Company logoHelp Center
Visit www.threatlocker.com

Portal Release Notes

40 min. readlast update: 05.21.2025

Portal 2.18.6: 5/21/2025

Bug Fixes

  • Resolved an issue in which Storage Approval Requests were unable to be actioned by users with appropriate permissions
  • Resolved an issue in which some customers could not enable products from the Organization page Modules dropdown

Portal 2.18.5: 5/20/2025

New Features & Improvements

  • Added a new Executive Summary Report to provide a monthly summary of Detect activity
  • Added the Copy Policy feature to ThreatLocker Detect
  • Added a new column on the Web Control page to display if a policy is Scheduled or has an Expiry
  • Added a button to the banner that informs users if they need to set up Endpoint Response Settings which will open the configuration sidebar
  • Added links to the Unified Audit from an Approval Request
  • Added an Include Child Organizations checkbox on the Missing Updates page and sidebar
  • Added a banner to display if there are ThreatLocker Modules being paid for that aren't being utilized
  • Minor UI fix on Patch Policy sidebar
  • Made improvements to the Products dropdown on the Organizations page to make it more intuitive and user-friendly
  • Label change on the Detect Dashboard Top Alerts chart
  • Improved the display of Approval Request timing to more accurately display TTR
  • Added an Upload File to the Approval Request sidebar
  • Made improvements to the validation when adding files to an application to prevent the ability to add duplicates
  • Added better validation when adding custom rules in an Approval Request to prevent adding duplicates
  • Made improvements in the Unified Audit to open the Web Control DNS Server sidebar when selecting the Hostname from the Unified Audit sidebar
  • Changed label from Inherit Status From Group to Inherit Status From Computer in the Application policy sidebar
  • Added validation to the file exclusions section of Application Policies to prevent the ability to add an empty rule
  • Added validation to the file exclusions section of Application Policies to prevent the ability to add an empty rule
  • Added a new search filter to the Unified Audit, Computer ID, that allows users to filter and group by a specific machine's Computer ID

Bug Fixes

  • Resolved an issue with exporting Unified Audit Reports with certain Group By's
  • Resolved an issue in which the Monitor option was inaccessible for Application Deny policies
  • Resolved an issue in which tag types were not accessible as expected in the portal
  • Resolved an issue in which disabling Cyber Hero Management at the Parent level was preventing child-level approvals from being actioned or escalated
  • Resolved an issue in which Application Policies were displayed in the incorrect order when using the Show All Policies option
  • Resolved an issue in which deleting a Store item did not remove it from the Portal
  • Resolved an issue in which attempting to close a sidebar on a list with 400+ items was causing the page to temporarily freeze
  • Resolved an issue in which disabling an Application Policy was incorrectly hiding it from the Enable Application Policy list in Detect
  • Resolved an issue in which bundles and PSA contracts were unable to reload in the Datto integration sidebar
  • Resolved an issue in which patches were being displayed for a version older than the currently installed version
  • Resolved an issue in which searching for Baseline action type in the Unified Audit was not working as expected
  • Resolved an issue in which an application deleted on A was not replicated to customer instances
  • Resolved an issue in which sorting by TL Version was not displaying in the correct order
  • Resolved an issue in which exporting the Unified Audit was changing the time displayed
  • Resolved an issue in which the Health Center widget was not displaying macOS policies
  • Resolved an issue in which recommendations in Detect were always displaying as if they were made by the Cyber Hero Team instead of reflecting the username of the Organization's own tech if not made by the Cyber Hero Team
  • Resolved an issue in which parent organization Tray Branding was not being replicated down to child organizations
  • Resolved an issue in which Cloud Detect module was reachable when that module was not enabled
  • Resolved an issue in which all Super Admins of a Partner Organization could be removed, leaving the Organization without a super user
  • Resolved an issue in which Detect Policy Action to enable or disable a Cloud Detect policy
  • Resolved an issue in which the Maintenance Modes dropdown was showing empty when a computer was Isolated or Locked Down
  • Resolved an issue in which a file without a hash could not be added to an application from an Approval Request
  • Resolved an issue in which a very long Organization name was being cut off
  • Resolved an issue in which Datto integration could not be created
  • Resolved an issue in which the export from the Devices Page was displaying an incorrect header for the Denied Count
  • Resolved an issue in which the Office 365 integration sidebar was not requiring the user to save the integration
  • Resolved an issue with Web Control approval requests displaying the incorrect request time
  • Resolved an issue in which bulk action pop-up windows were not being opened under the correct action
  • Resolved an issue in which the Missing Updates tile on the Health Center was not displaying the correct number of missing updates on the graph
  • Resolved an issue in which products couldn't be selected from the Products dropdown on the Organization page
  • Resolved an issue with the Datto integration that caused an error when attempting to load contracts
  • Resolved an issue with downloaded Community Cloud Detect policies in the parent organization being removed when copied to a child organization
  • Resolved an issue that prevented the generation of custom reports in the portal
  • Resolved an issue with an error preventing users from adding the Datto integration
  • Resolved an error caused when starting the 'Patch All' function from the Missing Updates page for Patch Management

