 SSO is now available on the Sign-In Page

7/24/2023: Released to beta.threatlocker.com

Bugs and Fixes

Resolved an issue with MFA SMS that caused users to get logged out if they use a password instead
Resolved and improved the warning message when updating all computer groups when MAC groups are included
Resolved an issue where the tray notifications were not initializing on a new deny policy
Resolved an issue with Super Admin - Child and permissions with the Organization Navigation Panel
Resolved an issue with the Reports Page loading all results in UTC and not local time
Resolved an issue with creating a new ThreatLocker admin account and an OTC/MFA redirect
Resolved an issue with PKG files and nonmatching group keys in the file name
Resolved an issue with the Stub Installer and the associated instance
Resolved an issue that stopped newly created computer groups from adding options
Resolved an issue that caused a user to be logged out when viewing Built-In Applications
Resolved an issue with RingFencing Read/Write options not populating when opened from the Unified
Resolved an issue that was causing users to be logged out if a non-assigned organization was clicked Audit
Resolved an issue with the pre-populated start and end times in a Unified Audit search
Resolved an issue where adding a user role would cause the role to be added to all organizations and not the individual organization selected
Resolved an error that was caused by editing and then reediting email addresses
Resolved an issue with excessive emails generated from Help Desk LiveChats
Resolved an issue in the Unified Audit where a trailing space caused a search to fail
Resolved an issue with a validation issue connected to password resets and administrator levels

Improvements

Improved the View/Edit Computer Popup, including showing the last check-in date/time
Improved our Help Desk LiveChat to include a longer chat history. Chat history will now be removed when closing a chat or on closing the browser
Increased the character limit for Group Process Exclusions
We've added Policy ID to the ThreatLocker Ops sidebar to simplify the management of policies by the ID number
Improvements to UI elements for usability and visibility
Changes to Quotes, including: Business address field, the option to upload a resale certificate, added an expired resale certificate

New Features

The release version that is installed will be viewable on the portal log-in screen as well as at the bottom of the navigation menu when logged in
ThreatLocker has partnered with WhatFix, a digital adoption solution, to bring you on-screen support and insight within our new portal
ThreatLocker Access settings are now found under the Help Desk dropdown in the upper right corner of the screen
Added a Network Control Challenge Setting
The Unified Audit now has a Save Search option
SAML integration option has been added to the Integrations page
Added the ability to upload a sales tax resale certificate
We added an option inside the notification email to approve or deny an Approval Request when Cyber Hero Management needs more information

7/20/2023: Released to legacybeta.threatlocker.com

Bugs and Fixes

Resolved an API issue in which MAC computers failed to download built-in applications
Resolved an issue with the Azure Integration to ensure all available groups for a tenant are shown

Improvments

Improved Health Center alerting capabilities

New Features

Added SHA256 and Monitor PowerShell to the Options tab for customer use

6/28/2023: released to legacybeta.threatlocker.com

Bugs and Fixes

Resolved an issue with Threat level and Event Occurrence functionality in ThreatLocker Ops

6/23/2023: released to legacybeta.threatlocker.com

Bugs and Fixed

Resolved an issue with creating a Child Organization via deployment script
Resolved an issue with MAC policy status visibility on the Policy page
Resolved an issue with Network Control and null objects or tags
Resolved an issue with processing double wildcard "**" entries
Resolved an issue with the ThreatLocker Testing Environment and abandoned sessions

Improvements

Improved the processing of geolocation data

New Features

Threat level and Event Occurrence functionality are now included in ThreatLocker Ops

6/14/2023: released to legacybeta.threatlocker.com

Bugs and Fixes

Resolved an issue with the removal of an administrator
Resolved an issue where a permitted MAC file was logged in the wrong application
Resolved an issue with permissions on Read Only accounts
Resolved an issue where moving Ringfencing exclusions from the individual machine level to the entire organization level would not carry exclusions to the new level
Resolved an issue with computer-level policies not including policy order when learning
Resolved an issue where the Computer Count was not showing the correct organization
Resolved an issue with Datto RMM integration and the RMM Zone on the Integration Settings tab
Resolved an issue with V6 processing and ringfencing which caused duplicate extensions
Resolved an issue where the Stub installer would not download from Deployment Center when using the Safari browser
Resolved an issue where Network Control was unexpectedly blocking a small amount of internet shares
Resolved an issue where some Network Control policies would not delete
Resolved an issue with consecutive invoices not transferring all data from the old invoice to the new invoice

Improvements

Improved the 'Manage Engine Rule' permission to include user roles under the master permissions menu
Improved the integration with ConnectWise Manage so that grandchild organizations can now be referenced and mapped
Added custom security policy headers
Improved Ringfencing options in the Approval Center. Selecting PowerShell now includes PowerShell Version 7 (Built-In) and selecting RegSRV now includes Windows CScript (Built-In) and Windows WScript.exe (Built-In)
Improved the Learning Mode for MAC to only learn files that hit the default deny policy
Added a new, secondary Network Control challenge specific to Objects and a designated port for this challenge
Added the Built-In Application Merge function to MAC applications
Added Learning Mode (Hash Only) to the Mac Agent
Added the automatic implementation of core MAC applications
Improved the way SMS messages are sent. If you are in the US, UK, or Canada, SMS Messages are sent from a short code. Outside of these countries messages will be sent from “TL Auth”. For countries that do not support receiving messages from Alphanumeric, the countries will need to be specified and they will receive messages from the full phone number.

