In this Brand Story episode, Rob Allen, Chief Product Officer at ThreatLocker, shares how the company is transforming cybersecurity by prioritizing control and visibility without disrupting user experience. This episode explores why moving from “trust but verify” to “block by default” is not just possible—it’s essential for modern security programs.
In this Brand Story episode, Sean Martin and Marco Ciappelli sit down with Rob Allen, Chief Product Officer at ThreatLocker, to unpack how the company is reshaping endpoint security through a unique, control-first approach. Rob shares how ThreatLocker is challenging long-held assumptions about trust, visibility, and control in enterprise environments—and why the traditional “trust but verify” model is no longer good enough.
From Default Permit to Default Deny
ThreatLocker’s philosophy centers on a fundamental shift: moving from a default permit posture to a default deny stance. This approach, according to Rob, doesn’t hinder operations—it creates boundaries that allow organizations to function safely and efficiently. It’s not about locking systems down; it’s about granting permissions with precision, so users can operate without even noticing security is present.
Product Innovation Driven by Real Feedback
The conversation highlights how customer input—and CEO Danny Jenkins’ relentless presence at industry events—drives product development. New solutions like Web Control and Patch Management are designed as logical extensions of existing tools, allowing security teams to reduce risk without creating friction for end users. The addition of a software store, suggested by enterprise customers, gives users clarity on what’s approved while reducing IT support tickets.
Insights and the Detect Dashboard
Rob also explains how ThreatLocker is unlocking the value of big data. With billions of data points collected every hour, their new Insights platform aggregates and analyzes cross-customer trends to better inform security decisions. Combined with the Detect Dashboard, teams now gain not only visibility but actionable intelligence—supported by polished visuals and streamlined workflows.
More Than Just Tech—It’s Peace of Mind
While the technology is impressive, Rob says the most rewarding feedback is simple: “ThreatLocker helps me sleep at night.” For many customers, that level of confidence is priceless. And in unexpected situations—like a blue-screen incident caused by third-party software—ThreatLocker has even been used to mitigate impacts in creative ways.
Whether you’re leading a global IT team or managing a growing MSP, this episode will make you think differently about how security fits into your operational strategy. Tune in to hear how ThreatLocker is turning bold ideas into real-world control.
Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974
Note: This story contains promotional content. Learn more.
Guest: Rob Allen, Chief Product Officer at ThreatLocker
On LinkedIn | https://www.linkedin.com/in/threatlockerrob/
Resources
Learn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlocker
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Marco Ciappelli: [00:00:00] Sean,
Sean Martin: Story time, my friend.
Marco Ciappelli: I love it. I love brand stories.
Sean Martin: I know we get to, we get to talk to some cool people about, uh,
Rob Allen: And me, sorry, I, I couldn't help myself. I couldn't help myself.
Marco Ciappelli: There you go. He, he made it easy. We don't need to do former introductions or anything like that. He goes, Rob Allen, threat locker, how are you?
Rob Allen: I'm very well, I'm very well. All the better for being here, Marco.
Marco Ciappelli: Very good. Okay, Sean, take it back where you were. What were you saying?
Sean Martin: Well, I, I, what I was trying to say is, uh, there's a lot of stuff being built and delivered. Some of it's innovative and, uh, and I think I, I've seen a lot of releases coming from the threat locker team over the last few weeks and, uh, I'm thrilled to have you on Rob. You're very welcome.
Rob Allen: Thank you. Pleasure to be here, Sean.
Sean Martin: Uh, you look after a lot of that tech and the innovation and delivery of, of [00:01:00] all the stuff. And, uh, we're gonna touch on some of the, some of the releases and kind of the bigger batter batter vision of threat locker. But before we do that, maybe describe your role a little bit and, uh, your, your entry into the, the threat locker world, uh, looking after what you do.
Rob Allen: Sure. Uh, well, my role as Chief Product Officer, I've been with the company for a little bit over four years now. Uh, I joined, um. I'd say it's a very long story, but I, I've known Danny, our CEO for many years, probably 15 years, um, through previous, uh, enterprises he was involved with. Um, kept in touch with him, um, down through the years.
Um, always very impressed. Knew he was, I. Incredibly clever guy. Um, but about three or four years ago, he approached me, said, well, look, have this thing, it's doing really well. Think you'd be really interested. Uh, would you come on board and basically start up our European operations. Um, so did that, uh, was there for two and a half.