Portal 2.17.5: 5/14/2025

New Features & Improvements

  • Improved email notifications from Approval Requests to also include the Computer Group as part of the request details

Bug Fixes

  • Resolved an issue where Detect policies with occurrences under conditions set to equal hours would be reverted to minutes instead

Portal 2.17.4: 5/8/2025

New Features & Improvements

  • Added a 'Show Count' checkbox in the System Audit to help improve loading and searching speeds
  • Added support for Cyber Hero MDR policies to accommodate different OS types
  • Added support for different OS types when making Detect policies

Portal 2.17.3: 5/7/2025

New Features & Improvements

  • Updated the report 'Override Use (Including Child Orgs)' to use the new Unified Audit search
  • Updated the report 'Blocked Files in the Selected Date Range' to use the new Unified Audit search
  • Updated the report 'Applications Installed/Updated by Specific Hostname' to use the new Unified Audit search
  • Updated the report 'Denied Files by Count' to use the new Unified Audit search
  • Updated the report 'Application Use in the last 30 days' to use the new Unified Audit search
  • Updated the report 'Computers with Duplicate Computer IDs' to use the new Unified Audit search
  • Updated the report 'USB Serial Numbers' to use the new Unified Audit search
  • Updated the report 'Top 10 Applications in the last 30 Days' to use the new Unified Audit search
  • Updated the report 'Top 10 Applications in the last 7 Days' to use the new Unified Audit search
  • Updated the report 'Users per Application in the last 30 Days' to use the new Unified Audit search
  • Updated the report 'Users per Application in the last 7 Days' to use the new Unified Audit search
  • Updated the report 'Blocked Files in the last 7 Days' to use the new Unified Audit search
  • Added the ability to search attribute dropdowns in the Unified Audit
  • Added the ability to combine 2 separate Group By functions when using Advanced searching the Unified Audit
  • Added a Count column in the Unified Audit when using Group By to show how many items are included in that grouping
  • Improved the messaging when a new policy would never be matched because of policies placed above it in the hierarchy
  • Changed the labeling of Approval Requests that were not approved from Ignored to Rejected
  • Updated the display of ThreatLocker Cyber Heroes to ThreatLocker Cyber Hero team in email responses
  • Added an additional confirmation popup when selecting Restart ThreatLocker Agent on All Devices
  • Made minor UI adjustments to the Web Control policy sidebar
  • Made UI improvements to pop up messages on Application Control and Patch Management modules
  • Changed the label of Hostname in the Unified Audit to Asset Name
  • Added an Upload button on Install action type Unified Audit entries
  • Added a copy URL to the Unified Audit sidebar
  • Added a hyperlink to the hostname from Approval Requests
  • Added better validation when creating Web Control policies
  • Added a new button to the Unified Audit log sidebar that allows users to add a Web Control policy based on the audit log
  • Added the ability to schedule and expire Web Control policies
  • Added a new action type in the Unified Audit for DNS
  • Added support in the portal for macOS devices in the Patch Management module
  • Added display of Computer groups on the Devices page with the ability to filter by group for easier device management
  • Improved System Audit logging for Patch Management actions taken by administrators in the portal
  • Updated the Response Center, Approvals tab, status dropdown label for 'Escalated from the Cyber Heroes' to 'Escalated from the Cyber Hero Team'
  • Added support for macOS to user Triggered Installation Mode
  • Added a new feature that allows users to search Detect policies based on labels applied to them to better identify a category a policy may belong to

Bug Fixes

  • Resolved an issue with the File History tab on Elevation Approval Requests not loading results properly
  • Resolved an issue in which the Web Control dashboard was failing to load the Top Blocked Domains chart
  • Resolved an issue with the trial expiration banner appearing in the portal with the incorrect date of expiration
  • Resolved an issue in which Unified Audit advanced searches were case sensitive
  • Resolved an issue in which ServiceNow tickets were not correctly populating the Assignee
  • Resolved an issue in which users were able to copy policies between organizations without the appropriate permission
  • Resolved an issue in which Computer Groups were not being populated in the Applies To dropdown when creating Web Control policies
  • Resolved an issue in which the tab buttons were overlapping the page title on the ThreatLocker Detect Alert center on smaller screens
  • Resolved an issue in which the Effective Action column was missing from Unified Audit exports
  • Resolved an issue in which on smaller screens, the buttons on right hand side of the Users page were unreachable
  • Resolved an issue in which Global Web Contol policies were unable to be edited/updated
  • Resolved an issue in which adding to application from the Unified Audit was incorrectly resetting the hash if a different selection was made and then attempting to go back to the hash
  • Resolved an issue in which the ThreatLocker portal version was being displayed as white text, making it invisible
  • Resolved an issue in which Scheduled Detect policies were failing to display a start time
  • Resolved an issue in which incorrect order status was preventing customer login
  • Resolved an issue in which the buttons on the Missing Updates tab were not returning to full size when a minimized window was maximized
  • Resolved an issue in which moving a device was not updating its IP record in the new location
  • Resolved an issue in which Store names were not correctly wrapping to fit in the allotted space
  • Removed a no longer functioning Add to Store button from the application sidebar
  • Resolved an issue in which requesting a write action was resulting in the Request incorrectly defaulting to having Read selected
  • Resolved an issue in which the maintenance API was not allowing a computer to be placed in Tamper Protection Disabled
  • Resolved an issue in which application files were not being added or removed in real time
  • Resolved a UI issue seen with multi-select dropdowns when using Mozilla Firefox browser
  • Resolved an issue where the TLAPS password icon on the Devices page was not displaying when using sorting or filter options
  • Resolved an issue where Cloud Detect incident details were missing when viewed in the Detect Dashboard
  • Resolved and issue where users were able to download Cloud Detect policies from the Community without a warning dialog to advise that the same policy already exists
  • Resolved an issue with Health Center displaying positive results incorrectly for Applications that exist in more than one Policy
  • Resolved an issue where a Cyber Hero had access to view a child org set to no access through the parent org set to full access
  • Resolved an issue with Web Control approval requests displaying the incorrect request time
  • Resolved an issue with data properly displaying in the Detect Dashboard graphs when filtered for a specific endpoint and using 'Include Child Organizations'
  • Resolved an issue where a computer specific Detect policy was being erroneously displayed as applying to Entire Organization when the specific computer was removed
  • Resolved an issue in Network Control by removing the ability to add tags as a destination option for inbound policies and also as a source option for outbound policies, causing behavior that is not expected in the agent