6/13/2023: Released to beta.threatlocker.com

Bugs and Fixes

Resolved an issue where Deleted Groups would still be viewable in the dropdown on the Application Control page
Resolved an issue where the Suggested Policies for Configuration Manager
Resolved an issue with the Escalate to MSP button
Resolved an issue with the Computers Page where an incorrect Organization would populate in the dropdown
Resolved an issue which allowed users to spam the Generate button on the Reports page and cause duplicate entries.
Resolved an issue in Beta2 regarding a Super Admin Parent permissions setting

Improvements

Updates to the New/Edit Tags sidebar UI
Added button interactions to the email generated by a Cyber Hero that is unable to process an Approval Request based on rules provided by the Organization
Updated the Network Control 'New' and 'Edit' UI popups
Improved the 'View Check-in History' interactions and pagination
Tags are now available in the new portal
Added a second permission/validation check by Organization
Added the ability to customize the email recieved from the Approval Center
Updates to the Edit Computer page UI
UI improvement to Login Settings popup
UI improvements to the Login Settings
Updates to the Roles page UI
Updated Network Control UI to match the new portal
Updates to the Integrations page UI

New Features

ThreatLocker Protect is now available in the Modules dropdown, and includes Ringfencing, Default Deny, our Platform, and Network Control

6/6/2023 : Released to beta.threatlocker.com

Bugs and Fixes

Resolved an issue with OTC MFA which forced a reset when editing the user's information
Resolved an issue with the link generated and sent when creating a helpdesk ticket
Resolved issues with visibility of historical messages and hidden messages in helpdesk
Some legacy portal links now begin to redirect to the new portal
Resolved an issue with the Multiselect feature on the Approvals page, the Unified Audit page, the Application Control page, and the Network Control page
Resolved several issues with the UI on the Storage Policies page
Resolved an issue with some storage policy edits not updating
Resolved an issue with some storage policies not deploying

6/2/2023 : Released to legacybeta.threatlocker.com

Bugs and Fixes

Resolved an issue with permissions on Read Only accounts
Resolved an issue where the Computer Count was not showing the correct organization
Resolved an issue where the Stub installer would not download from Deployment Center when using the Safari browser
Resolved an issue with computer-level policies not including policy order when learning
Resolved an issue where Network Control was unexpectedly blocking a small amount of internet shares
Resolved an issue with V6 processing and ringfencing which caused duplicate extensions
Resolved an issue with Datto RMM integration and the RMM Zone on the Integration Settings tab
Resolved an issue with how license counts are populated
Resolved an issue where moving Ringfencing exclusions from the individual machine level to the entire organization level would not carry exclusions to the new level
Resolved an issue where a permitted MAC file was logged in the wrong application
Resolved a known issue with the Monitor PowerShell and SHA256 options in the options tab
Resolved an issue where moving Ringfencing exclusions from the individual machine level to the entire organization level would not carry exclusions to the new level

Improvements

Improved the 'Manage Engine Rule' permission to include user roles under the master permissions menu
Improved the integration with ConnectWise Manage so that grandchild organizations can now be referenced and mapped
Added and improved our custom security policy headers
Improved the Learning Mode for MAC to only learn files that hit the default deny policy
Improved Ringfencing options in the Approval Center. Selecting PowerShell now includes PowerShell Version 7 (Built-In) and selecting RegSRV now includes Windows CScript (Built-In) and Windows WScript.exe (Built-In)
Added custom security policy headers

5/9/2023

Bugs and Fixes

Resolved an issue in which some Child level Orgs were seeing Parent level data
Resolved an issue where endpoints learning at the computer level would hit a policy at the group level and network exclusions would not be learned to the group policy.
Resolved an issue where users who can assign roles could not see all the available options
Resolved an issue where the Baseline of a Mac was not being learned correctly when using Automatic Learning
Resolved an issue in where a policy could crash on Save when there is a large number of Ringfencing rules

Improvements

Improved the security of cookies, headers, MIME sniffing, and APIs on the portal
Improved the automatic learning of Python Software Foundation and Adobe Creative Cloud

