Added "Apple Fabric" as interface to storage policies
Improvements
Improved the reporting and downloading mechanisms around MAC check-ins with policy numbers and approvals
1/31/2023
Known Bugs
ThreatLocker Tray - No popup for Maintenance Modes
Default Deny and Storage Control products are enabled by default and cannot be disabled
Bugs and Fixes
Application Control - Resolved an issue preventing the ability to set a policy for a specific interface
Application Contiol - Resolved an issue where the Default Deny policy was not created by default
Storage Control - Resolved an issue preventing the ability to use Apple’s storage interface in policy
Resolved an issue requiring policy deployment to approve via Approval Request
Resolved an issue where .pkg files were not treated as executables and were not able to be blocked using Default Deny
Resolved an issue where request Notifications relied on Apple's Notification Center and were not instant on a block
Resolved an issue where the blocked items in the ThreatLocker Tray didn't show in the correct order
Resolved an issue where processes did not work when used in Custom rules
1/9/2023
Known Bugs
.pkg files are not treated as executables and are not able to be blocked using Default Deny
Request Notifications rely on Apple's Notification Center and are not instant on a block
Blocked items in the Tray don't show in the correct order
Unable to set an Application Policy for a specified Interface
Apple's storage interface cannot be used in Storage Policies
Default Deny Policy isn't created automatically
Approval Requests don't automatically trigger a Policy Download, and Policy Deploy is required
Processes do not work when used in Custom rules
Default Deny and Storage Control products are Enabled by default and cannot be Disabled
Users don't receive a popup for active Maintenance Modes and can't end them from the Mac
New Features
Mac Agent will install into the specified group and Check In to the Portal every minute
The application and file actions are uploaded to the Portal every minute
Upon Installation, a Baseline will run on the Mac, logging all files into the Unified Audit
Learning Automatic <Group> and Learning Automatic <Computer> will create Policies based on the Baseline, and Simulated Denies (Green Denies) for the Default Deny Policy (e.g. Default - MAC)
Application Definitions can be created using hashes and custom rules
Tamper Protection Disabled, Learning, Installation, and Monitor Maintenance Modes are supported
Full auditing of the read, write, move, and delete of files on external devices and specified local drive folders
Ability to deny access to storage locations based on interface type or specified paths
Supports authentication using Authorization Hosts on a Windows device using NAC
Updates the IP address for NAC objects used by a Windows device
Tamper Protection is on by default and prevents users from disabling or removing ThreatLocker
1/4/2023
Known Bugs
Approving via Approval Request requires policy deployment
Unable to disable products
Application Control - Unable to set policy for specific interface
Application Control - Default Deny policy is not created by default
Storage Control - Unable to use Apple's storage interface in policy
ThreatLocker Tray - No popup for Maintenance Modes
New Features
Baselining applications during ThreatLocker installation
Automatic Learning to Computer and Groups
Permitting applications by Hash as well as Custom Rules when attached to a policy
Application Control Default Deny Policy at the bottom of the policy hierarchy to secure machines and only permit what is explicitly allowed
Supports Learning Mode, Installation Mode, and Monitor Only
Storage Control supports auditing of external storage, custom paths, and specified local folders
Monitor and denying on storage for all external storage as well as specified local folders
Network Access Controls (NAC) supports Authorization Hosts as well as updating IPs for objects
Tamper Protection to stop unauthorized users from disabling ThreatLocker
Help Center