Managed Zero Trust Endpoint Protection

ThreatLocker® Zero Trust Endpoint Protection Platform offers a unified approach to protecting users, devices, and networks against the exploitation of zero-day vulnerabilities.

Seamless Cybersecurity for Organizations of Any Industry

In an era where cybersecurity is non-negotiable, organizations require a robust and proactive defense mechanism to safeguard their sensitive data and digital assets. Instead of relying heavily on detection methods and chasing threats, ThreatLocker enterprise-level cybersecurity solutions block everything that is not explicitly trusted and allows organizations to use only what is needed.


Elevation Control


Storage Control

Network Control


Application Allowlisting, previously known as “Application Whitelisting,” works by a simple rule: if it’s not expressly permitted, it’s not allowed. This robust form of access control prevents untrusted software, including all types of malware and ransomware, from running. It’s a key part of endpoint security that ensures only specific, safe applications operate on your network.

How Does Application Allowlisting Work?

When the agent is first installed, it operates in Learning Mode. This phase involves cataloging every application and its dependencies currently on the system. It creates a list of these applications, forming the basis of your allowlist. Post Learning Mode, the IT admin reviews this list, removing non-essential apps to enhance security. Once secured, any executable file, script, or library not on the allowlist is automatically blocked. The user can request new software from the IT administrator, and it can be approved in 60 seconds.

Elevation Control

Elevation Control is a policy-based PAM solution that assists organizations in being secure but still efficient in their operations. Instead of granting users access to administrator logins, policies can be created to automatically grant higher privileges to applications. This allows the applications to access the necessary resources without giving users these desired credentials.

Elevation Control puts I.T. administrators in the driving seat, enabling them to control what applications can run as a local admin without giving users local admin rights.

Gives you the ability to approve specific applications to run as an administrator, even if the user is not a local administrator.

Users can request permission to elevate applications and attach files and notes to support their requests.

Enables you to set durations for how long users are allowed access to specific applications by granting temporary or permanent access.

Ringfencing™ ensures that users cannot jump to infiltrate connected applications within the network once an application is elevated.


Ringfencing™ controls what applications can do once they are running. Think of Ringfencing™ as a barrier and extra security measure that is actively containing software from stepping outside of its lane. By limiting what software can do, ThreatLocker® Ringfencing™ can reduce the likelihood of an exploit being successful or an attacker weaponizing legitimate tools such as PowerShell.

Ringfencing™ allows you to control how applications can interact with other applications. For example, while both Microsoft Word and PowerShell may be permitted, Ringfencing™ will stop Microsoft Word from being able to call PowerShell, thus preventing an attempted exploit of a vulnerability such as the Follina vulnerability from being successful.

Preventing Software Exploitation with Application Containment

Ringfencing™ was able to foil a number of attacks that were not stopped by traditional EDR. The 2020 SolarWinds Orion attack was foiled by Ringfencing™. See how Ringfencing™ allows you to remove file access permissions for applications that do not need access and even remove network or registry permissions.

Storage Control

Storage Control provides policy-driven control over storage devices, whether the storage device is a local folder, a network share, or external storage such as a USB drive. ThreatLocker® Storage Control allows granular policies to be set, which could be as simple as blocking USB drives, or as detailed as blocking access to your backup share, except when accessed by your backup application.

A full detailed audit of all file access on USB, network, and local hard drives is centrally accessible within minutes of a file being opened.

These policies allow or deny access to storage based on user, time, applications, and more.

A pop-up with the option to request access to the storage device.

USB policies allow access based on device serial number, vendor, and/ or file type.

Network Control

ThreatLocker® Network Control is a firewall for endpoints and servers that can be managed centrally. It provides complete control over network traffic, which helps to protect your devices. Custom-built policies are used to grant access to the network based on IP address, specific keywords, agent authentication, or dynamic ACLs. This network access security tool allows granular control over access to the network.

Why Network Control?

The local network is no more. Neither is the corporate firewall.

Users are not only working from the office but also remotely, meaning the network we utilize has quickly become the internet, leaving devices and data vulnerable to cyber threats. This dissolution of the business perimeter makes network access controls essential to protect your devices and, by extension, your data.

The ThreatLocker® network access control solution helps protect business assets whether employees are in the office or remote. ThreatLocker® Network Control provides a direct connection between the client and server, as opposed to a VPN that goes through a central point.

How Does Network Control Work?

ThreatLocker® network security tools help you manage firewall policies and port control for all devices from one place. Traditional firewalls rely on static ACLs to control access to network assets, requiring IT intervention to make changes. Employees who travel or change locations frequently need the IT department to adjust the firewall for each new location.

ThreatLocker® uses dynamic ACLs to adjust the firewall without user interaction. Create custom policies to open ports on demand for approved devices and users, no matter where they connect from.

Once an authorized device no longer uses the open port, it will automatically close within 5 minutes. Unapproved devices will not be able to connect to or have visibility of the open port.