New Features

Added Irish VAT Number to ThreatLocker Ireland Invoices

4/14/2023

Bugs and Fixes

Resolved an issue where creating a Storage Control policy would include the entire folder
Resolved an issue where the application service wasn’t reopening a closed connection
Resolved an issue where the System Audit would not log group policy information when adding a suggested policy
Resolved an issue where MAC applications were not showing on the Unified Audit
Resolved an issue with the copying of group learning duration from template organizations
Resolved an issue where adding elevation would not be recorded in the system audit.
Resolved an issue where Storage Control policies would default to the Entire Org hierarchy level
Resolved an issue where Global Orgs who accepted Suggested Ringfencing Policies from Child Orgs would not have a policy created
Resolved an issue with ignoring requests related to the enter key and typing in a new line
Resolved an issue with the password manager which was putting information in the incorrect field
Resolved an issue where securing a machine would cancel a scheduled maintenance mode
Resolved an issue where users were unable to add time to Learning (Hash Only) Mode
Resolved an issue where users would get an error message when they are logged into the portal and attempt to log in as an administrator
Resolved an issue where users could access Approval Requests in the portal after their organization had expired.
Resolved an issue where if a VDI machine timed out, the maintenance mode capture would not discard
Resolved an issue where Super-Admin-Child approval requests would not change from Pending to Approved
Resolved an issue where quotes were not populating all modules/products properly
Resolved an issue where searching by Certificate would exclude Null processes
Resolved an issue where the Process ID was missing when creating an export of the Unified Audit
Resolved an issue where reordering a Storage Control policy may cause a browser crash

New Features

Added the ability for Child Super Admin to bulk ignore approval requests
Added "Install" Action Type to Mac Agent

Improvements

Newly created computer groups will learn Computer Level policies, rather than Group Level policies
Improved processing speed and page performance pf the Organization Invoice page
Improved the process of generating random install keys
Improved the integrations of Kaseya BMS, Datto PSA and CW Manage to show Escalated to ThreatLocker in tickets
Improved proposal name of the default agreement on the Quotes page
Updated MAC Installer
Improved the Maintenance Mode popup window for MAC
Improved the process of creating Child Orgs within the databases
Users will now be able to view if an Options Tab option has been applied to their account, as well as remove the option
Improved the download process of ThreatLocker Applications versions
Memory usage in the View Check-In History page will now show in MB
If the ThreatLocker Testing Environment times out, then the capture will be discarded
Improved the ability to choose which day the CW Integration Syncs the Agreements Count

3/24/2023

Bugs and Fixes

Resolved an issue with Read Only Permissions and Tags
Resolved an issue between the database and Deploy Policies feature
Resolved an issue where the Download Installation Script sent users to the wrong instance

New Features

UI and APIs have been created for Azure integration
Created a toggle option for the automatically generated emails when a user’s approval request is not addressed.
Added the option to add branding to computer groups
Added a feature for Application services to retrieve members for Azure integration
Added HyperV functionality to the existing HyperCube feature

Improvements

Improved the automatic flagging system for application updates
Improved the URL redirect for approval requests
Added SHA256 and Monitor PowerShell options, among others, on the Computers/Computer Groups/Org Pages. See KB for more information on these options.
Improved the Copy Policies function
Improved the EventLog processes

3/21/2023

New Featrues

New User Role has been created. Now, users are able to be assigned Super Child Admin privledges for Specific Organizations. This will give super admin permissions to the specific organization for the user.

3/9/2023

Improvements

Portal link to ThreatLocker University updated to reflect new URL How to Create a ThreatLocker University Account | ThreatLocker Help Center (kb.help)

3/8/2023

Bugs and Fixes

Resolved an issue where users would not have permission to approve at Computer level even though they had permission to approve at the Entire Organization level.
Resolved an issue with VDI machines and the time to populate Virus Totals inside Risk Center.
Resolved an issue with the borders of the message box in relation to posting data from Excel.
Resolved a formatting issue on the applications page, when searching by "Full Path" Mac Applications did not populate.
Resolved an issue where users could not open the Ticket Configuration tab if they had deleted the Ticket Board within ConnectWise.

New Features

Improved the language around Storage Control Popup notifications from the tray.
The new Copy Policies button will now allow for policies to be copied between parent and child orgs, or to specific groups.
The ThreatLocker Version drop down menu will now align with the computer groups running that version and allow for selecting endpoints for the next release.

undefined

Improvements

Improved the speed at which customer data will be written into the database.
Elevation logs will now include a Permit Application and Add to Application buttons.

undefined

3/1/2023

Bugs and Fixes

Resolved an issue where the USB Activity in Selected Date Range Report failed to load older data

New Features

Users can successfully ignore/bulk ignore approval requests and include the reasoning why. This also includes an email notification with the reason to the requester.
Elevation Status property has been added to the MacPolicy class.
Users are able to select Elevation options for MAC policies.