Portal 2.16.2: 4/23/2025 

New Features & Improvements

  • Improved the System Audit logs for deleting computers, computer groups, or applications to now be a 'Delete' action type, rather than 'Modify'
  • Updated the colors on the Unified Audit Summary chart for the Web Control Dashboard to be red and green for denied and permitted activity
  • Added a confirmation prompt when attempting to delete a Patch Management policy
  • Added additional logging for troubleshooting Datto integration errors
  • Made readability improvements to the Detect Dashboard bar graphs
  • Changed the Detect Dashboard widget filters button label to Update instead of Search to more accurately represent the functionality
  • Changed the default Detect Dashboard Timeframe filter to "30 Days"
  • Reordered the Detect Dashboard Timeframe widgets filter
  • Added an additional timeframe filter of "30 Days" to the Detect Dashboard widgets
  • Made UI improvements to the Upcoming Patches page in the Patch Management module
  • Added Patch Management user actions to the System Audit
  • Updated the Web Control Policy Actions UI controls to buttons with icons for better usability
  • Added Instructions and Guidelines for Web Control Cyber Hero Management
  • Changed Policy display text from "No Policy" to "Manually Patched" for Applications that are manually patched
  • Added support for macOS devices and Applications in Patch Management
  • Added Linux Stub Installer download option
  • Updated the invalid OTC code error message for conciseness and readability
  • Updated naming for ThreatLocker Detect user permissions
    • Renamed 'Edit/View ThreatLocker Detect Policies' to 'Edit/View All ThreatLocker Detect Policies'
    • Renamed 'View/Manage ThreatLocker Detect Remediation' to 'View/Manage All ThreatLocker Detect Remediation'
    • Renamed 'View/Manage ThreatLocker Detect Threats' to 'View/Manage ThreatLocker Detect Threats'
  • Added a new user permission section, with new permissions, for Endpoint Detect
    • New user permission 'View Endpoint Detect Policies'
    • New user permission 'Edit Endpoint Detect Policies'
    • New user permission 'View Endpoint Detect Remediation'
    • New user permission 'Edit Endpoint Detect Remeditation'
    • New user permission 'View Endpoint Detect Threats'
    • New user permission 'Edit Endpoint Detect Threats'
  • Added a new user permission section, with new permissions, for Cloud Detect
    • New user permission 'View Cloud Detect Policies'
    • New user permission 'Edit Cloud Detect Policies'
    • New user permission 'View Cloud Detect Remediation'
    • New user permission 'Edit Cloud Detect Remeditation'
    • New user permission 'View Cloud Detect Threats'
    • New user permission 'Edit Cloud Detect Threats'
  • Added a new user permission section, with new permissions, for Cloud Control
    • New user permission 'View Cloud Control'
    • New user permission 'Edit Cloud Control'
    • Removed Network Control permissions from Cloud Control Named Locations/Microsoft 365 access pages
  • Added a new user permission section, with new permissions, for Mobile devices
    • New user permission 'View Mobile Devices'
    • New user permission 'Edit Mobile Devices'
    • Removed View/Edit Computers permissions from the Devices, Mobile tab
  • Added a new user permissions section for Web Control
  • Added a new user permissions section for Patch Management

