Help CenterUse Case: The purpose of the information below is to help the reader understand how ThreatLocker can help your organization achieve SMB1001 certification. For each level 1-5, we have outlined if and how we can help support that strategy. We have made our best effort to define which products support each sub-section. In the cases where sub-sections are missing, we do not support that sub-section. Please see the SMB1001:2025 documentation for the more specific breakdown of requirements.
Disclosure: ThreatLocker does not provide legal or compliance advice and is not a certifying authority for the SMB1001 Standard. The information provided represents ThreatLocker’s best-effort assessment of how its product capabilities may support certain SMB1001 Standard requirements when properly configured. An organization’s compliance status is dependent on multiple factors beyond the ThreatLocker platform. Any SMB1001 Standard requirements not explicitly referenced are not currently supported by ThreatLocker.
Level 1
Technology Management
· Description — 'Install and configure a firewall'
o ThreatLocker Network Control is a centrally managed host-based firewall available on Windows, macOS, and Linux.
· Description — 'Install anti-virus software on all organization devices'
o ThreatLocker Configuration Manager can enable Windows Defender.
· Description — 'Automatically install tested and approved software updates and patches on all organization devices'
o ThreatLocker Patch Management can automatically update approved applications.
Access Management
· Description — 'Change passwords routinely'
o ThreatLocker Configuration Manager can enforce password rotation.
Level 2
Access Management
· Description — 'Ensure employee accounts do not have administrative privileges'
o ThreatLocker Elevation Control can remove local administrative privileges
· Description — 'Implement a password manager system'
o ThreatLocker Application Control can block unapproved password manager applications.
o The ThreatLocker User Store can guide users to the approved application.
Level 3
Technology Management
· Description — 'Ensure all servers are updated and patched'
o ThreatLocker Patch Management can automatically update approved applications.
o (Coming soon) ThreatLocker Patch Management can automatically update your operating system.
Access Management
· Description — 'MFA on all business applications and social media accounts'
o The ThreatLocker Portal can be configured to require MFA for all administrators.
· Description — 'Ensure Remote Desktop Protocol (RDP) occurs only over Virtual Private Network (VPN) connections'
o ThreatLocker Network Control can restrict connections to certain devices and IP addresses.
Policies, Processes, and Plans
· Description — 'Implement a response plan for cyber related incidents'
o Your dedicated ThreatLocker Solutions Engineer can work with you to create a runbook that ThreatLocker MDR can follow in the event of a cyber incident.
o The Unified Audit will give complete visibility of what happened and when.
· Description — 'Implement and maintain a digital asset register'
o ThreatLocker Storage Control gives complete control over all storage locations, including where business-critical documents are stored.
o The Unified Audit gives complete visibility over what happens with your business-critical documents.
Level 4
Technology Management
· Description — 'Ensure all public internet facing resources are regularly scanned for vulnerabilities'
o ThreatLocker Application Control denies unknown applications by default, including malware.
o ThreatLocker Configuration Manager can configure Windows Defender.
o ThreatLocker Detect can alert and action on known Indicators of Compromise (IoCs).
Access Management
· Description — 'MFA where important digital data is stored'
o The ThreatLocker Portal can be configured to require MFA for all administrators.
· Description — 'MFA on RDP connections'
o ThreatLocker Network Control can act as a second factor of authentication with its dynamic Access Control Lists (ACL).
o ThreatLocker Network Control can also deny RDP connections and have the user request access as needed.
Level 5
Technology Management
· Description — 'Ensure important digital data is encrypted at rest'
o ThreatLocker Storage Control can ensure that storage devices containing important digital data are encrypted.
· Description — 'Implement application control'
o ThreatLocker Application Control is a great Zero Trust application control.
· Description — 'Disable untrusted Microsoft Office macros'
o ThreatLocker Configuration Manager can disable untrusted Microsoft Office macros.
o ThreatLocker Storage Control can block macro-enabled files.
Education and Training
· Description — 'Conduct training to test the incident response plan'
o Your ThreatLocker Solutions Engineer can review your ThreatLocker MDR runbook with you on a timely basis.