Company logoHelp Center
Visit www.threatlocker.com

Cyber Hero Approval Instructions

7 min. readlast update: 04.23.2025

By default, the Cyber Heroes will apply the following recommendations when processing requests on your behalf: 

  • Permit only business applications: 

    • Cyber Heroes will allow applications that are routinely used in your organization’s environment and are essential to completing work-related tasks. A business application can be anything that you deem necessary to your work. 

      • Examples: 

        • Microsoft Office 

        • TaxAct 

        • Quickbooks 

        • BlueBeam 

  • Permit mostly at the Computer Level: 

    • ThreatLocker allows users to create permit policies at many different levels, including at the Entire Organization level, Computer Group, Computer level, and Global. Permitting a policy for the Entire Organization might help in limiting the amount of Approval Requests sent in, but it increases the number of permitted applications within your environment. The Cyber Heroes will, by default, permit applications on the Computer level. This decreases the number of users who have permission to open an application they don’t need, thereby diminishing risk. 

      • Examples: 

        • A user who works in Financing might not need access to Capcut, which is a video editing software. However, this could be used by someone in a Marketing department. 

        • Likewise, someone in Marketing might not need access to Quickbooks, but someone in Financing could. 

  • Restrict Chrome, Edge, and Firefox Extensions: 

    • While there are many useful Browser Extensions, Chrome, Edge, and Firefox are not immune to extensions that pose risks to users. When permitting Browser extensions, Cyber Heroes check to ensure that they meet the following requirements: 

      • Have 4 or more stars. 

      • Have at least 500 ratings. 

      • Have at least 100,000 users. 

        • Examples: 

          • The Grammarly Chrome Extension 

          • The Loom Chrome Extension 

    • Additionally, if an extension does not meet these guidelines but comes from a well-known company (i.e. Microsoft or Google), these can also be permitted if they meet business needs. 

      • Example: 

        • Office – Enable Copy and Paste Chrome Extension 

    • Lastly, there are some extensions that might meet these guidelines; however, they won’t be permitted as they are not considered to be of business use. 

      • Example: 

        • Dark Reader Chrome Extension 

  • No games: 

    • Most businesses do not require games to complete their daily tasks. Cyber Heroes will not permit games as they are not considered to be business applications. This would add permit policies that could decrease the security of your environment and cause workplace distractions. 

  • No network scanning tools: 

    • Network scanning tools are scanners that can be used in an environment to find IP addresses of devices on a particular network, perform port scanning, and more. Classic tools for this are Angry IP Scanner, Advanced IP Scanner, and Galactic Scan. Cyber Heroes will not permit this in your environment due to the potential security risks that can come from these applications. Users with access to Advanced IP Scanner or Angry IP Scanner can identify the IP addresses of all devices in your organization’s network, which can be used against you in several ways including: 

      • RDPing into a machine. 

      • Performing a Denial of Service Attack. 

      • Limiting Internet Browsing. 

    • Additionally, by having access to a port scanner such as Angry IP Scanner, users can identify which ports are open on a machine and gain information on the network’s weakest points. 

  • No IT tools: 

    • IT Tools are typically tools that give a user elevated permissions within an organization. Like Network Scanning Tools, having permitted IT Tools within your organization and on various users' machines can be a security risk as they typically allow admin-level privileges. Cyber Heroes will not permit IT tools that do not have an existing permit policy on the machine requesting access to it. 

      • Examples of IT Tools: 

        • PuTTY: A terminal emulator that supports network protocols such as SCP, SSH, Telnet, and more. This permits users to remotely connect to computers. 

        • Rufus: A tool that is used to create bootable USBs from bootable ISO files. This tool could allow a user to create a bootable USB to deploy malicious software with. 

  • No file archival or zipping tools: 

    • Cyber Heroes will not permit file archival or zipping tools UNLESS the name of the software is explicitly stated in your Customer Guidelines. 

      • Example: Please permit 7-Zip and WinRAR for users in the Workstations group. 

    •  Software like 7-Zip, WinZip, and WinRAR are common as they can be used to compress and unzip files. ZIP files can be used to conceal malware as they can be bundled and compressed. Additionally, these types of compression tools can be turned against the user for attacks like Ransomware as this software often allows attackers to partake in data exfiltration and encryption. You can read more about this in our The dangers of 7-Zip and WinRAR article. 

  • No data migration or encryption tools: 

    • By default, Cyber Heroes will NOT permit data migration or encryption tools unless they already exist in your environment and have a permit policy on the machine requesting it. Data migration software can be used to migrate data from one source to another. While this software can be useful for transferring data to a new machine or storage device, attackers can use these tools to manipulate data, steal sensitive information, and more. 

      • Examples of Data Migration software: 

        • Transwiz 

    • Encryption software takes data and converts it into a code that can only be accessed with the use of a specialized key. While useful, if an attacker were to get into a machine in your organization with this software installed, they could utilize this by initiating a ransomware attack. 

      • Examples of Encryption software: 

        • VeraCrypt 

        • Gpg4win 

  • No remote access tools: 

    • Remote access tools provide users with the tools to remotely log into a machine. While remote access tools can be useful for providing users access to machines hosting specific applications used in your organization, it is important to note the security risks that come alongside this. Remote access tools on a user’s computer can enable attackers (internal or external) to access other machines in an environment. Used alongside a tool such as Advanced IP Scanner, a user could gain remote access to multiple machines in an organization after discovering the IP addresses that belong to them. Additionally, common remote access tools such as BeyondTrust (also known as Bomgar) have had recent history of known breaches. Cyber Heroes will only permit requests for remote access tools if the user has an existing permit policy within your organization or it is stated in your Customer Guidelines to permit certain remote access software. 

      • Some examples of remote access software are: 

        • Connectwise Screenconnect 

        • LogMeIn 

        • Teamviewer 

  • Permit meeting applications: 

    • Meeting applications are common in a workplace environment. Cyber Heroes will permit meeting applications, such as Zoom, GoTo Meeting, and Cisco Webex even if you don’t have an existing permit policy. While these applications have remote-access capabilities, this requires permission from the user. These tools also permit screensharing, which also must be permitted by the user. 

Was this article helpful?