Long Arrow Right External Link angle-right Search Send Times Loader chevron-down thumb-up thumb-down Spinner angle-left
Go to ThreatLocker

ThreatLocker Mobile App

Available on both Apple and Android devices, the ThreatLocker Mobile Application is free to use and works in conjunction with ThreatLocker's web portal. It was created to provide a more convenient way for you to manage your endpoints, as well as provide fast access to your accounts. 

The application does not offer all the features provided in the web portal, but this was done intentionally to keep the application simplified and streamlined as a way to provide easier management. 

ThreatLocker highly recommends using the mobile app because it will lessen any potential friction between you and your end users.

The Login Screen

undefined

Input your ThreatLocker Portal username.

Click 'Continue'. 

undefined

Input your ThreatLocker Portal password into the 'Password' text box.

Select your Inactivity Timeout from the dropdown menu.

Click the 'Login' button.

For SMS or OTC 2-Factor Authentication, you will need to retrieve your code and input it into the 'One Time Code' textbox. Next, click 'Submit'.

For DUO, you will need to approve your DUO push and then you will be logged into ThreatLocker Mobile. 

ThreatLocker Mobile does not currently support authentication using Yubikey.

Homepage

Depending upon your user permissions, when accessing the application you will be directed to one of two places: the Approval Requests page or the Computers page. The hamburger menu icon in the upper left-hand corner of the screen will allow you to navigate between the other pages: Approvals, Computers, QR Scanner, Help Desk, Help, and LogOut.

Menu

Click the hamburger icon (3 lines) beside the ThreatLocker Logo to open the menu. 

undefined

The Approvals Page 

Using the Approvals page in the mobile app will not allow for use of the ThreatLocker Testing Environment.

From the menu, select 'Approvals'. Listed will be all pending Application, Elevation, and Storage Approval Requests for organizations you manage.

At the top of the page, you will see a filter bar where you can select to view 'All Requests', 'Application Requests', or 'Elevation Requests'.

undefined

Below the filter is a Search bar. You can input all or part of a file name to bring up requests that match that file name.

undefined

Below the Search bar, you will see the request list.

The top line on each request is the name of the Organization.

undefined

Next is the Hostname where the request originated.

undefined

Listed 3rd is the username of the logged-in user when the request was sent.

undefined

Below the username is the name of the file that is being requested.

undefined

The bottom line shows what type of request this is.

undefined

Click the 'Ignore' button to ignore the request and remove it from the list.

undefined

Click the blue 'View' button to open the corresponding request. 

undefined undefined

If after looking at this request, you decide you don't want to permit it, click the 'X' in the top left-hand corner.

undefined

If you have decided to permit this file, press the green 'Permit' button to open the page where you can process this request.

undefined

At the top of the next screen, you will be informed if this file matches an existing application, and can select to add this file to the matching application, an existing application, or to create a new application for it. 

Next, you can choose to add Ringfencing if desired. 

You can select a Policy Expiration, apply Elevation if needed, and select where to apply this new policy to. 

Expanding the Administrator Notes section will provide a location to enter optional information: Ticket #, Requestor name or email address, and comments. 

Click the blue checkmark button to finish permitting this request.¬† 

Push Notifications

To receive push notifications when you receive an approval request, you will need to agree to permit the app to give you push notifications. You will also need to ensure you have selected the checkbox next to 'Notify on request' in the Edit Administrator window in the ThreatLocker web portal for the account using the mobile app.

undefined

 

The Computers Page

From the menu, select 'Computers'. You will be taken to a list of all the computers you currently manage, including computers in child organizations.  

The top line in each entry is the name of the Organization.  

undefined

The second line is the name of the computer.

undefined

Any active Maintenance Periods will be listed below the name of the computer.

undefined

Buttons that have a colorful icon signify an active Maintenance period.

undefined

Any buttons with icons in gray signify an inactive Maintenance period.

undefined

Computers Page Search

You can search by computer name, group name, or Organization name by inputting all or part of the name into the search bar at the top of the screen and then clicking 'Search'. 

undefined

Clicking on a specific computer listing will expand it.

undefined

Enabling Learning Mode

Please note: Learning and Monitor Only Mode will only work if you have enabled Application Control on your account.

Click the button that has the book and video camera icons next to the computer you wish to enable Learning Mode on. 

Next, select either 'Learning Automatic Group', 'Learning Automatic Computer', or 'Learning Automatic System' from the menu. 

undefined

  • Automatic Group will enable a one-hour Learning Mode on that computer. ThreatLocker will catalog all files that are being installed and executed on that computer and automatically create policies for the computer group the selected computer is in. All activity will be recorded in the Unified Audit. At the conclusion of the 1-hour period, the computer will switch to 'Secure'.
  • Automatic Computer will begin a one-hour Learning Mode on that computer. ThreatLocker will catalog all files that are being installed and executed on that computer and automatically create policies for just that single computer. All activity will be recorded in the Unified Audit. At the conclusion of the 1-hour period, the computer will switch to 'Secure'. 
  • Automatic System will begin a one-hour Learning Mode on that computer. ThreatLocker will catalog all drivers that are being installed and create a policy for them for that single computer. All activity will be recorded in the Unified Audit. At the conclusion of the 1-hour period, the computer will switch to 'Secure'. 

After you make your selection, the button will change color and the selected mode will be listed below the computer name.  

To end any maintenance period before the hour is up, click the desired button a second time, and then click 'Yes' on the alert that populates. The computer will then switch to 'Secure'.

undefined

Enabling Monitor Only Mode

Select the button that has the book and video camera icons.

undefined

Select 'Monitor Only' from the menu.

undefined

This will place the selected computer into a Monitor-Only status. No files will be blocked, nothing will be learned, and no policies will be created. All activity will be tracked in the Unified Audit. The computer will switch to 'Secure' at the end of the hour.

To end the Maintenance period early, click the button a second time and then click 'Yes' on the alert. The computer will then switch to 'Secure'.  

Enabling Elevation

Please Note: Elevation button will only function if you have purchased and enabled the Elevation product on your ThreatLocker account.

Click the button with the up arrow.

undefined

The button will change color, and a one-hour Elevation period will be enabled on the computer. All activity will be recorded in the Unified Audit.   

To end the Elevation period early, click the button a second time and then click 'Yes' on the alert.

Refresh

To refresh any page, pull down.

undefined

QR Scanner

Once you are running the ThreatLocker tray service on a computer, you can right click the ThreatLocker icon to display a QR code. The QR code can then be scanned with the Mobile Application's QR Scanner or the device's native camera.¬† 

Scanning the QR code will allow you to manage the specific computer quickly within the mobile application's Computers page. 

undefined

undefined

undefined

Help Desk

Help Desk on the Mobile Application allows you to create and manage tickets on the go.

undefined

undefined

For more information about how to use the mobile app, please see our ThreatLocker Mobile App course in ThreatLocker University.
Did this answer your question?
Thanks so much for your feedback!
%s of people found this helpful.