Company logoHelp Center
Visit www.threatlocker.com

The Application Store

7 min. readlast update: 02.07.2025

Beta

The Store is an Application Control enhancement that provides ThreatLocker Administrators the ability to create a repository of pre-approved applications that are accessible to end users. Administrators can select any of ThreatLocker's Built-In Applications, or their own custom apps and a policy to permit that application will be created at the computer level on the fly when an end user installs it. End users will utilize the ThreatLocker popup that provides a link to "View Available Applications" when they receive a block. Once selected, the link will open a browser window that contains applications similar to the one that was blocked so they can download and install it without sending in an Approval Request.

Please Note: All Store items configured before Portal version 2.9.2 will no longer be available.

Prerequisites:

  • Windows Agent 9.7 or greater
  • Mac Agent 4.1 or greater
  • Portal 2.10 or greater
  • Ringfencing must be enabled in the Modules dropdown to use "Ringfencing Options"
  • Elevation must be enabled in the Modules dropdown to apply temporary Elevation

Configuring the Store:

Navigate to Application Control. 

Select the "Store" tab in the upper right-hand corner.

Select the "Configure Store" button to start setting up the Store.

A Store Settings popup window will open.

1.  Select a name for your Store. By default, this will be the Organization name with the word "Store" at the end, but any custom text can be entered. This will be displayed at the top of the page on both the administrative page and the end user page.

2.  Select the desired "User Session Timeout".  Once an end user starts a session, the session token will time out once this time period has elapsed. 

Please Note: The end user token will expire if the user navigates away from or closes the store window and they will need to start a new session.

3.   Select the "Enable the Application Store" checkbox to activate the Store for this Organization.

4.  Select the "Save" button to commit the configurations, or "Cancel" to close the window without saving any changes.

Creating Store Policies:

Next, select the "New Store Policy" button located in the top left corner of the page.

The New Store Policy window will open.

  1. Application - Enter the name of the application
  2. Display Name - Enter a display name (Will default to be the same as the application name)
  3. Upload an image to use as a display icon - If desired, administrators can upload an image to use as a display icon
  4. Application Description - Enter a description that will be displayed to end users (Will prefill a description if ThreatLocker has one)
  5. User Installation Instructions - Enter installation instructions that will be displayed to end users
  6. Which Organizations and Groups can have access to this application? - Select the Organizations and Groups that can have access to this item in the Store. Once selected, press the blue + button to save the selection. Administrators can select as many Organizations and Groups as wanted, pressing the blue + button in between each to commit them to the list.
  7. Mark this as a featured application? - Toggle on to mark this application as "Featured" which will prominently display this app at the top of the screen. Once toggled on, administrators can select an image file to upload to be used as a background.  
  8. Publish Application - Toggle on to publish this application to the Store.
  9. Enter License Key - Toggle on to enter a license key that will be displayed to end users.
  10. Restrict and count the number of licenses? - Toggle on to enter the number of licenses available. Then, whenever this application is downloaded, the license count will be decreased by 1 until there are no more licenses available at which time the application will no longer be displayed to end users.
  11. Install Type - Select to either enter the URL of a trusted file repository or upload an Installation file.
  12. Temporarily Elevate this program to run as a local administrator - Once selected, set a time frame for the Elevation, after which the Elevation will expire and the application will still be permitted under the standard user context. Then select if end users can install or download the application more than once. Please note that this will create a new temporary Elevation policy each time the application is installed or downloaded.
  13. Ringfencing Options - In this section, set up Ringfencing restrictions.
  14.  Restrict this application from interacting with other applications? - Control which applications this application can interact with.
  15.  Restrict this application from accessing files? - Control which files this application can access.
  16. Restrict this application from changing the registry? - Control the registry locations this application can manipulate.
  17.  Restrict this application from accessing the internet - Control the internet locations this application can communicate with.

Click the blue "Create" button to save all settings above.

Store Logs

Once a Store Policy has been created, administrators can view all changes to the policy as well as every endpoint that has installed that item.

Click the grid in line with the Policy to open the Edit Store Policy window.  

Select the Store Logs tab to view the logs.

Store Main Grid

The main grid will display all store items that have been published.  

  1. Published - Column holding toggle switches to quickly change a Store Policy's published state between published and unpublished. 
  2. Display Name - Shows the display name that has been set.
  3. Accessible By - Displays the organizations and groups that will have access to the application.
  4. Categories - Shows the categories that the ThreatLocker team has set for the application.
  5. Countries of Influence- Where available, this will display the countries that influence the development of the application.
  6. Delete - A quick action button to delete Store Policies.

Multiselect Options on the Store page

Administrators can quickly delete or change the published status of multiple Store Policies at once.  Select the checkbox next to the items being changed to reveal the multiselect buttons.

  1. Delete - Delete the selected Store Policies.
  2. Publish - Publish all of the selected Store Policies that are currently unpublished. 
  3. Unpublish - Unpublish all of the selected Store Policies that are currently published. 
  4. Cancel - Deselect all selected Store Policies and hide the multiselect buttons.

End User Experience

When an end user tries to run an unapproved application, they will receive the popup message below.

The "View Available Applications" link will take the end user to the Store, which will be filtered to display only applications that match the category of the blocked application. If no published items are available, the Store button will not be displayed, and the user can select "Request Access" to send an Approval Request.

For example, when an end user attempts to run meeting software that isn't permitted, the 'Store' button will bring them to a list of approved meeting software as shown below.

Once an end user is on the Store page, selecting the application they wish to install will open a popup window that contains the description, install instructions, install key if one was inserted, and a button that will download the file or bring the user to the URL designated so they can download the file.

Alternatively, end users can navigate to the Store by right-clicking on the ThreatLocker tray icon and selecting "View Available Applications".

The Store will open to the main view, showing the featured applications with all other applications arranged by category below.

Users can select to view by category using the "Categories" dropdown, or they can search by application name in the search bar.

For assistance with the ThreatLocker Application Store or any other product, please reach out to the Cyber Hero Support team.

Was this article helpful?