Help CenterBy default, the ThreatLocker Agent prioritizes built-in application definitions over custom definitions. This means that if both exist for the same application, the built-in definition will always take precedence, regardless of policy order.
Starting with Windows Agent 10.5.3, you can change this behavior by enabling a new Agent Setting. When applied, the agent will process applications strictly according to policy order, treating built-in and custom definitions equally.
Navigate to the Agent Settings page.
Select the New Setting button in the top left-hand side of the page.
Under Setting Type, select Prioritize Built-In Applications.
Set the desired Applies To level.
Select either Add Settings to Top or Add Settings to Bottom to specify where in the Agent Setting order you want this setting.
Please Note: Agent Settings are processed in a top-down order
Under Parameters, be sure the checkbox to Prioritize Built-In Application is NOT selected.
Click the 'Create' button to save the setting and close the sidebar.
Select the 'Update Agents' button to deploy this setting to all agents contained in the Applies to that was selected.