ThreatLocker introduced DAC configuration monitoring and achieved FedRAMP certification at Black Hat 2025, strengthening zero trust capabilities while expanding government market access through practical security solutions.
Event Recap: Kieran Human at Black Hat USA 2025 — ThreatLocker Unveils Configuration Defense, Achieves FedRAMP Status & More
ThreatLocker introduced DAC configuration monitoring and achieved FedRAMP certification at Black Hat 2025, strengthening zero trust capabilities while expanding government market access through practical security solutions.
Zero trust security continues evolving beyond theoretical frameworks into practical business solutions, as demonstrated by ThreatLocker's latest announcements at Black Hat USA 2025. The company introduced Defense Against Configuration (DAC), a monitoring tool addressing a critical gap in zero trust implementations.
Kieran Human, Special Projects Engineer at ThreatLocker, explained the challenge driving DAC's development. Organizations implementing zero trust often struggle with configuration management, potentially leaving systems vulnerable despite security investments. DAC monitors configurations continuously, alerting administrators to potential security issues and mapping findings to compliance frameworks including Essential 8.
The tool addresses human factors in security implementation. Technical staff sometimes create overly permissive rules to minimize user complaints, compromising security posture. DAC provides weekly reports to executives, ensuring oversight of configuration decisions and maintaining security standards across the organization.
ThreatLocker's approach distinguishes itself through "denied by default, allowed by exception" methodology, contrasting with traditional endpoint detection and response solutions that permit by default and block threats reactively. This fundamental difference requires careful implementation to avoid business disruption.
The company's learning mode capabilities address deployment concerns. With over 10,000 built-in application profiles, ThreatLocker automates policy creation while learning organizational workflows. This reduces manual configuration requirements that previously made zero trust implementations tedious and time-intensive.
FedRAMP certification represents another significant milestone, opening government sector opportunities. Federal compliance requirements previously excluded ThreatLocker from certain contracts, despite strong customer demand for their zero trust capabilities. This certification enables expansion into highly regulated environments requiring stringent security controls.
Customer testimonials continue validating the approach. One user reported preventing three breaches after implementing ThreatLocker's zero trust solution, demonstrating measurable security improvements. Such feedback reinforces the practical value of properly implemented zero trust architecture.
The balance between security and business functionality remains crucial. Organizations need security solutions that protect assets without hampering productivity. ThreatLocker's principle of least privilege implementation focuses on enabling business requirements with minimal necessary permissions rather than creating restrictive environments that impede operations.
Human described working closely with CEO Danny Jenkins, emphasizing the collaborative environment that drives product innovation. His engineering perspective provides valuable insights into customer needs while maintaining focus on practical security solutions that work in real-world environments.
As zero trust adoption accelerates across industries, tools like DAC become essential for maintaining security posture while meeting business demands. The combination of automated learning, configuration monitoring, and compliance mapping addresses practical implementation challenges facing security teams today.
Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974
Note: This story contains promotional content. Learn more.
Guest: Kieran Human, Special Project Engineer at ThreatLocker | On LinkedIn | https://www.linkedin.com/in/kieran-human-5495ab170/
Resources
Learn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlocker
Learn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25
Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs
Newsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/
Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-up
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Marco Ciappelli interviewed Kieran Human, Special Projects Engineer at ThreatLocker, during Black Hat USA 2025. This marked Kieran's first Black Hat experience, where he discussed ThreatLocker's zero trust approach and recent announcements. The company introduced DAC (Defense Against Configuration) to help organizations maintain proper security configurations and achieved FedRAMP certification, opening doors to government contracts. Kieran emphasized ThreatLocker's learning mode capabilities, which distinguish it from traditional EDR solutions by using a "denied by default, allowed by exception" model rather than the reverse. The conversation highlighted customer success stories and the importance of face-to-face interactions at industry events.
10 Key Quotes with Context