Portal 2.14.3: 3/31/2025
New Features & Improvements
- Made a change to Web Control policies to only permit one category per application for simplicity
- Improved the billing page with more informative error reporting in the event adding a payment method fails
Bug Fixes
- Resolved an issue in which the new search in the Unified Audit was not displaying the Permit Elevation or Add to Application buttons
- Resolved an issue in which the Unified Audit was not displaying certain files as matching existing applications
- Resolved an issue in which the URL from an expanded entry in the Unified Audit was not being copied correctly when selecting the link button
Portal 2.14.1: 3/26/2025
New Features
- Added a brand new Web Control dashboard
- Added visibility of details section in the Unified Audit for DNS logs
- Added Include Child Organizations option on the Detect Dashboard
- Made improvements to the Top Alerts widget to be Top Alerts by Device
- Added the ability to open the Exclusions sidebar from the computer sidebar via clicking the hostname
- Added the Detect Dashboard to the Detect Module and will default to it being selected when the module is first opened
- Added the ability to select Organization admins in the Reviewed By dropdown in Detect Recommendations
- Added a new action type in the Unified Audit for DNS
- Added confirmation message when successfully deleting applications
Bug Fixes
- Resolved an issue in which the calculations displayed on the Missing Updates Health Center tile were incorrect
- Resolved an issue in which the EnableRemotePresence option was not being saved on the target machine
- Fixed multiple User Contact issues with the Mutual Action Plan
- Resolved an issue with the Application Control Module that would not display the status options for Secured/Monitor/Inherit when Request is enabled
- Resolved an issue in which deleting an organization that had User Roles applied to it would change the User Role to apply to All Organizations
- Resolved an issue in which Detect conditions to enable/disable another module policy was incorrectly tied to the ThreatLocker Protect bundle
- Resolved an issue in which selecting the additional files tab and attempting to add multiple files to an approval was not working and not showing an error
- Resolved an issue in which closing the Organization sidebar before it was fully loaded resulted in an error
- Resolved an issue in which the computer ID was being omitted from Unified Audit logs using the new search
- Resolved an issue where the destination was not updating after updating a tag name
- Resolved an issue in which editing the name of a DNS server was incorrectly causing an error message that the IP address already exists
- Resolved an issue in which Web Control policies were incorrectly defaulted to add the policy to the bottom of the list
- Resolved an issue in which pressing Patch Now on a pending Patch policy was failing
- Resolved an issue where unable to update an existing Application with a 'Path Only' file
- Resolved an issue with Tags not being populated when Ringfencing an Application
- Resolved an issue in which Cloud Detect logs were failing to ingest for some users
Portal 2.13.1: 3/20/2025
New Features
- Added better detail to ConnectWise tickets to show what type of request is being made
- Added display of 'bytes' when file size is hovered over
- Added additional confirmation messaging when deleting items in Storage Control, Config Manager, and the Devices page
- Added message to inform users to not rename the PKG file when downloading and installing Mac Agent
- Added a link to external Cyber Hero Approval Instructions from the Cyber Hero Instructions tab
- Added new New filters in the Unified Audit: Group By "Port" and "Network Direction - Inbound/Outbound"
- Added the ability to set DNS servers as ThreatLocker Objects for applying to Web Control policies
- Added support for Order by in Patch policies
- Added the ability to enable/disable Patch policies from the main grid
- Added the ability to enable/disable and delete Patch policies en masse from the main grid
- Added the ability to mark patches as complete from the main grid individually and en masse
- Added an Upcoming Patches tab to the Application sidebar to display all pending patches for the selected application
- Added display of non-patch-managed applications that are missing updates
- Added lazy loading in the Network Control Policy sidebar Objects dropdown to better accommodate large lists of objects
- Added a hover over on the Patch Policy schedule button to display the required Windows Agent version
- Added the ability to Ringfence with Insights on Approval Requests
- Added a new permission category for Web Control with 2 new permissions of Edit Web Control Policies and View Web Control Policies
- Added display of all applications with missing updates in the Missing Updates Health Center tile
Bug Fixes and Improvements
- Resolved an issue in which ConnectWise tickets weren't being closed when using a custom auto-close delay
- Resolved an issue in which very long file names uploaded to a help desk ticket were being cut off at the file extension, causing the upload to fail
- Resolved an issue in which attempting to open File History was displaying an error for certain applications
