Help CenterCyber Hero Management allows the ThreatLocker Cyber Heroes to handle requests from your end users and make decisions on your behalf using ThreatLocker judgment and any additional instructions you provide. However, there may be times when a request requires your attention. We will escalate those requests to the administrator(s) that you have selected.
Note: Cyber Hero Management will not handle Elevation or Storage Control requests, as we cannot validate the storage devices as safe, nor the need to run anything as administrator.
Setting Up Cyber Hero Management on the ThreatLocker Portal
To enable Cyber Hero Management, navigate to the Organizations page. Be sure to enable Cyber Hero Management from the 'Modules' dropdown list by selecting the checkbox next to it.
Select the 'Configure Cyber Hero Management' button located next to the 'Modules' dropdown menu.
The Update Organization panel will appear on the right side of the screen.
In the 'Send Escalation to' box, specify all the administrators that you want to receive escalation notifications. You can select the administrators' email addresses from the dropdown.
Below the escalation contact list is a list of ThreatLocker's default rules that will be applied when processing requests on your behalf. They are as follows:
- Business Applications Only
- Computer Level Permits as much as possible
- Extensions require 4* and a high number of users and reviews (or a well known company e.g. Google)
- No Games
- No Network Scanning or MSP Tools (e.g. PuTTY, PSexec, Rufus)
- No Remote Access tools unless specified
- Meeting Applications are ok unless otherwise specified
At the bottom, there is a text box where you can input any additional instructions or exceptions you would like to make to the default ThreatLocker rules. If you don't have any additional instructions or exceptions, please enter 'none'.
After completing the desired fields, select 'Update Organization'.
These settings will need to be configured per Organization. Once specified on the Parent Organization, you can select the 'Use Parent Settings' checkbox for each Child Organization you would like to use the same settings.
Allowing the Cyber Heroes to Make Changes on Your Behalf
Using Cyber Hero Management will grant the Cyber Heroes Full Control access to your ThreatLocker account.
Note: ThreatLocker Cyber Hero Management does not have the capability to put any devices into Learning, Installation, or Monitor Mode. We also cannot, under any circumstances, place devices into a state of Tamper Protection Disabled.
Escalate to MSP
For instances in which the Cyber Heroes are unable to process a request, they will escalate the approval to the administrator you have designated. That administrator will receive an email that will allow the administrator to 'Authorize Cyber Heroes to Permit', 'Review Approval Request', or 'Ignore Approval Request'.
Any items that have been escalated will also be visible on the 'Approval Center' pagewith the 'Escalated to MSP'. There is also the option to search for all items that have been Escalated to MSP from the search dropdown box on the Approval Center page.
Once an item has been escalated, the email the MSP receives is a no-reply email. It will be up to the MSP to action the request. If you need to add additional instructions for the Cyber Heroes to use when processing future requests, please log into the ThreatLocker Portal and edit the instructions.