Endpoint Security / Zero Trust

ThreatLocker Implementation

A security deployment project that moved ThreatLocker from an underused tool into an actively managed application control and endpoint protection solution.

Official ThreatLocker wordmark on a styled portfolio background

Overview

ThreatLocker had been introduced at ETC TechSolutions but was not yet being used as an active security control. My role was to help turn it into a practical part of the security program by documenting the platform, improving deployment workflows, diagramming the implementation logic, and supporting adoption.

Objectives

Results

The project helped transform ThreatLocker into a more actively managed security solution. Documentation and training created a clearer adoption path, Visio diagrams made technician handoffs easier to follow, RMM automation made deployment more repeatable, and portal integration improved client engagement around security requests.

End-User Training Video

I also created an instructional video for end users so they could understand what ThreatLocker does on their systems, what a blocked application looks like, and how to raise exception requests when legitimate work is interrupted.

Evidence

Revised ThreatLocker automation implementation flowchart

The revised flowchart documents the decision path for company-level and endpoint-level deployment status, including install, uninstall, override, add device, remove device, and exception states.

Visio-style ThreatLocker RMM custom field and dynamic group automation flow

The supplemental Visio-style snapshot extends the deployment map by showing the default custom fields, dynamic group membership, scheduled task detection, and RMM monitor loop. The structure supports one generalized deployment pattern where unique company identifiers and endpoint status values are passed into parameterized RMM logic instead of rebuilding separate automation for each client.