[00:02:00] I. Two and a half years, give or take. Um, and then the opportunity arose to come over here, basically be at the center of things and help, um, drive the product forward. So it was an opportunity I very much jumped at and, uh, I am now, as you can see here, so basically the office here in Orlando and, um, as I said, very much at the center of things and it's, it's fantastic place to be.
Marco Ciappelli: Yeah. Not a, not a bad place. You get a lot of sun, right. There you go. That's
Rob Allen: Yeah.
Well, yes, yes. Again, as the, the more observant of the viewer slash listeners will have noticed is, um, from my thick Minnesota accent is I'm not from around these parts. Um, and not from, so anywhere, anywhere near as sunny or as pleasant as Orlando. But, um, yeah, no, it's, it's a fantastic place to be.
It's thriving. It's, you know, really chilled out. Place. And as I said, the, just being at the center of things. I mean, we've [00:03:00] grown since I've joined from 30 something staff to over 550 today.
Um, and just being able to witness that, see that be a part of that has been phenomenal.
Marco Ciappelli: Let's start from there. I mean, three years with the company, the, the vision and innovation. I know, like Sean said, you're, you're putting out solutions and integrating things and uh, you know, where do they come from? Right.
Rob Allen: Uh, I, I will confess that DA Danny is very much the brains of the operation. I might be the pretty face, um, but Danny is very much the brains of the operation, so a lot of the, uh, a lot of the ideas basically will come from him. Um, again. Customers are always a fantastic source of ideas on things that we could do differently, things that we could do better, things that would improve the product and their lives ultimately, um, is another fantastic source.
I mean, we started off with a. Pretty clear. Danny started off rather with a pretty clear, um, objective, which was to basically [00:04:00] change the paradigm of endpoint security from default permit to default deny. Um, and it, it comes back around to this idea of zero trust, but it, it's a very unique. Outlook. Um, it basically takes 20 years of cybersecurity. Um, and as I said, that sort of trust but verify approach that so many other people are doing completely turns that around. It's a total 180 from that to, no, don't trust but verify block first, or block everything that isn't explicitly allowed. So it's, it's a very unique approach, but it extremely effective and as I said, something that does help our customers sleep better at night.
Sean Martin: And I want, I wanna stick this. Many places to go with this. So, we'll, we'll get to many of it, but I, I wanna stick with kind of the innovation point and the, and the vision point. We, we've had a chance to chat with, uh, Kiran Human and, uh, it was Adam Fuller, uh, special projects, which I, I've been involved in a lot of corporate organizations and there [00:05:00] might be some Skunk Works stuff going on, but this is formerly dedicated team looking at research and looking at new and cool ways to rethink how we do this right.
Rob Allen: Yeah, and those guys are awesome. Those guys are absolutely awesome. I've got a huge amount of time and respect for them. Um, I mean, basically anything that we don't have the time or the wherewithal to figure out, we basically set them on the case and invariably, invariably they will come back to us with a solution of some description.
So, yeah, no, really, really good guys. And, um, very important part of what, part of what we do today.
Marco Ciappelli: So give us, uh, spill the beans. What, what are some of the new, uh, products that you are very excited about? I.
Rob Allen: Um, well, the newest additions to our portfolio products basically were ones that we announced recently at Zero Trust World. Um, so I'm, I'm not sure if you've ever met Danny. One thing that Danny absolutely loves is to stand up on stage and basically announce cool new things for people. Um, zero Trust world in [00:06:00] itself is as much like the company has grown exponentially over the last number of years.
Again, I was at, I think that. Second one, four nearly four years ago and a couple hundred people there this year there was 1600, um, non staff at the event. So again, being able to stand up on stage and say, Hey, we got this cool new stuff, is something that Danny's very much a fan of. Um, but the new things we've added, and to some extent they're kind of logical extensions of what we were doing already.
So we've added web control. Um, so effectively the ability to control people's access to. You know, malicious websites or, or inappropriate websites and so on and so forth. Um, again. Pretty logical extension from everything else we do. 'cause we've al already, we've, all of us had effectively a firewall built into what we do.
So we're just gonna use that firewall to control access to websites. Um, and we also released patch management. Um, and patch management is really, really interesting because of the visibility that we have. Running within people's [00:07:00] environments. We can see everything that runs, everything that executes everything that doesn't execute stuff that's just sitting around on people's machines. Things that aren't picked up by a typical patch management solution that's only really concerned with what's in the registry because we can see all that stuff. We can basically patch all of that stuff as well. So they're the two main new additions to the product over the last, uh, the last few months.