Bug Fixes

  • Removed Installation Mode from the Devices page as this mode will only be accessible when completing an Approval Request in the Response Center
  • Resolved an issue that prevented files with multiple certificates logged from the MacOS agent to only show a single certificate in the Unified Audit
  • Resolved an issue with 'Created By' process not being included in the notes section for application definitions
  • Resolved an issue in the Detect policy sidebars where policy names in the dropdown were unreadable for Policy and Previously Matched Policies conditions
  • Resolved an issue that prevented users from promoting a Mac Application Policy to a Global level
  • Resolved an issue where the Get or Download button was covering the application name for the End User view of the Store
  • Resolved an issue where selecting 'Add to Policy' on file ringfencing events in the Unified Audit did not auto populate the file path from the action log to the exclusion section of a policy
  • Resolved an issue with copying Mac Application Policies causing Ringfencing configurations to not be copied properly
  • Resolved an issue where Application Policy names with an '&' symbol was not displaying properly in the portal
  • Resolved an issue with the 'PolicyGetByID' portal API endpoint not returning specific parameters
  • Resolved an issue with updating a parent tag with items from a child organization not properly updating the tag when shared by different organizations
  • Resolved an update issue with the MAC 4.0 beta version
  • Resolved an issue with Co-Managed Direct Support that allowed helpdesk access to Child Orgs admins
  • Resolved an issue during the Copy Policy Process, a message has been added to inform users they are copying a policy that is already contained in the target location
  • Resolved an issue with Microsoft 365 Integrations not able to be created without the Endpoint Detect Module being enabled

Portal 2.15.3: 4/11/2025 

New Features & Improvements

  • Added Cloud Detect and Cloud Control to the Products dropdown
  • Made visual improvements to the Web Control Policies page
  • Made the new Web Control Dashboard the default and first tab in the Web Control Module
  • Added the Access Device ID to the Edit Device sidebar
  • Added support for creating Detect policies for macOS endpoints
  • Added an additional Notify on Request option for Web Control in the User sidebar
  • Enhanced Policy Action column on Web Control Module to allow administrators to toggle between Permit and Deny on page
  • Improved system audit logging to include details when a policy is modified to include the Kill Running Processes option
  • Improved the Billing page by now allowing users to manually enter Billing Emails rather than using a dropdown
  • Made improvements to how the Patch Management user interface deals with patch policies set to patch immediately
  • Enhanced how Impacted Computers are displayed in Patch Management
  • Added new permission titled "View Computers - Managed Organization Only", which allows an Admin to view computers at the applied Organization level only
  • Added a new advanced search field, filter by Computer Group, to the Unified Audit when using the New Search
  • Added support for creating Detect policies for macOS endpoints
  • Updated the policy description for the Configuration Manager Defender SmartScreen Configuration policy
  • Updated the description in the Configuration Manager CVE-2013-3900 WinVerifyTrust Signature Validation policy
  • Updated the description for the Configuration Manager CVE-2023-44487: HTTP/2 Rapid Reset Attack policy
  • Added a dropdown to the login page that allows a user to override which instance they login to

Bug Fixes

  • Resolved an issue in which when login restrictions were set to disallow a  Country and allow a specific IP address within that country was incorrectly denying login from the permitted IP address
  • Resolved an issue in which newly added permissions for Web Control were preventing users from editing non-Web Contol tags
  • Resolved an issue in which API Users were not being restricted by Geo-Restrictions
  • Resolved an issue in which the copy link button on the user sidebar was causing the main User page to be non-functional
  • Resolved an issue in which the Permit Application button was not working from Baseline logs
  • Resolved an issue in which tags were failing to load
  • Resolved an issue in which Cloud Detect was incorrectly looking for Cloud Control to be enabled to access
  • Resolved an issue in which the Configuration Manager policy Configure memory dump file & recovery options was not behaving as expected
  • Resolved an issue in which the Testing Environment was not able to handle file names with non-alphanumeric characters
  • Resolved a typo in the Configuration Manager Set Password Protected Screen Saver policy
  • Resolved an issue in which the Stub Installer was unable to uninstall ThreatLocker if the update channel was set to Don't Update
  • Resolved an issue in which the Configuration Manager policy CVE-2013-3900 WinVerifyTrust Signature Validation was not correctly being applied
  • Resolved an issue in which the Configuration Manager 'Turn off multicast name resolution (mDNS) (LLMNR)' policy was not being fully enabled even when set to enable
  • Removed items that were incorrectly added to the Unified Audit Actions dropdown
  • Resolved an issue in which the New Unified Audit search was not displaying the computer's maintenance mode
  • Resolved an issue where child organizations HelpDesk tickets were no longer visible if the organization was deleted, they are now moved up to the parent organization on deletion
  • Resolved an issue that prevented users from accessing the Microsoft 365 module if Network Control was not enabled for the organization
  • Resolved an issue where Web Control Tags were showing in Application and Network Control
  • Resolved an issue with the computer sidebar when using the GetDNForComputerName option that caused the Deploy Policies button to be covered
  • Resolved a UI issue with the ThreatLocker Detect tab, on a computer sidebar, when accessed while ThreatLocker Detect was not enabled for that organization
  • Resolved an issue where the Unified Audit filter for "Secured" was also showing devices in learning mode with the new search enabled
  • Resolved an issue with added and renamed Azure/Entra groups displaying as a 'blank' in the Azure integration once reloaded
  • Resolved an issue with the sorting and ordering of approval requests in the Response Center when including child organizations
  • Resolved an issue in which the Unified Audit advanced search was incorrectly including destination IPs when choosing to show only source IPs
  • Resolved an issue in which users were unable to create rules using the Process Path in conjunction with a Full Path
  • Resolved an issue in which when login restrictions were set to disallow a Country and allow a specific IP address within that country was incorrectly denying login from the permitted IP address
  • Resolved an issue where the View Computers permission applied via a role at the parent level would incorrectly allow devices from child organizations to be viewed

