Help CenterUse Case: The purpose of the information below is to help the reader understand how ThreatLocker can help your organization achieve SMB1001 certification. For each level 1-5, we have outlined if and how we can help support that strategy. We have made our best effort to define which products support each sub-section. In the cases where sub-sections are missing, we do not support that sub-section. Please see the SMB1001:2025 documentation for the more specific breakdown of requirements.
Disclaimer: We make no claim on the end-user. If ThreatLocker policies are not configured correctly, they will not support the requirements. Additionally, ThreatLocker may only help with a portion of the requirement.
Level 1
Technology Management
· Description — 'Install and configure a firewall'
o ThreatLocker Network Control is a centrally managed host-based firewall available on Windows, macOS, and Linux.
· Description — 'Install anti-virus software on all organization devices'
o ThreatLocker Configuration Manager can enable Windows Defender.
· Description — 'Automatically install tested and approved software updates and patches on all organization devices'
o ThreatLocker Patch Management can automatically update approved applications.
Access Management
· Description — 'Change passwords routinely'
o ThreatLocker Configuration Manager can enforce password rotation.
Level 2
Access Management
· Description — 'Ensure employee accounts do not have administrative privileges'
o ThreatLocker Elevation Control can remove local administrative privileges
· Description — 'Implement a password manager system'
o ThreatLocker Application Control can block unapproved password manager applications.
o The ThreatLocker User Store can guide users to the approved application.
Level 3
Technology Management
· Description — 'Ensure all servers are updated and patched'
o ThreatLocker Patch Management can automatically update approved applications.
o (Coming soon) ThreatLocker Patch Management can automatically update your operating system.
Access Management
· Description — 'MFA on all business applications and social media accounts'
o The ThreatLocker Portal can be configured to require MFA for all administrators.
· Description — 'Ensure Remote Desktop Protocol (RDP) occurs only over Virtual Private Network (VPN) connections'
o ThreatLocker Network Control can restrict connections to certain devices and IP addresses.
Policies, Processes, and Plans
· Description — 'Implement a response plan for cyber related incidents'
o Your dedicated ThreatLocker Solutions Engineer can work with you to create a runbook that ThreatLocker MDR can follow in the event of a cyber incident.
o The Unified Audit will give complete visibility of what happened and when.
· Description — 'Implement and maintain a digital asset register'
o ThreatLocker Storage Control gives complete control over all storage locations, including where business-critical documents are stored.
o The Unified Audit gives complete visibility over what happens with your business-critical documents.
Level 4
Technology Management
· Description — 'Ensure all public internet facing resources are regularly scanned for vulnerabilities'
o ThreatLocker Application Control denies unknown applications by default, including malware.
o ThreatLocker Configuration Manager can configure Windows Defender.
o ThreatLocker Detect can alert and action on known Indicators of Compromise (IoCs).
Access Management
· Description — 'MFA where important digital data is stored'
o The ThreatLocker Portal can be configured to require MFA for all administrators.
· Description — 'MFA on RDP connections'
o ThreatLocker Network Control can act as a second factor of authentication with its dynamic Access Control Lists (ACL).
o ThreatLocker Network Control can also deny RDP connections and have the user request access as needed.
Level 5
Technology Management
· Description — 'Ensure important digital data is encrypted at rest'
o ThreatLocker Storage Control can ensure that storage devices containing important digital data are encrypted.
· Description — 'Implement application control'
o ThreatLocker Application Control is a great Zero Trust application control.
· Description — 'Disable untrusted Microsoft Office macros'
o ThreatLocker Configuration Manager can disable untrusted Microsoft Office macros.
o ThreatLocker Storage Control can block macro-enabled files.
Education and Training
· Description — 'Conduct training to test the incident response plan'
o Your ThreatLocker Solutions Engineer can review your ThreatLocker MDR runbook with you on a timely basis.