Sean Martin: I, I've seen a few more as well, and I, I. Hopefully you don't mind, uh, touching on 'em. So there, there's the, uh, the user store, which I think is an
Rob Allen: Store. Store is really cool. Store is really cool. So again, this is something that pretty much came from suggestions to us by larger enterprise customers. They said, look, well, you know, it's all very well and good. You block all the stuff that we don't wanna run, but I. To some extent that can introduce frustration at a user level. So I can't run the thing I need to run. I don't know what PDF viewer I'm allowed to run on my machine. So the idea of the store, it is allows organizations to publish basically a list of all of the [00:08:00] software that's allowed and show people if I try and run cute PDF, and it's not on our approved list of PDF View as well.
Hey, here are. The approved list of PDF viewers, so they don't have to go running 10 different things to find the thing that they're allowed to run. They're literally gonna be shown front and center. These are the approved PDF viewers within our organization. Take your pick, install it. Off you go. So yeah, the, the store is pretty cool as well.
And again, that, that's a really good example of something that larger enterprise customers basically said to us. Look, it'd be great if you could do that. And it was great that we could do that for them.
Marco Ciappelli: Well, if there is one thing I know with the conversations we already had it is that the, the really Danny and the old team, you guys listened to the customer and, and I heard this from the customer itself, so that's really, really cool.
Rob Allen: Absolutely one really cool thing. And, uh, this isn't, this is sounding like a Danny Fan show, uh, but one really cool thing is that Danny even now attends a huge amount of industry events. Now he [00:09:00] does it for the opportunity, largely for the opportunity to speak to people and to listen to people as well. Um, so a lot of the feedback that we get comes directly from our CEO standing, talking to customers, listening to them. What are your frustrations? What are your pain points? What could we do better? What do you like about the product, what you don't like, et cetera. Um, but having a CEO, and I think he attended something in the region about seven, no, about 60 or 70 of those events last year alone. Um, I do probably not quite that many, but not far off.
So maybe 30 or 40 events. And again, every event for us is yes, an opportunity to spread the message of. What we do and why it's important, but also, again, to speak to existing customers and get feedback and see what we can do to make their lives better.
Sean Martin: Yeah, it's, it's, uh, it's quite the experience meeting and chatting with Danny and seeing, uh, seeing his involvement in, in so many things.
And, um, I, I wanna wrap up with two more products I, I feel are connected and you
can, can, uh, [00:10:00] correct me if I'm wrong here, but first is the detect dashboard. Dashboard and the, the insights piece. Um. Which in my opinion, give effectively gives teams the ability to not just set policy, but to ensure that they're functioning properly in line with the business and, and take action
if there's some anomaly or an exception there.
So.
Rob Allen: Elizabeth. to to start with insights really, um, hereto for all of our customer's data, were siloed, completely siloed. So your organization's data and my organization's data and everybody else's organiz data, they're effectively in separate databases. Now, if we wanted to see trends across all of our customers. We could do it, but it was really, really painful. I mean, you're searching in hundreds, if not thousands, well, sorry, thousands if not tens of thousands of individual databases to try and find information or trends and that kind of stuff. Um, so what we did with insights is we've effectively taken selected information [00:11:00] and centralized it. So rather than logging it to 10,000 individual databases, we're gonna log, log it to one central database where we can then analyze that information, analyze that data, and we're using it again for the greater good. It's so, you know, information like, well, I've got this thing that's trying to run on my machine.
I'm not too sure about it. Um. What other organizations or how many other organizations across threat locker's, entire customer base, does that thing run on? Is it usually permitted? Is it usually denied? When was it first seen? When was it first seen in the wild? That kind of impact, how does it behave is another really, really good example.
So like, say we're talking, um, Chrome today. So how, how does Chrome usually behave? What does Chrome usually need to interact with? Where does it need to go on the internet? I mean. For a browser, probably everywhere, but further applications like say Zoom or Teams and so on. We can now take the information that we're collating through insights and create really specific, really tailored ring fencing policies.
Say, well look, [00:12:00] this is how this application typically needs to behave in other organizations. I'm gonna set those. Restrictions around the application in my organization based on how it needs to run elsewhere. So it's a really cool way of kind of collating big data and using that big data. 'cause I mean, we, we log a phenomenal amount of information.
I mean, somewhere between three and 4 billion rows of data per hour across all of those tens of thousands of organizations. But again, we never really. We, we were never really able to use that information for, as I said, the, the greater good. Um, so yeah, that, that's pretty much where insights came in. Again, I hate to say it, but a Danny idea, but a very, very good one.