Portal 2.14.3: 3/31/2025

New Features & Improvements

  • Made a change to Web Control policies to only permit one category per application for simplicity
  • Improved the billing page with more informative error reporting in the event adding a payment method fails

Bug Fixes

  • Resolved an issue in which the new search in the Unified Audit was not displaying the Permit Elevation or Add to Application buttons
  • Resolved an issue in which the Unified Audit was not displaying certain files as matching existing applications
  • Resolved an issue in which the URL from an expanded entry in the Unified Audit was not being copied correctly when selecting the link button

Portal 2.14.1: 3/26/2025

New Features

  • Added a brand new Web Control dashboard
  • Added visibility of details section in the Unified Audit for DNS logs
  • Added Include Child Organizations option on the Detect Dashboard
  • Made improvements to the Top Alerts widget to be Top Alerts by Device
  • Added the ability to open the Exclusions sidebar from the computer sidebar via clicking the hostname
  • Added the Detect Dashboard to the Detect Module and will default to it being selected when the module is first opened
  • Added the ability to select Organization admins in the Reviewed By dropdown in Detect Recommendations
  • Added a new action type in the Unified Audit for DNS
  • Added confirmation message when successfully deleting applications

Bug Fixes

  • Resolved an issue in which the calculations displayed on the Missing Updates Health Center tile were incorrect
  • Resolved an issue in which the EnableRemotePresence option was not being saved on the target machine
  • Fixed multiple User Contact issues with the Mutual Action Plan
  • Resolved an issue with the Application Control Module that would not display the status options for Secured/Monitor/Inherit when Request is enabled
  • Resolved  an issue in which deleting an organization that had User Roles applied to it would change the User Role to apply to All Organizations
  • Resolved an issue in which Detect conditions to enable/disable another module policy was incorrectly tied to the ThreatLocker Protect bundle
  • Resolved an issue in which selecting the additional files tab and attempting to add multiple files to an approval was not working and not showing an error
  • Resolved an issue in which closing the Organization sidebar before it was fully loaded resulted in an error
  • Resolved an issue in which the computer ID was being omitted from Unified Audit logs using the new search
  • Resolved an issue where the destination was not updating after updating a tag name
  • Resolved an issue in which editing the name of a DNS server was incorrectly causing an error message that the IP address already exists
  • Resolved an issue in which Web Control policies were incorrectly defaulted to add the policy to the bottom of the list
  • Resolved an issue in which pressing Patch Now on a pending Patch policy was failing
  • Resolved an issue where unable to update an existing Application with a 'Path Only' file
  • Resolved an issue with Tags not being populated when Ringfencing an Application
  • Resolved an issue in which Cloud Detect logs were failing to ingest for some users

Portal 2.13.1: 3/20/2025

New Features

  • Added better detail to ConnectWise tickets to show what type of request is being made
  • Added display of 'bytes' when file size is hovered over
  • Added additional confirmation messaging when deleting items in Storage Control, Config Manager, and the Devices page
  • Added message to inform users to not rename the PKG file when downloading and installing Mac Agent
  • Added a link to external Cyber Hero Approval Instructions from the Cyber Hero Instructions tab
  • Added new New filters in the Unified Audit: Group By "Port" and "Network Direction - Inbound/Outbound"
  • Added the ability to set DNS servers as ThreatLocker Objects for applying to Web Control policies
  • Added support for Order by in Patch policies
  • Added the ability to enable/disable Patch policies from the main grid
  • Added the ability to enable/disable and delete Patch policies en masse from the main grid
  • Added the ability to mark patches as complete from the main grid individually and en masse
  • Added an Upcoming Patches tab to the Application sidebar to display all pending patches for the selected application
  • Added display of non-patch-managed applications that are missing updates
  • Added lazy loading in the Network Control Policy sidebar Objects dropdown to better accommodate large lists of objects
  • Added a hover over on the Patch Policy schedule button to display the required Windows Agent version
  • Added the ability to Ringfence with Insights on Approval Requests
  • Added a new permission category for Web Control with 2 new permissions of Edit Web Control Policies and View Web Control Policies
  • Added display of all applications with missing updates in the Missing Updates Health Center tile