Improvements

The ThreatLocker Updates Facebook feed is now included on the portal sign-in page.
Improved Datto PSA integration. Tickets generated in the ThreatLocker portal with a requestor email that matches the email of a contact in Datto PSA will grab the corresponding contact and place the user as the main contact on the PSA ticket.
Improved the Unified Audit filtering options by adding a ‘Simulate Denies’ check box filter to show green denies

2/23/2023

Bugs and Fixes

Resolved an issue causing the healthTLservice to install incorrectly
Resolved an issue some customer experienced where they only received Help Desk email notifications confirming ticket creation and resolution
Resolved an issue causing the Step-by-Step instructions for deploying with ConnectWise Command (formerly Continuum) to show an error message
Resolved an error in which all unhandled exceptions generated a 500 server error message
Resolved a performance issue caused by a NAC policy

Improvements

Improved the view on the Applications page to show the operating system of the application
Improved the process of confirming the start time of a maintenance schedule on the Computers page

2/16/2023

Bugs and Fixes

Resolved an issue with duplicate permit policy creation
Resolved an issue with the logging of certain fields in the Approval Request popup.
Resolved an issue with the Created By character limit
Resolved an issue with Datto RMM where companies on the deployment tab were not being integrated
Resolved an issue in which elevation actions were not updating with the policy last match
Resolved an issue with uppercase hashes being converted to lowercase
Resolved a permissions issue between clients and partners
Resolved an issue with the redirection of several locations in the Portal to Beta2

New Features

New Help and Support drop-down menu available in the left-hand navigation menu
Added MAC OS as an option to the CopyApplication function
Added feature for new organizations to access the VDI environment
Added options to the Remove Unused Policies features
Added the option to include IP ranges in a Tag (not CIDR notation)

Improvements

Improved the redirect location when users log out
Improved the Service Errors Page to include the ThreatLocker version
Improved automatic email generation when creating a ticket
Improved the support of Polish characters in the tray
Improved the dropdown menu options for modules
Improved the location of new policies that are listed as “after” to not show up after the Default-Deny policy
Improved the HelpDesk options for child organizations without Co-Managed Direct Support
Improvements to UX throughout
Improved the System Audit Log to include the approval request GUID
Changed from Twitter feed to the Facebook updates feed

2/9/2023

Bugs and Fixes

Solved an issue with the ThreatLocker Testing Environment where hitting “Discard” could sometimes recognize as “End and Capture”
Solved an issue with the ThreatLocker Testing Environment where Maintenance Mode was not working properly due to time sync issues
Solved an issue where moving a user to a new organization would not update the user’s apps database to the new organization

2/7/2023

Improvements

Improved the handling of certificates in the registration process

New Features

Added ThreatLocker Ops to the Product List Dropdown
Added Configuration Management to the Product List Dropdown

1/23/2023

Bugs and Fixes

Solved an issue that was preventing a report from populating and providing an export option
Solved an issue in which the application definitions w ere not downloading to apps.db due to being moved between hierarchy levels
Solved an issue in which searching for computers after going to the last page would not reset to the first page after completing the search
Solved an issue where information in the portal would appear skewed on small computer screens
Solved an issue where the existing approval request process was not suggesting custom rules appropriately and instead lead to a Service Connection error message
Solved an issue in which the MAC API and WebUI were not copying policies to the correct hierarchy levels
Solved an issue in which MAC Computer Groups in new organizations were being set to indefinite learning periods by default instead of 21 days.
Solved an issue in which password managers were automatically putting saved passwords into the Multifactor Authentication Field
Solved an issue with the "Enable Learning and Rescan Baseline" checkbox
Solved an issue in which non-US Administrators were able to select ITAR compliance via the Organization Settings
Solved an issue which allowed double wildcards within the User Interface
Fixed an issue with App Definitions and Hashes in which custom rules would be associated with a single hash, possibly blocking future updates
Fixed an issue within the portal that caused a customer to be charged incorrectly
Solved an issue that led to agreement quantities not updating correctly according to the data

New Features

Add Nerdio to dropdown under "Select your Deployment Method" in the deployment Center
The Mac Agent can now download hashes without needing to click Deploy Policies.
Added PutCore Support for MAC

Improvements

Removed Pending and Approved escalation options from the Approval center drop down, except in multi-level approval request options
Improved the process of verifying default computer group creation during the creation of New Organizations
Improved the WebUI and API process where a new default group and a database are created when creating a New Organization
Added an error message for users attempting to create a policy named "N/A"
Added an option to end a scheduled maintenance mode via the API
Added a "Select All" checkbox in the Unified Audit
Added Organization Name in requests from approval center and unified audit.
Added a hyperlink to Knowledge Base website back to the web portal
Improved the process for policies in which multi-application suggested policies successfully add all applications associated with them.
Added a new permission level to allow access to Organization level only, and exclude any Child Organization levels
Improved the background process and speed of creating a computer group
Added search options by ticket number and ticket subject in the Mobile Help Desk
Improved customer options on the Options tab on computer, group, and organization popups
Added functionality where newly created child organization will inherit Options from a Template organization within the parent.
Added function to add a note to modified times with Action logs in the Unified Audit
Improved the process in which the platform product will automatically be selected and cannot be disabled
Added a field in the Payment Details for Purchase Order numbers
Added function to log when the "Remove Unused Policies" button is used in the System Audit
Improved the Update Stub options to Support Proxy URLs
Improved the Debug options by removing from Computer Settings and giving exclusive access to master accounts