Marco Ciappelli: I need the Danny hat,
Sean Martin: Right.
Marco Ciappelli: know. Go, uh,
Rob Allen: comment. No comment.
Marco Ciappelli: tell me,
Rob Allen: Um, you did ask about something else, Sean. I only answered half your question.
Sean Martin: Dashboard.
Rob Allen: the detect dashboard? Uh, yeah. So basically we, [00:13:00] one of the things and any customers, um, who are watching will probably be aware. Um, one of the things that we, our our portal again is very. Data rich.
There's a lot of stuff in there. There's a lot of information in there. Uh, one of the things that we're probably lacking a little bit is, uh, shiny charts basically. And one of the things that we've added with the detect dashboard is shiny charts. So you can see number of alerts, number of events, you know, what proportion of them are certain things, all all that stuff that.
Looks really nice in a, uh, a shiny dashboard. Um, we've added a few other improvements to our detect product, which is something that we announced, I can't remember if it was last Zero Trust world or the one before. Um, stuff around linking different detection policies together. So if this happens and this happens, then tell me about it rather than just if this happens. Um. added recommendations as well. So one of the problems, and we, we kind of internally, um, jokingly [00:14:00] call our MDR team the configuration Please. Because very often what they're doing is they're ringing somebody to say, Hey, did you know that or DP is exposed to the internet on this server, or did you know somebody's doing that on this machine?
Whatever the case may be. Um, and one of the things we can now do is they can basically make a recommendation so they can say, well look. This is what we recommend you do to solve this problem. And then when the customer looks at the recommendation, they can just say, yes, apply that recommendation to my environment.
So therefore the problem goes away. So we're not telling people what to do. And then basically, you know, waiting and wondering if they might ever do it. We're telling people to some, you know, what they should do and giving them actionable, easily, uh, applied solutions to the problems.
Marco Ciappelli: One thing I wanna start talking is the customer experience. Um, but, but still referring to this innovation, when you roll out a new tool, uh, it's not just a standalone tool. Like I know that it, they actually integrate. One with another, which is a [00:15:00] very important thing. So tell, tell me a little bit about how you keep it all working together and still applying that zero trust concept, which many people think like, oh god damn stuck.
Right?
Rob Allen: No, the, the user experience is obviously something that's really important to us. And again, I, that's where a lot of that feedback comes in. So
valuable, but we have. Users of the platform and we have users within the organizations who use the platform. So there's two different levels of users, I suppose, that we have to consider. Um, in what we do now, the usability of the platform is obviously front and center because we want our. Customers to be able to do what they want to do. We easily and efficiently, but we also have to consider the end user experience and that that's a really important consideration. So, uh, example being the web control.
A big part of the web control product that we just announced is a lot of other web control solutions or, you know, DNS solutions. [00:16:00] You get blocked from accessing a website. There's not very much you can do about it, you just get a. You know, vanilla landing page, probably an SSL error saying, you know, we can't access this page. And you're kinda going, well, what can I do about it? Uh, one of the important things that we built into our web control is if a page gets blocked, we have a Chrome extension or an edge extension that basically sits there and it redirects you to a page where you can say, well, look, this was blocked because of this policy. Do you want to request access so the user can action, they can say, right, I do want access to this. So like, I want to access my betting site even though gambling is blocked across the organization. So I can literally just submit a request saying I like stick gambles, and then the administrator can approve that and within 60 seconds I'm able to access, access my site. Um, so that end user experience is also extremely important to us as well. So we have, we have to consider both sets of users really.
Sean Martin: And of course the flip side to that, which you, you touched on as well, is the. The experience for [00:17:00] it and security connected to it, and that use use case there. Um, they're not struggling with a bunch of tickets, right? This, this is something that,
that comes through and, and happens.
Rob Allen: Yeah, fundamentally, and again, one of the big things about it is that we, again, I, I worked in it for the best part of 20 years. I used to be the one who was fixing people's computers. And one of the things, and one of the big things that Threat Locker as a platform and the approach that we take offers is to remove the problem of. Basically users doing stupid things that get themselves in trouble. Um, so it's, I mean, another way of putting it might be to call it shadow it. It's probably a better way of describing stupid users, but you get the idea, so shadow it. So again, many years ago, you know, I'd sell somebody a computer, I'd give somebody a computer, and everything is fine.
It's super duper and it's. Fantastic. And they love it. And then six months later I get a phone call to say, Hey, my computer's running really slowly. And then I'll log in, I'll have a look and I'll find that they've got [00:18:00] 15 different chrome extensions and four different toolbars, and three different antivirus is running it.