- Resolved an issue in which the Modules dropdown on the Organizations page was accessible by users with incorrect permissions
- Resolved an issue in which the New Audit Search was not correctly displaying Deny (Option to Request) actions
- Resolved an issue in which the last check in column was not updating Access Device check ins
- Resolved an issue in which File History was only displaying one certificate
- Resolved an issue in which navigating to a blocked page while also logged into the ThreatLocker portal was displaying an expired token page
- Resolved an issue in which maintenance modes were incorrectly requiring a user to be selected when selecting to apply to all users
- Resolved an issue in which the target dropdown was not populating when copying Network Control Policies
- Resolved an issue in which merging and deleting applications from any page other than the first page would send the user back to the first page once an action was complete
- Fixed a minor type on the Top Alerts graph in the Detect Dashboard
- Changed the Detect Dashboard Recommendations widget popout to a dialogue
- Resolved an issue in which Global groups were incorrectly being displayed in Storage and Network Control
- Resolved an issue in which saving a domain Ringfencing exclusion with ipv4 in the name would incorrectly be saved despite an error being displayed
- Resolved an issue in which incorrectly formatted data in Ringfencing exclusions that had previously been saved were preventing new correctly formatted exclusions from being saved
- Resolved an issue in which incorrectly formatted data in tags that had previously been saved were preventing new correctly formatted tag items from being saved
- Resolved a minor UI bug on the Elevation Control module that caused the line below column headers to break
- Resolved an issue in which search parameters were not being reset after navigating away from a page in the Endpoint Detect module
- Resolved an issue in which domains could not be saved in tags with a wildcard at the end
- Resolved an issue in which the domain x.com could not be saved in Tags
- Resolved an issue with domain names not supporting numerals in Organization Settings
- Resolved an issue in which a long Store name was going behind the New Store Policy button
- Resolved an issue in which Endpoint Detect policies were unable to be opened from an alert on a machine in a child organization
- Resolved an issue in which multiple Elevation Control policies were being deleted when only one was selected
- Resolved an issue in which clicking the Create button multiple times created duplicate policies
- Resolved an issue in which deleting an admin was not removing the corresponding contact in the CRM
- Resolved an issue in which end users were receiving a popup to run their requested application before the application was added to the local apps.db
- Resolved an issue in which the ThreatLocker Not Detected label was incorrectly displayed in the Unified Audit
- Resolved an issue in which the Datto PSA integration was failing to map contracts
- Resolved an issue in which an extra space in the Config Manager MS WordPad Vulnerability: Disabled key policy was causing the policy to fail
- Resolved an issue in which Datto PSA integration was unable to load contracts
- Resolved an issue in which ThreatLocker Cyber Hero ownership was not being removed when escalating the request back to the client
- Resolved an issue in which one client was unable to copy a Global policy to the Global Workstations group
- Resolved a minor UI bug on the Patch policy sidebar in which the Patch Version dropdown was being squished
- Resolved an issue with custom computer names being removed in the portal when the agent check-ins without a custom computer name being sent to automatically update the custom name
Portal 2.12.1: 3/13/2025
Bug Fixes
- Resolved an issue in which certain deny logs on a single instance were returning an error when attempting to permit
- Resolved an issue in which Storage requests were incorrectly being opened as Web Control requests
Portal 2.12 3/12/2025
New Features and Improvements
- Added support for Bearer token use in Detect 'Send to API' actions
- Added an All Policies option when viewing Web Control policies
- Improved the Detect Dashboard Incident Outcomes chart readability and time precision
- Added a static redirect page when Web Control blocked access to a targeted page
Bug Fixes
- Resolved an issue where manually entered usernames were not being accepted on Web Control policies
- Resolved an issue in which merging and deleting an application from any page other than the first page would send the user back to the first page once an action was complete
- Resolved an issue in which the Any Deny filter was not working as expected using the New Search in the Unified Audit
- Resolved an issue in which username searches in the Unified Audit were failing using the New Search
- Resolved an issue in which the Storage Control Copy Policy target organizations and groups dropdown would load empty
- Resolved an issue that prevented the modification of hash values when defining custom rules
- Resolved an issue in which Global-Group policies were incorrectly being displayed when Show All policies is selected
- Resolved an issue with SMS notifications being delivered when configured on an application policy to notify an administrator on request
Portal 2.11.4: 3/6/2025