1/4/2023

Bugs and Fixes

Resolved an issue where specifying * (any) Path and [] (empty/null) Process shows as matching in the Permit Application popup
Resolved an issue where navigation buttons on the Storage Devices page was not correctly progressing to the next page

New Features

Added proxy configuration for computers, computer group, and organizations
Added option to hide details of folders elements for computers not running ThreatLocker
Added ability to set an expiration date on storage approvals directly from approval
User login data records now contain geolocation data for enhanced security

Improvements

Improved move computer functionality between organizations – Policies for Built-in Applications and Computer Specific Applications will now be transferred over with the move
Enhanced ITAR Compliance functionality
Increased total number of users that can be applied to a storage policy
Device names may now be modified from the Storage approval window

12/6/2022

Bugs and Fixes

Fixed matching applications by Created By Process and Certificates
Resolved an issue where Agreement Quantity and License Count values were mis-matched
Resolved an issue where the Configuration type was not displaying properly
Fixed a Permissions issue involving Maintenance Mode Popup
Fixed a Permissions issue involving Permit Application Popup
Resolved an issue where the type of approval request was not being properly displayed the header
Fixed formatting issues in Partner Resources Page.
Fixed an issue where the matching applications option was displayed despite no matches made
Revised Application Policy Popup formatting
Revised error message prompt to be displayed when attempting to save an empty Application Definition

New Features

Added enhanced security to NAC Policies and NAC Authorization Hosts

Improvements

Improved user Authorization pertaining to Help Desk ticket permissions (create, view, etc.)
Added an error message which displays when attempting to merge applications of different OS types
Improved performance on the Policies, Storage Policies, and Approvals when attempting to load Azure Directory Groups
Revised and unified language used in “Start Trial” links
Improved Deploy Policies functionality
Added support for duplicate naming of parent and child applications
Improved audit logging policies

11/28/2022

Bugs and Fixes

Resolved issue involving Password Reset Link Expiration after setting up SSO
Resolved an issue with Network Access Control where Authorization Hosts did not download when set to global
Resolved Unified Audit issue caused by time mismatch
Resolved an issue in which some Admins were logged out when doing approval request from email
Resolved an issue with policies being created in the wrong order
Resolved an issue with Keeper Password's Auto Submit is interfering with /popups/admin.aspx
Resolved an issue with Kaseya Integration - Add Paging to Kaseya API call for Services
Resolved an issue with ConnectWise Integration in which the Closing Status dropdown menu excluded inactive statuses
Resolved an issue with Storage Policies where selecting "Save" moved policy to top of hierarchy
Resolved an issue with Approval Requests not displaying properly when requested reason contained a large number of extended characters
Resolved an issue with Approval Request in which not all Groups were displayed when actioning a request for grandchildren
Resolved an issue with Reports where "Blocked Files in the Last 7 Days (Including Child Orgs)" was not displaying for some clients

New Features

Added Tray Redirect URL to the Application Policy Page
Storage Request - Copied Tray Notification Setup from Application Policies to Storage Policies
Elevation Request - Copied Tray Notification Setup from Application Policies to Computer Group Settings
MAC Application Learning
Added Mac Applications to the Approval Request Page
Unified Audit file sizes may now be seen when exporting results
Storage Request options may now be modified directly from a request
Storage Request policy names may now be modified directly from an approval
Added Application Control Polcies to MAC

Improvements

Allow deletion of Applications/Storage Devices applied to policies
Live Chat is now shown on the Quotes page
Changes to Template
Improvements to Ticketing System Performance 10/28/2022

10/28/2022

Bugs and Fixes

Resolved an issue where expired trials were not showing pending quotes when redirected
Resolved an issue some customers experienced when trying to update a ticket that was just created
Resolved an issue on the edit Administrator page where pressing 'Enter' key would clear the value inside the Password field
Resolved an issue where the Export of Application Files would include 'DELETED' items
Resolved an issue with our PartnerProvision API where the data returned was not realtime data
Resolved an issue where NAC objects were duplicated in the list
Resolved an issue some customers experienced where duplicate entries were being created per Storage device
Resolved an issue where the ITGlue mapping was limited to 50 items for some customers
Resolved an issue some customers experienced where their login would fail to redirect from portal.threatlocker.com for Child Organizations

New Features

Added the ability to pass an OgranizationId through to our Reports API when getting Report Data
Added fields for Ticket Number and Comments to Storage Policies - these are pulled from the Approval page when approving Storage Requests
Added configuration for how ThreatLocker will close tickets using the ConnectWise Manage Integration
Added the ability to restrict Storage Policies to users from Approval Requests
Added the ability to add expiration to Storage Policies from Approval Requests
Added the ability to name the Storage Device from Approval Requests

Improvements

Added more details to the System Audit logging when changing Ringfencing within a Policy
Added validation to Regex rules when adding to an Application definition
Improvements to learning regarding empty files