And they're, they're running, wondering why it's running slowly. So if you take away the user's ability to do all of those. Things, the reality and the likelihood is that they're not going to get themselves in those situations. They're not going to ring you in six months time and say, Hey, my computer's running really slowly.
Can you sort it out? ID department, even though it's not something the ID it department did.
Sean Martin: And I want to, 'cause this assumes everything is in place and there's, there's two parts to achieve that state. First is, and I'll start with this first actually, the, the, the mindset of what are we trying to accomplish, which think is different with what you offer. So you have to think differently about your program. The next is. Getting stuff deployed and maintaining it.
Can you talk through, um, product and engagement with [00:19:00] you and your team, with your customers to kind of get through those first two steps so they can achieve what you just described, which is the, the streamline float.
Rob Allen: absolutely. As I said, in terms of the, the, the mindset as it's literally just going from permit by default to deny by default. Now. The thing about it is this need not get in somebody's way. And it sort of leads into your second question, which is there is a deny by default aspect to it, which is the what is going to keep you safe.
But there's also a permit by exception part to it. So it's not just deny by default, it's denied by default, permit by exception. And the p permit by exception, is the bit that allows organizations to continue. Functioning. It's allow what? It's what allows your users to do their jobs because you can't just block everything.
'cause then computers aren't gonna be very much use. You have to block everything and permit with exception. So, as I said, the exception being the software you use every day, your browsers, your, your teams, your Zoom, your, you know, video conferencing tools, your office, that kind of stuff. But the thing about it is.[00:20:00]
In the vast majority of environments, most users fundamentally do the same things in the same way with the same software every single day. They don't install random applications all the time. They're not installing, you know, dozens of new chrome extensions. And over the course of a year they, they pretty much do their job with the software they have. And basically we're just putting guardrails around that. What we're doing is we're saying, Hey look, you operate within these guardrails and you're not even gonna nowhere here. Now if you go try to run Cooper the and Clipper from China, or if you try and run, you know, anything malicious obviously, but anything, you know, remote access tool. So really nice man from Microsoft is on the phone saying, Hey, there's a problem with your windows. I want to get in and fix it. Can we install this remote access tool so I can help you out? Now, the sad reality is a lot of people will say, yes, install Ted remote access tool, which again, is not a bad tool necessarily.
I mean, your, your any desks, which is the remote access tool of choice [00:21:00] of, of ransomware, gangs or TeamViewer, any one of. 10 different remote access tools are not in themselves malicious. Can they be used maliciously? Absolutely. So again, we're just setting guardrails boundaries around what people can do, and as long as, as I said, they continue within those boundaries, they're not even gonna know we're there. The second part to lead on is making it easy for the administrators to implement this 'cause that is really, really important. Like the, the denied by default scares people quite frankly, because they may have had experience in the past with other. You know, zero trust tools they might have tried to implement, allow listing many years ago and said, oh, this is way too much work. Uh, couple of things that we do to make that easier to, to make it less of a heavy lift, is we basically learn everything that's in the environment. So we'll create policies automatically to allow people to continue running the software that're already running. One Strat Locker is enabled, so I don't need to say, well, Rob needs Visual Studio and he needs teams and he needs Zoom and he [00:22:00] needs all those things.
We're gonna see all those things running and we're gonna create policies automatically. So that takes away a lot of the hard work outta the process. The other thing is we have, uh, what we call our, our applications team that manage what we call built-in applications and built-in applications are kind of the secret sauce as to why Threat Locker is are successful.
Successful and efficient and effective as it is, and easy to manage, which is that we've got a team who are basically downloading software, installing software, cataloging software 24 7 365. So I'm talking to you on Chrome. Those guys have probably downloaded Chrome 20 times already today. Basically to check and see if there's a new update.
If there's a new update, they'll catalog it. They'll add it to our built-in applications, and it'll get pushed down to any of our customers who are using those built-in applications automatically. So basically, customers don't need to worry about updates causing problem, because updates causing problems is one of the big previous frustrations with Allow listing, and that's one of the reasons that people could never even countenance it, [00:23:00] because what do I have to do?
Or what happens when Acrobat Acrobat gets blocked on. 500 or a thousand machines in my organization. In a lot of cases, you'd have to react, you'd have to do stuff, you'd have to change stuff, you'd have to, you know, catalog stuff. We're doing all of that for you basically. And we've got eight and half thousand of those built in applications today, and that number grows weekly.
Marco Ciappelli: Wow.