New Features and Improvements
- Added a new Detect Dashboard: Detect Dashboard | ThreatLocker Help Center
- Added a new Web Control module: Web Control Module | ThreatLocker Help Center
- Added a new Microsoft 365 (changing label to Cloud Control) that contains Cloud Detect and M365 Conditional Access
- Made improvements to the User Application Store: The Application Store | ThreatLocker Help Center
- Added the ability to set previous policy match as a condition in Detect so you can now chain behaviors together
- Added a tooltip prompt on the Computers page that will inform users of a Windows machine not being able to update due to needed minimum OS requirements
- Added additional Swagger documentation for System Audit API calls
- Improved the UI for the Unified Audit sidebar by adding a More Details section and adding copy buttons to each line item
- Added new Detect condition called 'Previously Matched Policy'
- Added a new banner to warn Admins when a Named Location exceeded the 2,000 unique IP address limit
- Improved ThreatLocker Detect responses to include more actions
- Improved the Detect Dashboard Incident Outcomes Chart readability and time precision
- Changed the Path column in Response Center to Details to better reflect column contents
- Improved Deploy Policies and Approval Requests to better supports new Tags for Patch Management
- Added Application Name to Advanced Search and Group By to the new Unified Audit Search
- Added a popout page for the Detect Dashboard Recommendations widget
Bug Fixes
- Resolved an issue in which company mapping in the Datto integration was not correctly saving
- Resolved an issue in which Elevation Exception policies were not being displayed on the main grid if they contained no exceptions
- Resolved an issue where selecting application rules in a specific order would generate a "You can not have a Created By only rule" error
- Resolved an issue with Application Control Policies not being created for Linux and Windows XP Operating Systems
- Resolved an issue with deleting Configuration Manager policies occasionally resulting in an error
- Resolved an issue where the Applies To field was not reset after the Applications Existing Policies sidebar was closed
- Resolved an issue with updating existing applications in the Permit Application sidebar was not auto populating a suggested application name
- Resolved an issue in which Admins from a moved organization were able to viewed on the Elevation Control Local Admin Users and Groups page
- Resolved an issue with being unable to deploy policies while having the Edit or View Organizations permission. This will be added as a new permission in future builds for more granular control
- Resolved an issue in which adding Ringfencing exclusions from the Unified Audit were incorrectly defaulting to the IPv6 type
- Resolved an issue that allowed a user to enable multiple Disable ThreatLocker Detect maintenance modes at the same time
- Resolved an issue where a maintenance mode end date wasn't properly updated when entered manually
- Resolved an issue where the 'Secured' and 'Unsecured' Filter By options were no longer available after filters had been cleared
- Resolved an issue where enabling/disabling a policy was not being logged in the unified audit when performed from the sidebar
- Improved System Audit logging with Storage Control policy changes and how they are recorded
- Resolved an issue where enabling/disabling a policy was not being logged in the unified audit when performed from the sidebar
- Resolved an issue with resetting a user's password and an error being given when OTC is enabled
- Resolved an issue with Saved Searches in the Unified Audit where the parameters from the start and end dates were causing incorrect searches
- Resolved an issue with using the Select All checkbox on the Elevation Control module page in which it would select more objects than what was currently displayed on the page
- Resolved an issue where Store Elevation Policies were not being Ringfenced.
- Resolved an issue with Restart Agent Portal command not being sent to older Windows Agent versions
- Resolved an issue where the Named Locations exceeded IP's banner was causing a 403 error
- Resolved an issue in which the Certificate SHA was not being added when attempting to add it from the Unified Audit
- Resolved an issue in which Store categories were being incorrectly displayed when the category contained an &
- Resolved an issue with using an End Date filter option where selecting 00:00 AM was causing the field to go empty
Portal 2.10.3: 2/13/2025
New Features
- Added a new tab on the Devices page for "Mobile (Beta)" where admins can invite end users to install the ThreatLocker Access app in preparation for using 365 Conditional Access control
- Added a new tab on the Network Control page for 365 Conditional Access
Bug Fixes
- Resolved an issue in which the Permit Elevation and Add to Application buttons were not being displayed in the Unified Audit when utilizing the New Search
- Resolved an issue in which policies set for Azure Users and Groups were incorrectly saving the UserGroup as text instead of the correct value
- Resolved an issue in which the Advanced Search Filters were not being displayed in alphabetical order
- Resolved an issue in which passwords were unable to be reset when MFA was enabled.