9/21/2022

Bugs and Fixes

Resolved an issue in the Unified Audit where searching by the 'Policy Name' field excluded logs without a Policy Match (Network Entries)
Resolves an issue some customers were having whilst logging in using Geo Location restrictions
Resolves an issue experienced by some customers using File Ringfencing where the exclusions would not apply
Resolves an issue where the Deployment Center wasn't showing completed for "Review the Audit" when your computers were fully secured
Resolves an issue where expired trials were not showing pending quotes when redirected

Improvements

Improved the learning algorithms for Bluebeam files
Added the ability to search the Unified Audit by Created By process
Improved the speed in which Unified Audit logs are updated

New

Added support for multiple Created By processes on files to be displayed in the portal (requires Agent 7.6 or greater to apply)
Created User Roles - this allows you to create permission groups that can be applied to users
Reports API now supports the OrganizationId being passed through to Reports

9/13/2022 - Deployed Live

9/8/2022

Improved logging to the System Audit page to include maintenance mode used when approving a request
Improvements to moving policies from the Permitted Applications page
Added the ability to search by display name on the Organizations page
Performance improvements to the File History page to reduce load time
Introduced cloud-based installation using ThreatLocker VDIs with Risk Center (for preapproved Beta testers only) see the associated article here.
Resolved an issue some customers experienced with application rules failing to refresh when editing an application from the audit
Resolved an issue some customers experienced when attempting to delete a Super Admin causing an error even when other Super Admins are still present
Resolved issue some customers experienced with ITGlue integration duplicating company entries

9/1/2022

Minor Bug Fixes and Improvements
Resolved an issue some customers experienced with application rules not automatically loading into the application page when viewed from the Unified Audit
Improvements to learning for LogMeIn Rescue Applet application
Added the ability to export filtered results from an application definition
Added the ability to ignore approval requests in bulk
Added a message when processing approval requests to alert you if an application has an existing policy applied to the requesting computer
Added support for USB Manufacturers in Storage Control
Added the ability to define custom User Roles and apply those to Administrators
Performance improvements to the Permitted Applications page

8/25/2022

Added individual computers to NAC 'Object' dropdowns in 'Source Location'
Improvements to ThreatLocker Access settings - child org settings will now be copied from the parent org
Improvements when approving a request using custom rules to also create a hash rule
Improved logging in the System Audit to log the child org a group is a member of when the ThreatLocker Version is changed on that computer group
Resolved an issue some customers experienced when receiving a password reset email it contained a link to the beta portal instead of the production portal

8/23/2022

Minor bug fixes and improvements
UI Improvements to the Permitted Applications page
Improvements in the handling of empty certificates in Approval Requests

8/19/2022

New Features

Added new Permitted Applications page where users can view all permitted applications in their environment along with the policies associated with those applications
Added an error message to the Help Desk when a user attempts to create a new ticket without providing a summary
Added an update button to the Deployment Center when manually updating the endpoint count
Added additional logging in the System Audit when changing NAC policies and Authorization Hosts
Added the ability to disable local login to ThreatLocker if SSO is enabled
Added a banner to show users on trial when their trial is set to expire
Changed the default learning period from 'Indefinite' to 21 days

Improvements and Bug Fixes

Resolved an issue some customers experienced when attempting to run the Blocked Files in the Selected Date Range report
Improvements to Help Desk to have better visibility when attaching pictures or have long text in a ticket
Improvement to Storage Control to prevent devices from using the same serial number
Improvements to the Deployment Center to change the Learning computers count logic
Resolved an issue some customers experienced with Cyber Hero Request Instructions not saving the 'Use Organization Settings' setting
Resolved an issue some customers experienced with grandchild organizations being unable to view child organization applications
Resolved an issue some customers experienced with the Permit Application page having a delay on loading
Added support to the ConnectWise Manage Integration to select the default contact if the requestor email does not match a contact within the integration
Resolved an issue some customers experienced with the type of request not being added in the subject of request notification emails

8/9/2022

New Features

Added a Help button to the SSO setup page
Added a Switch to Beta button to make it easier if you are testing new Beta features
Added ThreatLocker Tamper Protection logs to the 'Remove White Noise' filter on the Unified Audit
Added the ability to adjust the column widths on the Organizations page
Added support to the ConnectWise Manage Integration to select the default contact if the requestor email does not match a contact within the integration

Improvements and Bug Fixes

Improvements to Approval Request links in emails
Improvements to System Audit logging
Improvements to the Signup page for new Trials
Improvements to Storage Control Policy creation page
Resolved an issue some customers experienced with Passwordless Login always logging out after 30 minutes, even if the user selected a longer inactivity logout time
Resolved an issue some customers experienced with Cyber Hero Management settings not saving for child organizations if the parent organization did not have Cyber Hero Management enabled
Resolved an issue some customers experienced with their Help Desk tickets crashing when attempting to reply
Resolved an issue some customers experienced where the Update Contact Details page required input multiple times
Resolved an issue some customers reported with the Requestor reason becoming unreadable when an Approval was escalated to MSP via Cyber Hero Management
Resolved an issue some customers experienced with the type of request not being added in the subject of request notification emails
Resolved an issue some customers experienced with the Permit Application page having a delay on loading