Rob Allen: I hope that answers your question.
Sean Martin: Yeah, absolutely. And just one, one more quick
thing. You touched on it briefly, but uh. What's, what's running policies around that. You help them keep up to date with that stuff. Then there's the exception. You touched on it briefly, but talk about the, the role of exception handling here, because I think that that can be another big area where teams kind of get frustrated, right?
I.
Rob Allen: Absolutely. And again, it comes back to the idea of making it as smooth and as seamless as possible. I mean, basically if I try and run something and it gets blocked in my machine, I can submit a request, it gets evaluated, come straight through to whether it be a ticketing system, a ServiceNow, whatever the case may be.
But basically [00:24:00] somebody can then make an educated decision about whether or not to allow that thing so it gets. Blocked. It gets evaluated by the administrator, it gets approved, and within 60 seconds it's allowed to run on a machine. So it's a really smooth, really clean, really easy approval process. Um, but again, the important part about that is somebody is making an educated decision on your behalf should this thing be allowed to run on your machine. It's not an AI trying to work stuff out. It's not. You know, I fundamentally, it's not something making a decision, it's someone making a decision on your behalf should this be allowed to run or not. But again, it's a really smooth, easy, easy, quick process.
Marco Ciappelli: So what people think about Zero Trust, I think we, we said it several times here, it's kind of scary, right? Like, you know, you want to deny everything. How am I gonna run my business and, and so forth. So I'm putting myself in the mind of people listening to this right now that are not Bread Locker user. Um.
[00:25:00] How complicated or easy it's to get started with you guys if you never
Rob Allen: Absolutely not at all. It's, I mean, we would always, I'd always recommend to somebody that, look, you should try this out. Okay? The worst you will get out of trying it out. So you deploy threat locker, it's not secured straight away. It's not gonna block anything. It's not gonna get in your way. It's not gonna interfere with anything.
All it's gonna do fundamentally is gonna log data. It's gonna create those policies I mentioned. But the interesting thing is, when somebody deploys this, or when most customers deploy this, invariably there will be a surprise there. There'll be something they don't even know about within their, whether it be machine or set of machines.
Environment. Could be remote access tool, could be a a, a key logger, what, whatever it happens to be, there will be some surprises there. They'll go, oh my God, I didn't even remember installing that on my machine. I mean, I, I've spoken to companies who've had like 5, 6, 7 different remote access tools running.
Within their environment. You know, they've, any desk they've logged me in, they've team, like one [00:26:00] organization had TeamViewer installed, sorry, not installed, running on 20% of computers in their environment. That organization did not use TeamViewer. There was no good reason for TeamViewer to be installed on 20% of their machines. But look, we all know how it happens, which is at some point in the farthest and past some third party said, Hey, I need TeamViewer to get into your machine to fix a problem. Would you mind installing it? And the user goes, okay, I'll install that. And they get in, they fix the problem, and then TeamViewer sits on that machine forever as a potential way into that network.
So as I said, I can pretty much guarantee anyone who tries this out is the worst you are going to get out of it is complete visibility over what's in your environment. But then you can take that complete visibility and turn it into control because that fundamentally is what we are about. It is about control.
It's about, okay, now I know what's here. I know how big the problem is. Let me start fixing it. So let me start blocking. All of those remote access tools, except the one that we happen to use or let me start putting controls around. And ring fencing is something we haven't even touched on, but let me start putting some controls [00:27:00] around things like PowerShell to make sure it's not weaponized and used against me. Um, so it it, it's a really simple process. Basically all we ask from customers is an hour a week, give us an hour a week. It doesn't matter if it's a thousand machines, 10,000, a hundred thousand machines. Give us an hour a week, we'll show you how to fa to, to, to operate. The system to, to work around the platform will show you what you should be doing.
Recommendations. You know, this thing is doing this right now. Is that okay? No. Okay, well let's, let's solve that problem. But an hour a week is typically all that's needed to get this from a seeing everything to control everything state.