There’s a reason why so many businesses use First Stop IT, and if you’d like to find out more, please feel free to live chat with us, fill in the form for a call back or give us a call on 01279 400350

quote-leftFont Awesome Free 5.0.6 by @fontawesome - License - (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License)


“Ian & Matt very helpful”

Chris, Stevenage, Herts

“Very supportive, checked my understanding at each stage.”

Yvonne, Stevenage, Herts

“Mike dealt with my query quickly and efficiently :)”

Jo, Buntingford, Hertfordshire

“We have used First Stop IT on various projects, from engineering support cover, to networking support services. We have always found their service to be prompt and of an excellent nature. The staff have been professional, helpful and informative.”

Advertise the Web, Chelmsford, Essex

“Gemma worked the cause of the issue out quickly and was easy to talk to (even with me being grumpy!). She went an extra step to make sure that it’s more obvious if there are junk emails. ”

Ruth, Harlow, Essex

“Quick resolution of the issue”

Ruth, Harlow, Essex

“As usual, fast expertise service”

Denise, Welwyn Garden City, Herts

“Fast accurate simple response.”

John, Hoddesdon, Herts

“Our requirements for highly specified technical machines were more than met by the professional team at First Stop IT. The transition to a new network was a daunting prospect but it was managed with little fuss and great expertise – thank you very much”

David, Buntingford, Hertfordshire

“Chris sorted problem on one telephone call as usual”

Sue, High Wycombe, Bucks

“Great service from Ian”

Jackie, Stevenage, Herts

“Solved extremely quick :-)”

Danielle, Harlow, Essex

“Very helpful and fixed problem quickly”

Mike, Loughton, Essex

“You are always supportive and helpful.”

Graham, Harlow, Essex

“Ian sorted out my problems quickly – many thanks”

Diane, Nazeing, Essex

“I do not use the term great ever. I am old and boring and use more controlled comment. However, your representative was prompt and identified the potential cause very readily. We now, naturally, need to wait separately to see if the internet problem identified resolves the problem.”

Vanessa, Loughton, Essex

“Available, expert, friendly, diligent”

Jonathan, Broxbourne, Herts

“friendly helpful fast accurate solution given”

John, Hoddesdon, Herts

“Very quick response and solving of the problem. It turned out that there wasn’t a problem at all but it was great to clarify it so quickly. Thanks!”

Maria, Harlow, Essex

“Gemma is an absolute legend!! To say I am pleased and relieved is an understatement. I cannot thank you enough for all your help. ”

Amanda, Harlow, Essex
“Its nice that First stop are so familiar with our company, so that there isn’t need for much explanation, therefore their service is very personable and approachable. They always provide a fast, friendly response and resolution, and never make you feel any problem is too small. 🙂 ”

Leanne, Waltham Cross, Essex

“My experience was great because my issue was resolved very quickly despite an extremely slow computer!”

Lori, Thaxted, Essex

“quick response, problem sorted”

Bob, High Wycombe, Bucks

“Thanks to First Stop IT we have a computer network that spans two locations and access to a friendly and responsive helpdesk team. We recently upgraded both of our servers and some work stations; the process was painless and has resulted in a faster more efficient working environment.”

Anthony, Berkhamsted, Hertfordshire

“Matt was extremely professional, friendly and effective; thank you.”

Grant, Loughton, Essex

“We have been a client of First Stop IT since 2006 and we have never even looked at another supplier, the service we receive is first class, fast, efficient, friendly and very professional.

Our business is 24 hours a day 7 days a week 365 days a year, and it is vital we have reliable IT support network to call upon, with First Stop we certainly have that.”

Lee, Thaxted, Essex

“Thanks for Andy’s quick response, knowledgeable and professional. resolve the issue at first attempt. I feel no difference then with in house IT support.”

Faye, Harlow, Essex

“Because Noel is great! thank you”

Sophie, Thaxted, Essex

“I have worked on a number of clients’ projects with Tai and First Stop IT. I have always found Tai to be a talented IT system designer who listens to the business needs of his clients to ensure that the final solution fully meets their requirements.

He has in depth knowledge of server & desktop hardware, Microsoft software, and range of security, backup, and cloud services. Tai is able to easily communicate and explain these services and features to others who do not have technical background.

With the backing of an excellent team of engineers at First Stop IT, I found their service to be fast and professional with great on-going support.”

Martin, Chelmsford, Essex

“Very quickly restored documents that I had stupidly deleted – a brilliant job, thanks very much.”

Mary, Loughton, Essex

“Fabulous tenacity to find a solution to work for me. I am very grateful.”

Michelle, Stevenage, Herts

“Ian always sorts all my IT issues for me . He is undoubtedly the best you have on your support team.”

Rekha, Stevenage, Herts

“Ian dealt with it with ease . Great to watch remotely whilst he worked his magic 🙂 Quick and easy solution.”

Grant, Waltham Abbey, Hertfordshire

“Danny was very patient and resolved the issue”

Ella, London