7/29/2022

New Feature

Added the ability to add storage devices to an existing policy through an Approval Request

7/15/2022

New Features

Added Requestor email address and reason to Storage Requests
Added feature to notify requestors when their Storage Requests are processed
Added the ability to sign quotes using a mobile web browser

Bug Fixes

Resolved an issue some customers experienced with the bottom menu items being omitted when using the screen zoomed in
Improvements to logging of activity from the mobile app
Minor improvements and bug fixes

7/13/2022

New Features

Added Requestor email address and reason to Storage Requests
Added feature to notify requestors when their Storage Requests are processed
Added support for storage device serial numbers that include special characters
Added the ability to sign quotes using a mobile web browser
O356 SSO support added for login. See KB here
Added the ability to use a pipe character as a delimiter to add multiple specifications in the same filter textbox in the Unified Audit. See KB here
Added support for plus sign characters in usernames
Added hostname to System Audit entries when the ThreatLocker Service is restarted
Added button to download EU Partner Terms and Conditions to the Terms popup

Bug Fixes

Minor improvements and bug fixes
Improvements to logging of activity from the mobile app
Improvements and bug fixes to the Deployment Center page
Improvements to data upload for machines that have been offline
Improvements to HelpDesk
Resolved an issue some customers experienced with the bottom menu items being omitted when using the screen zoomed in
Fixed an issue some customers experienced with ConnectWise Integration tickets failing to be closed in ConnectWise when they were closed in ThreatLocker
Resolved an issue some customers experienced when attempting to load a Storage Control request from the tray and using the 'Login as Admin' button sending the user to a No Access page
Resolved an issue some customers experienced when completing approval requests the default 'Rules' options would be reset when 'CheckFileHistory' was used
Resolved an issue some customers experienced when creating a password that hitting the Enter key refreshed the page instead of saving the password
Resolved an issue some customers experienced in which Passwordless Login wasn't honoring the user's extended logout time
Security improvements to Super-Admin Child permission
Fixed an issue some customers experienced with NAC policies not being created via group templates when deployed using an RMM

6/14/2022

Minor improvements and bug fixes
Improvements to Reports Page
Resolved an issue some customers experienced with certificate data occasionally not displaying properly
Improvements to Resolve Ticket prompt making the feedback optional
Resolved an issue some customers experienced with links included in emails redirecting them incorrectly
Resolved an issue some customers experienced in which they received an error when redirecting from the Policies Page Last Match column
Improvements to Super-Admin Child permissions
Resolved an issue some customers experienced with files not being added if Installation Mode was ended prematurely

6/6/2022

New Features

New Deployment Center Dashboard to add visibility to deployment progress
Added an alert if trying to export more data than a CSV can contain

Improvements

Performance improvements
Improvements to processing Approval Requests to include an email to the Requestor when an Approval Request is added to an existing Application Definition
Improvements to generating reports to add the ability to download large reports directly, saving browser resources
Improvements to the Help Desk to permit attaching zip files
Improvements to NAC policies to eliminate Global options until this feature is supported
Improvements to the RMM and Script Window to link to the Deployment KBs
Improvements to the Help Desk to provide better visibility of the Status of a ticket
Improvements to Approval Request Reports to include comments and Requestor reason
Removed source port from NAC policies to simplify the process
Improvements to setting up Cyber Hero Management
Improvements to the Datto Integration company mapping to sort clients alphabetically

Bug Fixes

Minor bug fixes
Resolved an issue some customers experienced when opening a ticket through the Help Desk, the text field could be cleared when the page refreshed
Resolved an issue some customers experienced with super admins being unable to move computers to other organizations when managing a child organization
Resolved an issue some customers experienced with super admin child when making changes to the parent level policies
Resolved an issue some customers experienced in which notifications from an Approval Request were not linking to the request
Resolved an issue some customers experienced in which navigating to a different page while in a LiveChat with a Cyber Hero would open a new ticket
Resolved an issue one customer experienced with their Datto Integration resetting
Resolved an issue with the Help Desk in which some customers occasionally couldn't save the ticket
Resolved an issue in which the Confirm Ticket Resolution popup wasn't working correctly in Firefox browser
Resolved an issue some customers experienced with the DUO integration settings showing incorrectly for some users
Resolved an issue some customers experienced with Pending and Ignored Approval Requests failing to populate the Requestor's email address

5/19/2022

New Features

Added a Health Dashboard page
Added 'Add to Online Application', and 'Add to Offline Application' buttons in the Unified Audit - these buttons will be supported in a future build

Fixes and Improvements

Resolved an issue in which the cursor wasn't automatically returning to the input box when logging in using OTC
Resolved an issue some customers experienced with the Edit Application button showing an error
Resolved an issue some customers experienced with the System Audit Page searching by UTC instead of the configured time zone of the organization
Made improvements to how Certificates are displayed in the Unified Audit
Changed the ConnectWise Integration label to Active
Fixed an issue some customers experienced in which the entire name of the organization they are managed was not visible in the upper right-hand corner of the portal