Sean Martin: And are you able to share some examples? You don't have to name customers if they're, if they're anonymous, but, uh, I'm, I'm looking for some. Use cases or scenarios that are pretty impactful. So I I, I'm assuming the obvious ones, are the team's less stressed out and not as much pressure on them. Uh, we, we manage business case work, business workflows more easily [00:28:00] now, but what I'm looking at is. Lower cost of software, right? If they have a bunch of stuff, if they're paying for things they're not using or uh, or things are exposing, uh, or they're looking to get acquired and, and they want to reduce the cost of stuff. I'm just wondering, are there any cases where you see the outcome of having a threat locker in the environment help a customer achieve something that he didn't even think of beyond just
Rob Allen: I got, I'm gonna give you a um, uh. Serious answer to this question, I'm gonna give you a slightly humorous answer to this question. Serious answer to the question is, the most common feedback I get from customers when I meet them at events and so on is that you help us sleep at night knowing threat lockers running on my machines or my customer's machines as the case may be, helps me sleep better at night. Genuinely, there is nothing better. That somebody could say to me. I mean, it means we're making an active actual difference in their [00:29:00] lives, not just in their working lives, in their lives. Their mental health is better 'cause they know that they've got effectively threat lock or watching their back or, or keeping them safe.
So that's. Absolutely serious answer to your question. Um, the slightly less serious answer to your question, it's still kind of serious as well. But, um, I mean, one of our biggest, like, look, in a lot of cases, especially big enterprises, don't really wanna advertise what they use or what their, their, their securities stack entails. Um, one of the. Bigger ones who do is JetBlue. So JetBlue are a fantastic customer of ours, um, and have been for many years. Um, you might have remembered a couple of months ago, and without naming names, there was a slight incident with a, um, security. A piece of security software that caused to screen issues. Um, as far as I'm aware, and again, don't quote me on this, and I understand, I'm on camera obviously, so I can probably be quoted on it on this, but there was basically two airlines [00:30:00] that were still flying during that incident. One, I think was Southwest and I, I, I, I, again, I don't know why, but I believe it was something to do with running on own operating systems.
Again, don't quote me on that. The other was JetBlue because they used threat locker. So that, that's a really good example. Now on, on the subject of that incident, and this is actually really a good example of ways that our solution can be used in ways that we never could have anticipated when we created it. Um, we also had a number of mutual customers with the. Um, solution that had the blue screen issues. And what we found was we were able to use parts of threat locker to alleviate the issues. So we have a solution. Part of what Threat Locker does is called storage control. So with storage control you can be very specific about which programs have access to what data, or you can basically block all programs from accessing a particular piece of data on a machine. So we were able to create a storage control policy that [00:31:00] blocked. The software from accessing the problem sis file, which was the one that was causing the blue screens. So by using Threat Locker, we were able to stop machines. Blue screening. Now it was kind of a toss up as to whether we got loaded first or they, they, they got loaded first.
But if we got loaded first, we wouldn't let it access the SIS file. Therefore, blue screen didn't happen. Therefore. Problem pretty much went away. And we did have other customers as well who basically just used threat locker to block access to that software completely. I know it's got a blue screen line machine, so just you threat locker, stop it from running. So there a, a couple of examples of how we, we could never have envisaged our software being used for that purpose, but in that particular case, it was successfully.
Marco Ciappelli: Yeah. I want to touch on something else, which is the many partners that you guys have. Uh, I know part of the, the event that you organized actually to, to bring the partners together. I'm sure there's a lot of exchanges of information [00:32:00] and opinion, and probably they, they have a role into implementing new, new solutions.
So you, you wanna tell me about. About that a little bit.
Rob Allen: Well, as I said, zero trust world is by far and by the. Best way for us to get customers in one place. 'cause fundamentally it means that we're not traveling all around the country to meet them. They're all coming here to meet us. So it's, it's, it's, it's win-win from that perspective. Um, but we also have, and, and as I said, feedback is really important.
Um, the other thing we have is we have advisory boards for different ki types of customers, basically. So we get a bunch of customers, um, in a room together and basically brainstorm with them.
So, you know, again, and it, it's a great situation. It's a great. Place for people to share ideas. So they all say, well, look, this would be cool, and then they can discuss it amongst themselves, discuss it with us, and you know, basically come up with ideas like that. So the advisory boards are incredibly valuable to us as well in terms of product direction, what they want us to see, or what did they want [00:33:00] to see us doing next.
Marco Ciappelli: And partners are part of that advisory board as well.
Rob Allen: Okay. They a hundred percent, yeah, they, it is all
partners. It is all customers. Yeah, no, absolutely. It's all customers.
Marco Ciappelli: Very good. Cool. So what about the future? What's, what's next?
Rob Allen: The future is bright.
Sean Martin: Spill the beans man. Spill the beans.
Rob Allen: The future is bright. No, look, as I said, we're, we're always working on improving. Um, I mean, realistically, if you stand still in this industry, you're dead. Um, I mean, the. Again, the way I look at it is we're, we're effectively building a market. Um, most of cybersecurity is headed in a particular direction, which is we're going to figure out all the bad stuff we're saying.