Portal 2.10: 2/10/2025
New Features and Improvements
- Added display of a message on the Computers page that an agent restart is required after changing Options
- Added the ability to customize the Elevation UAC window (Requires Windows Agent 9.7 or greater
- Added a new Reload Tenant Groups button on the Azure integration sidebar to reload the tenants from Azure
- Incorporated a 'New Search' option in the Unified Audit to greatly improve loading speeds
- Made improvements to the New Search feature in the Unified Audit to better display Network results and Linux baselines
Bug Fixes
- Resolved an issue in which parent admins were able to edit a child organization from outside the US when the child organization was ITAR-compliant
- Resolved an issue in which suggested rules were being created using an unverified certificate
- Resolved an issue in which IPv6 addresses were unable to be input into Tags
- Resolved an issue in which a specific organization's Cloud Detect response settings for child organizations were pulling down incorrect data and that data was then unable to be edited
- Resolved an issue in which active alerts were not displaying as expected when a "Disable ThreatLocker Detect" mode was scheduled but the computer time was set earlier than the start time of the mode
- Resolved an issue in which the copy policies function in Network Control did not populate the correct policy list on the initial load
- Resolved an issue in which the computer sidebar was incorrectly displaying a permission error for Detect when the user was not trying to access the Detect tab
- Resolved an issue in which the application name was not being displayed below built-in applications
- Resolved an issue in which the Action Type Baseline was not returning results when selected from the Advanced Search in the Unified Audit
- Resolved an issue in which status was not properly being displayed in the System Audit when removing Lockdown or Isolate or when switching from one to another
- Resolved an issue in which Cyber Hero Instructions were not being correctly formatted on the Organization page
- Resolved an issue in which editing a Storage Control Policy's order was incorrectly not accepting negative numbers
- Resolved an issue in which the Elevation Control Local Administrator Users and Groups page was not correctly being exported to CSV
- Resolved an issue in which Super Admin permission was incorrectly being required before a user could expand an IP address on a Unified Audit entry
- Resolved an issue in which some Approval Requests were not being included in bulk actions, even when selected to be included
- Resolved an issue in which the bottom-most Unified Audit log was partially obscured when viewing on a minimized screen
- Resolved an issue in which 417 errors were not correctly being displayed by the portal
- Resolved a UI glitch on Detect policies that use a policy condition containing a Tag
- Resolved an issue in which Admins from a moved organization were able to be viewed from the Elevation Control Local Admin Users and Groups page
- Resolved an issue in which adding Ringfencing exclusions from the Unified Audit were incorrectly defaulting to the IPv6 type
- Resolved an issue in which the Advanced Search in the Unified Audit was case-sensitive
- Resolved an issue in which Azure users and groups were failing to load in the selected users and groups dropdowns in policies
- Resolved an issue where a 417 error was received when attempting to create or update a tag containing a domain with a period in it
- Resolved an issue where end users were unable to open the Store from the tray
- Resolved an issue in which an update to the Azure Integration caused groups on older Integrations to not sync properly
Portal 2.9.3: 1/28/2025
New Features and Improvements
- Preview release of the new and improved ThreatLocker Store (Requires Windows Agent 9.7 or greater)
- Added a new column for the ThreatLocker Agent version to the Computers page
- Added a new Subcategory selection option for the ServiceNow integration
- Update the iconography and the verbiage for the Local Administrator Users and Groups page
- Improved the Copy Policy feature of Network Control Module to improve the user experience
- Updated the Computers page naming convention to 'Devices' and updated the Access Tab to 'Mobile'
Bug Fixes
- Resolved an issue in the Software Health Report where text would be cutoff in the 'Areas Recommended to Review' section
- Resolved an issue in the Software Health Report that would list applications in the 'Areas Recommended for Review' section in the incorrect order. Applications are now correctly listed by their rating, placing the application with the highest combined score at the top
- Resolved an issue with the Datto integration where unit counts that were set to 0 were not updating properly for Service/Bundles
- Resolved an issue on the Computers page that displayed 'Inherited From Group' which showed incorrectly for computer agent versions when the targeted computer has a specified agent version not set from the computer group
- Resolved an issue where selecting 'View Unified Audit' on the Threats tab was not loading the Unified Audit as expected
- Resolved an issue in which clicking the Denied Count on the Computers page was not loading the Unified Audit as expected
- Resolved an issue where canceling a Remediation MFA request would not properly terminate the request
- Resolved an issue in which the HALO PSA integration was failing to update due to caching of the Integration ID
- Resolved an issue that prevented end users from clearing Cloud Alerts
- Resolved an issue and improved the User Workflow when clearing Cloud Alerts
- Resolved an issue where Ringfenced records were incorrectly displaying the 'Add to Tag' feature
- Resolved a display issue when scrolling to the bottom of the Computers page
- Resolved a button display issue on the Install Computer form when using smaller display formats
- Resolved a display issue with a tooltip in the side panel of the Elevation Control Module
- Resolved an issue with Unified Audit create policy process that would prevent a policy from being created in scenarios where a certificate has special characters
- Resolved a Unified Audit display issue while saving a rule on an application update that would prevent the rule from returning to its original state
- Corrected and Improved the Elevation Notification user experience and relabeled the form to Elevation Notification
- Resolved an issue with Advanced Search with Unified Audit which worked incorrectly with the 'Not Equals' option.
- Resolved an issue with being able to select Objects in Network Control Modules
- Resolved an ADMIN permission issue with the Application Control Module.
- Resolved an issue in which custom Detect banners were being displayed after they had expired
- Resolved an issue in the Application Control Module with saving the autofill values during new policy creation
- Resolved an issue in which Storage Control Policies were not correctly being loaded and displayed
- Resolved an issue in which a canceled MFA request was incorrectly displaying as a new MFA request on the mobile app
- Resolved an issue when putting a computer into Learning or Install Modes would default to creating new policies at the Organization level. This now requires the end user to select a level from the 'Applies to' dropdown list
- Resolved an issue in which scripts run using PowerShell ISE were not being audited as expected
Archived Portal Release Notes
2024: Portal Release Notes 2024 | ThreatLocker Help Center