Bug Fixes and Improvements

  • Resolved an issue in which ConnectWise tickets weren't being closed when using a custom auto-close delay
  • Resolved an issue in which very long file names uploaded to a help desk ticket were being cut off at the file extension, causing the upload to fail
  • Resolved an issue in which attempting to open File History was displaying an error for certain applications
  • Resolved an issue in which the Modules dropdown on the Organizations page was accessible by users with incorrect permissions
  • Resolved an issue in which the New Audit Search was not correctly displaying Deny (Option to Request) actions
  • Resolved an issue in which the last check in column was not updating Access Device check ins
  • Resolved an issue in which File History was only displaying one certificate
  • Resolved an issue in which navigating to a blocked page while also logged into the ThreatLocker portal was displaying an expired token page
  • Resolved an issue in which maintenance modes were incorrectly requiring a user to be selected when selecting to apply to all users
  • Resolved an issue in which the target dropdown was not populating when copying Network Control Policies
  • Resolved an issue in which merging and deleting applications from any page other than the first page would send the user back to the first page once an action was complete
  • Fixed a minor type on the Top Alerts graph in the Detect Dashboard
  • Changed the Detect Dashboard Recommendations widget popout to a dialogue
  • Resolved an issue in which Global groups were incorrectly being displayed in Storage and Network Control
  • Resolved an issue in which saving a domain Ringfencing exclusion with ipv4 in the name would incorrectly be saved despite an error being displayed
  • Resolved an issue in which incorrectly formatted data in Ringfencing exclusions that had previously been saved were preventing new correctly formatted exclusions from being saved
  • Resolved an issue in which incorrectly formatted data in tags that had previously been saved were preventing new correctly formatted tag items from being saved
  • Resolved a minor UI bug on the Elevation Control module that caused the line below column headers to break
  • Resolved an issue in which search parameters were not being reset after navigating away from a page in the Endpoint Detect module
  • Resolved an issue in which domains could not be saved in tags with a wildcard at the end
  • Resolved an issue in which the domain x.com could not be saved in Tags
  • Resolved an issue with domain names not supporting numerals in Organization Settings
  • Resolved an issue in which a long Store name was going behind the New Store Policy button
  • Resolved an issue in which Endpoint Detect policies were unable to be opened from an alert on a machine in a child organization
  • Resolved an issue in which multiple Elevation Control policies were being deleted when only one was selected
  • Resolved an issue in which clicking the Create button multiple times created duplicate policies
  • Resolved an issue in which deleting an admin was not removing the corresponding contact in the CRM
  • Resolved an issue in which end users were receiving a popup to run their requested application before the application was added to the local apps.db
  • Resolved an issue in which the ThreatLocker Not Detected label was incorrectly displayed in the Unified Audit
  • Resolved an issue in which the Datto PSA integration was failing to map contracts
  • Resolved an issue in which an extra space in the Config Manager MS WordPad Vulnerability: Disabled key policy was causing the policy to fail
  • Resolved an issue in which Datto PSA integration was unable to load contracts
  • Resolved an issue in which ThreatLocker Cyber Hero ownership was not being removed when escalating the request back to the client
  • Resolved an issue in which one client was unable to copy a Global policy to the Global Workstations group
  • Resolved a minor UI bug on the Patch policy sidebar in which the Patch Version dropdown was being squished
  • Resolved an issue with custom computer names being removed in the portal when the agent check-ins without a custom computer name being sent to automatically update the custom name

Portal 2.12.1: 3/13/2025

Bug Fixes

  • Resolved an issue in which certain deny logs on a single instance were returning an error when attempting to permit
  • Resolved an issue in which Storage requests were incorrectly being opened as Web Control requests

Portal 2.12 3/12/2025

New Features and Improvements

  • Added support for Bearer token use in Detect 'Send to API' actions
  • Added an All Policies option when viewing Web Control policies
  • Improved the Detect Dashboard Incident Outcomes chart readability and time precision
  • Added a static redirect page when Web Control blocked access to a targeted page

Bug Fixes

  • Resolved an issue where manually entered usernames were not being accepted on Web Control policies
  • Resolved an issue in which merging and deleting an application from any page other than the first page would send the user back to the first page once an action was complete
  • Resolved an issue in which the Any Deny filter was not working as expected using the New Search in the Unified Audit
  • Resolved an issue in which username searches in the Unified Audit were failing using the New Search
  • Resolved an issue in which the Storage Control Copy Policy target organizations and groups dropdown would load empty
  • Resolved an issue that prevented the modification of hash values when defining custom rules
  • Resolved an issue in which Global-Group policies were incorrectly being displayed when Show All policies is selected
  • Resolved an issue with SMS notifications being delivered when configured on an application policy to notify an administrator on request

Portal 2.11.4: 3/6/2025

New Features and Improvements

  • Added a new Detect Dashboard: Detect Dashboard | ThreatLocker Help Center
  • Added a new Web Control module: Web Control Module | ThreatLocker Help Center
  • Added a new Microsoft 365 (changing label to Cloud Control) that contains Cloud Detect and M365 Conditional Access
  • Made improvements to the User Application Store: The Application Store | ThreatLocker Help Center
  • Added the ability to set previous policy match as a condition in Detect so you can now chain behaviors together
  • Added a tooltip prompt on the Computers page that will inform users of a Windows machine not being able to update due to needed minimum OS requirements
  • Added additional Swagger documentation for System Audit API calls
  • Improved the UI for the Unified Audit sidebar by adding a More Details section and adding copy buttons to each line item
  • Added new Detect condition called 'Previously Matched Policy'
  • Added a new banner to warn Admins when a Named Location exceeded the 2,000 unique IP address limit
  • Improved ThreatLocker Detect responses to include more actions
  • Improved the Detect Dashboard Incident Outcomes Chart readability and time precision
  • Changed the Path column in Response Center to Details to better reflect column contents
  • Improved Deploy Policies and Approval Requests to better supports new Tags for Patch Management
  • Added Application Name to Advanced Search and Group By to the new Unified Audit Search
  • Added a popout page for the Detect Dashboard Recommendations widget