You guys are never going to know all of the bad stuff, okay? Nobody knows all the bad stuff, put all of the other, you know, detection tools together. And not every single one of them combined is going to know every. Every single bad thing that's out there, because [00:34:00] fundamentally there's too many bad things out there. So rather than play that game rather than. Basically try and solve that problem, which is pretty much unsolvable. We're going down a different route. We're going down the route of denied. By default, we're going down the route of block. Everything that isn't explicitly allowed Now, again, it's, it's, it's taken us time to get here it, but it is obviously, I.
Something that resonates with organizations because, I mean, look, the fact is organizations are not stupid. They can see that the ransomware problem is showing no signs of slowing down. You know what I mean? It's not a solved problem because if it was a solved problem there, wouldn't it be no need for a threat locker?
There'd be no need for any other security vendors or cybersecurity vendors. Um, but. Again, the fact that we are seeing the successes that we are shows that people realize that it's not a, a solved problem and that a different approach is needed, or at very least a combination of approaches. And I think that's really important because we [00:35:00] do see people with lots of tools in their stacks. We've got lots of different, we've got. This, and we've got that EDR, we've got that MDR and we've got that other thing. And we've got all these things that are basically looking for bad things and basically the same known bad things realistically. So all we're saying is, well look, we're not saying you don't need some detection, but why don't you take some detection and combine it with some control? So detection and control are basically, they're, they're complimentary fundamentally. And now we, we do offer both things because we've got, obviously threat locker protect, which is the protection stuff. We've got detect, which is detection stuff. So you can do it all within one platform if you want as well. But at a very minimum, combine those two approaches. It will give you a proper, layered defense, not just layering similar things on top of each other, which realistically is not actually layered. I mean, it, it's, it's pretty much the definition of defense in depth. It's not just doing the same thing again and or over and over again expecting different results.
It's actually doing something [00:36:00] different.
Sean Martin: Yeah, and what I, uh, what I like about what I, what I hear and what I see every time I interact with the the threat locker team, is it. It's a different way of thinking about the problem, and it's directly connected to how the business operates. So it isn't just threat driven, it isn't just exposure driven.
It's, we need the company to operate. This is how we operate. We need to do that safely, and we need not, we need to not push the team over the cliff
Rob Allen: Oh no,
Sean Martin: as we try.
Rob Allen: Ab absolutely not. And again, that all comes back to the user experience, the end user experience, to making it as easy as possible to implement. I mean, it's, it's all part of a bigger picture. I mean, we don't want, you know, as I said, some people have experience of implementing similar solutions in the past.
They're probably burned by those exper, those experiences. I mean, I, I've, I've literally spoken to organizations that have spent. And this is not an exaggeration years. [00:37:00] Years trying to implement other similar solutions. And I've basically, they haven't even got to the point where they can turn it on. I mean, I, I spoke to a large chain in, um, the UK who had spent four years trying to implement something similar.
I spoke, I spoke to a, um, I. A health insurance organization in the Middle East as well, two years, 10 people, two years working on a project and had eventually given up in frustration. They said, look, this can't be done. This can't be managed, so we're just going to give up and not do it. It. Isn't that difficult with Threat Locker, I can absolutely assure you it is not that difficult.
With Threat Locker, we make it manageable, we make it attainable, we make it achievable. Even small organizations, you know what I mean? It doesn't matter if it's one guy in the IT team or if it's, it's 500 guys in the IT team. It is manageable. It is achievable.
Sean Martin: Yep. Absolutely. And uh, I've, I've heard that as well and I think. For folks listening and watching, [00:38:00] uh, now's your chance. If you haven't started that journey, uh, connect with Rob and team. Uh, clearly they, they like to hear from their customers and their prospects to ensure that they're doing the right thing.
So, uh, do connect with Rob and the team. Of course, uh, we'll include resources to, to, uh. Find the solutions that we talked about today, and you can read more about all, all the things that, that Rob and his team have been building and and making available to everybody. And yeah, I mean, fantastic chatting with you, Rob.
I appreciate you sharing the, the vision and, and the, the, the direction the team's going and, uh, hopefully everybody starts their journey on, uh, zero trust.
Rob Allen: Thank you, Sean. Thank you, Marco.
Marco Ciappelli: Thank you and everybody else, just stay tuned, subscribe to Brand Stories. There'll be many more and uh, everybody take care. Thanks again, Rob.
Rob Allen: Thank you.