ThreatLocker, a global provider of Zero Trust cybersecurity solutions, has added Zero Trust network and cloud access solutions that enforce device-based verification to restrict unauthorized access to cloud services and networks. Access is denied by default unless the connection originates from an approved device brokered through the ThreatLocker platform, the company said.
“Our solution gives organizations confidence that their systems are secure even if a credential is stolen,” said Danny Jenkins, CEO and co-founder of ThreatLocker. “Access now requires three things: valid credentials, an approved device and connection through a secure, ThreatLocker-managed broker. If one step is missing, access is denied, drastically reducing the impact of phishing attacks.”
As credential theft has become a common cause of data breaches, multi-factor authentication (MFA) alone isn’t effective in stopping attacks. In many cases, users are prompted to enter MFA codes on realistic phishing websites, allowing attackers to log into employee accounts and access company data or internal systems, officials said.
Extending Zero Trust enforcement to cloud services and company networks is intended to ensure devices are validated through a secure broker before connecting to platforms such as Salesforce, Microsoft 365, Asana, Google Workspace, and GitHub. Even if a user is successfully phished, attackers cannot access resources unless they have possession of the user’s trusted device, officials said.
ThreatLocker also noted that user training, which has traditionally served as the primary preventive defense against phishing and credential theft, is no longer enough due to the increasing volume and effectiveness of attacks powered by AI. Even well-trained employees can be deceived. Zero Trust network and cloud access are designed to reduce the inherent risks stemming from human error, the company said.
Key benefits of the solutions include giving security administrators granular control over new endpoint access to company resources, enabling secure connections to remote desktops without the need for open ports, and allowing security teams to enforce group policies that block access to malicious or inappropriate websites. The solutions also offer support for federal information processing standards (FIPS), enabling secure, compliant network connectivity, officials said.
The additions to the ThreatLocker Zero Trust Platform allow organizations to implement controls across applications, endpoints, networks, storage and SaaS within a fully integrated solution.
“Zero Trust network and cloud access completes the vision of a unified Zero Trust platform,” Jenkins said. “ThreatLocker secures an organization’s entire digital footprint with a single tool, easing the burden on security teams and significantly reducing alert fatigue.”