5/9/2022

Improvements to OTC to include a 'Reset OTC for Next Login' button and new QR Code generation when switching from OTC to SMS to OTC again
Improvements to enforce MFA functionality
Added the ability to open a ticket in the Help Desk for a child organization as an admin of the parent organization
Improvements to Learning Mode to now learn SHA256 Hashes
Resolved an issue certain customers experienced being prompted to confirm contact details on every login when using DUO
Enhancements and bug fixes to IT Glue Integration

5/3/2022

Performance improvements to the Unified Audit page
Improvements to permissions around making Network Ringfencing changes
Fixed an issue some customers experienced with ConnectWise Agreements failing to update
Add the ability to filter by Computer Groups on the Computers Page
Fixed an issue some customers experienced that when using the Policies Export button, deleted Policies were also exported
Resolved an issue some customers experienced that not all usernames for an organization were being populated in the Username dropdown on the System Audit Page
Resolved an issue some customers experienced in which Policies created at the grandchild org level were applied to the grandparent org and not the parent org as expected
Improvements to the 'Show Computers for Child Orgs' checkbox on the Computers Page to have a default status of selected
Fixed an issue some customers experiences with the Help Desk Page not showing Resolved tickets as expected when the 'Resolved Tickets' checkbox was selected
Resolved an issue one customer experienced with Policies being incorrectly created in multiples for files that meet a specific criteria
Improvements to the Help Desk Page to include the ability for parent organizations to open tickets for child organizations
Resolved an issue some customers experienced with enabling Learning Mode from the quick dropdown on the Computers Page not being logged correctly in the System Audit
Resolved an issue some customers experienced that when editing their own administrator settings, they received an error
Resolved an issue in which some customers failed to receive the Update Contact Details page if admins changed enforced MFA settings
Added the ability to sort in ascending and descending order the Action Type, Hostname, Policy Action, Username and Date/Time in the Unified Audit
Moved the 'Continue' button on the Setup MFA page for a better user experience
Added the option to Elevate silently in the Policy window (Elevate Silently will be supported in ThreatLocker Version 7.2 or greater)

undefined

4/20/2022

Improvements to GeoFencing login restriction
Resolved an issue some customers experienced with rebranding the ThreatLocker Logo
Improvements to the ThreatLocker Request and Tray Notification customization feature
Improvements to the Help Desk Search fields
Fixed an issue some customers experienced with the User list on the Login Settings Page
Improvements to the user interface of the System Audit page
Added a popup reminder on login for customers that have support tickets to respond to

4/14/2022

Fixed an issue some customers experienced with ConnectWise Agreements not updating as expected
Fixed an issue some customers experienced with the ConnectWise Integration page
Made improvements to the System Audit page to permit searching by GUID of the ObjectID
Fixed an issue some customers experienced with the Application Definition failing to properly export certificate information
Fixed an issue some customers experienced with deleting administrator accounts
Improvements to Help Desk textboxes
Improvements to Learning Mode
Fixed an issue some customers experienced with the ConnectWise Integration Agreements not updating as expected

4/7/2022

Improvements to the Edit Computer Groups Page
Improvements to the UI functionality when utilizing the 'Move Computer' button on the Computers Page
Resolved an issue some customers experienced when attempting to use the 'Export' button on the Policies Page
Resolved an issue in which some customers were able to edit the ThreatLocker Access settings without super-admin permissions
Improvements to the ordering of Network Access Control Policies
Corrected an issue in which an entry in the Unified Audit would not link to the Network Access Control Policy that applied
Corrected an issue some customers experienced in which Network Access Control continued logging network traffic once it was disabled
Improved functionality of the 'Return to Parent' button
Improvements to the Update Contact Details page
Added the option to search by Subject on the Help Desk Page
Improved functionality of the Resolved/Not Resolved Ticket window popup
Improved the functionality of policies created by using template groups
UI improvements to the Help Desk Page
Improvements to the functionality of the Login Settings Page
Improvements to the policy creation page pertaining to policies created without applications
Improvements to the IT Glue Integration pertaining to mapping and asset creation
Resolved an issue some customers experienced when adding Tags to a Policy

4/6/2022

Resolved an issue some customers experienced in which the 'Resolve Ticket' button on the Help Desk page wasn't marking tickets as resolved
Resolved an issue some customers experienced in which disabling products from the Organizations Page was incorrectly causing the 'Configure Cyber Hero Management' button to populate
Resolved an issue in which some customers were unable to view and make changes to the ThreatLocker Tray Notification Appearance in the Default Policy
Resolved an issue some customers experienced with the IT Glue Integration not correctly saving certain settings
Resolved an issue some customers experienced with the Datto Integration in which the Auto-Push feature was failing to push large batch jobs
Performance improvements on the Computers Page