Bug Fixes

  • Resolved an issue in which company mapping in the Datto integration was not correctly saving
  • Resolved an issue in which Elevation Exception policies were not being displayed on the main grid if they contained no exceptions
  • Resolved an issue where selecting application rules in a specific order would generate a "You can not have a Created By only rule" error
  • Resolved an issue with Application Control Policies not being created for Linux and Windows XP Operating Systems
  • Resolved an issue with deleting Configuration Manager policies occasionally resulting in an error
  • Resolved an issue where the Applies To field was not reset after the Applications Existing Policies sidebar was closed
  • Resolved an issue with updating existing applications in the Permit Application sidebar was not auto populating a suggested application name
  • Resolved an issue in which Admins from a moved organization were able to viewed on the Elevation Control Local Admin Users and Groups page
  • Resolved an issue with being unable to deploy policies while having the Edit or View Organizations permission. This will be added as a new permission in future builds for more granular control
  • Resolved an issue in which adding Ringfencing exclusions from the Unified Audit were incorrectly defaulting to the  IPv6 type
  • Resolved an issue that allowed a user to enable multiple Disable ThreatLocker Detect maintenance modes at the same time
  • Resolved an issue where a maintenance mode end date wasn't properly updated when entered manually
  • Resolved an issue where the 'Secured' and 'Unsecured' Filter By options were no longer available after filters had been cleared
  • Resolved an issue where enabling/disabling a policy was not being logged in the unified audit when performed from the sidebar
  • Improved System Audit logging with Storage Control policy changes and how they are recorded
  • Resolved an issue where enabling/disabling a policy was not being logged in the unified audit when performed from the sidebar
  • Resolved an issue with resetting a user's password and an error being given when OTC is enabled
  • Resolved an issue with Saved Searches in the Unified Audit where the parameters from the start and end dates were causing incorrect searches
  • Resolved an issue with using the Select All checkbox on the Elevation Control module page in which it would select more objects than what was currently displayed on the page
  • Resolved an issue where Store Elevation Policies were not being Ringfenced.
  • Resolved an issue with Restart Agent Portal command not being sent to older Windows Agent versions
  • Resolved an issue where the Named Locations exceeded IP's banner was causing a 403 error
  • Resolved an issue in which the Certificate SHA was not being added when attempting to add it from the Unified Audit
  • Resolved an issue in which Store categories were being incorrectly displayed when the category contained an &
  • Resolved an issue with using an End Date filter option where selecting 00:00 AM was causing the field to go empty

Portal 2.10.3: 2/13/2025

New Features

  • Added a new tab on the Devices page for "Mobile (Beta)" where admins can invite end users to install the ThreatLocker Access app in preparation for using 365 Conditional Access control
  • Added a new tab on the Network Control page for 365 Conditional Access 

Bug Fixes

  • Resolved an issue in which the Permit Elevation and Add to Application buttons were not being displayed in the Unified Audit when utilizing the New Search
  • Resolved an issue in which policies set for Azure Users and Groups were incorrectly saving the UserGroup as text instead of the correct value
  • Resolved an issue in which the Advanced Search Filters were not being displayed in alphabetical order
  • Resolved an issue in which passwords were unable to be reset when MFA was enabled.

Portal 2.10: 2/10/2025

New Features and Improvements

  • Added display of a message on the Computers page that an agent restart is required after changing Options
  • Added the ability to customize the Elevation UAC window (Requires Windows Agent 9.7 or greater
  • Added a new Reload Tenant Groups button on the Azure integration sidebar to reload the tenants from Azure
  • Incorporated a 'New Search' option in the Unified Audit to greatly improve loading speeds 
  • Made improvements to the New Search feature in the Unified Audit to better display Network results and Linux baselines

Bug Fixes

  • Resolved an issue in which parent admins were able to edit a child organization from outside the US when the child organization was ITAR-compliant
  • Resolved an issue in which suggested rules were being created using an unverified certificate
  • Resolved an issue in which IPv6 addresses were unable to be input into Tags
  • Resolved an issue in which a specific organization's Cloud Detect response settings for child organizations were pulling down incorrect data and that data was then unable to be edited 
  • Resolved an issue in which active alerts were not displaying as expected when a  "Disable ThreatLocker Detect" mode was scheduled but the computer time was set earlier than the start time of the mode
  • Resolved an issue in which the copy policies function in Network Control did not populate the correct policy list on the initial load
  • Resolved an issue in which the computer sidebar was incorrectly displaying a permission error for Detect when the user was not trying to access the Detect tab
  • Resolved an issue in which the application name was not being displayed below built-in applications
  • Resolved an issue in which the Action Type Baseline was not returning results when selected from the Advanced Search in the Unified Audit
  • Resolved an issue in which status was not properly being displayed in the System Audit when removing Lockdown or Isolate or when switching from one to another
  • Resolved an issue in which Cyber Hero Instructions were not being correctly formatted on the Organization page
  • Resolved an issue in which editing a Storage Control Policy's order was incorrectly not accepting negative numbers
  • Resolved an issue in which the Elevation Control Local Administrator Users and Groups page was not correctly being exported to CSV
  • Resolved an issue in which Super Admin permission was incorrectly being required before a user could expand an IP address on a Unified Audit entry
  • Resolved an issue in which some Approval Requests were not being included in bulk actions, even when selected to be included
  • Resolved an issue in which the bottom-most Unified Audit log was partially obscured when viewing on a minimized screen
  • Resolved an issue in which 417 errors were not correctly being displayed by the portal
  • Resolved a UI glitch on Detect policies that use a policy condition containing a Tag
  • Resolved an issue in which Admins from a moved organization were able to be viewed from the Elevation Control Local Admin Users and Groups page
  • Resolved an issue in which adding Ringfencing exclusions from the Unified Audit were incorrectly defaulting to the  IPv6 type
  • Resolved an issue in which the Advanced Search in the Unified Audit was case-sensitive
  • Resolved an issue in which Azure users and groups were failing to load in the selected users and groups dropdowns in policies
  • Resolved an issue where a 417 error was received when attempting to create or update a tag containing a domain with a period in it
  • Resolved an issue where end users were unable to open the Store from the tray
  • Resolved an issue in which an update to the Azure Integration caused groups on older Integrations to not sync properly

Portal 2.9.3: 1/28/2025

New Features and Improvements

  • Preview release of the new and improved ThreatLocker Store (Requires Windows Agent 9.7 or greater)
  • Added a new column for the ThreatLocker Agent version to the Computers page
  • Added a new Subcategory selection option for the ServiceNow integration
  • Update the iconography and the verbiage for the Local Administrator Users and Groups page
  • Improved the Copy Policy feature of Network Control Module to improve the user experience
  • Updated the Computers page naming convention to 'Devices' and updated the Access Tab to 'Mobile'

Bug Fixes

  • Resolved an issue in the Software Health Report where text would be cutoff in the 'Areas Recommended to Review' section
  • Resolved an issue in the Software Health Report that would list applications in the 'Areas Recommended for Review' section in the incorrect order. Applications are now correctly listed by their rating, placing the application with the highest combined score at the top
  • Resolved an issue with the Datto integration where unit counts that were set to 0 were not updating properly for Service/Bundles
  • Resolved an issue on the Computers page that displayed 'Inherited From Group' which showed incorrectly for computer agent versions when the targeted computer has a specified agent version not set from the computer group
  • Resolved an issue where selecting 'View Unified Audit' on the Threats tab was not loading the Unified Audit as expected
  • Resolved an issue in which clicking the Denied Count on the Computers page was not loading the Unified Audit as expected
  • Resolved an issue where canceling a Remediation MFA request would not properly terminate the request
  • Resolved an issue in which the HALO PSA integration was failing to update due to caching of the Integration ID
  • Resolved an issue that prevented end users from clearing Cloud Alerts
  • Resolved an issue and improved the User Workflow when clearing Cloud Alerts
  • Resolved an issue where Ringfenced records were incorrectly displaying the 'Add to Tag' feature
  • Resolved a display issue when scrolling to the bottom of the Computers page
  • Resolved a button display issue on the Install Computer form when using smaller display formats
  • Resolved a display issue with a tooltip in the side panel of the Elevation Control Module
  • Resolved an issue with Unified Audit create policy process that would prevent a policy from being created in scenarios where a certificate has special characters
  • Resolved a Unified Audit display issue while saving a rule on an application update that would prevent the rule from returning to its original state
  • Corrected and Improved the Elevation Notification user experience and relabeled the form to Elevation Notification
  • Resolved an issue with Advanced Search with Unified Audit which worked incorrectly with the 'Not Equals' option.
  • Resolved an issue with being able to select Objects in Network Control Modules
  • Resolved an ADMIN permission issue with the Application Control Module.
  • Resolved an issue in which custom Detect banners were being displayed after they had expired
  • Resolved an issue in the Application Control Module with saving the autofill values during new policy creation
  • Resolved an issue in which Storage Control Policies were not correctly being loaded and displayed
  • Resolved an issue in which a canceled MFA request was incorrectly displaying as a new MFA request on the mobile app
  • Resolved an issue when putting a computer into Learning or Install Modes would default to creating new policies at the Organization level. This now requires the end user to select a level from the 'Applies to' dropdown list
  • Resolved an issue in which scripts run using PowerShell ISE were not being audited as expected

Archived Portal Release Notes

2024: Portal Release Notes 2024 | ThreatLocker Help Center

2023: Portal Release Notes 2023 | ThreatLocker Help Center

2022: Portal Release Notes 2022 | ThreatLocker Help Center

Was this article helpful?