ThreatLocker has expanded its cybersecurity platform with new Zero Trust network and cloud access capabilities designed to reduce the impact of credential-based cyberattacks.
The update extends the company’s Zero Trust approach beyond endpoint protection to include cloud services and enterprise networks. The system enforces device-based verification, meaning access is denied by default unless a connection originates from an approved device and is routed through the ThreatLocker platform.
The move reflects growing concern over credential theft, which has become one of the most common entry points for cyber breaches. Even with multi-factor authentication (MFA) widely deployed, attackers can still exploit phishing techniques that trick users into entering login credentials and one-time codes on fake websites.
ThreatLocker CEO and co-founder Danny Jenkins, pictured speaking at ZTW26 in Orlanda said the new capability is designed to limit the damage even when credentials are compromised.
Under the model, access requires three conditions: valid user credentials, an approved device, and a connection through a secure broker managed by the platform. If any element is missing, the connection is blocked.
By extending verification to devices as well as user identities, the platform aims to prevent attackers from accessing systems even if they successfully obtain login credentials through phishing or other social engineering techniques.
The new controls apply to widely used cloud and SaaS platforms including Microsoft 365, Salesforce, Google Workspace, Asana and GitHub. Devices must be validated through the ThreatLocker broker before they are allowed to connect to these services or to corporate networks.
The company argues that reliance on employee awareness training alone is no longer sufficient to counter phishing attacks, particularly as artificial intelligence tools enable attackers to produce increasingly convincing social engineering campaigns.
Key features of the new capability include device-based access validation for both computers and mobile devices, granular administrative controls for endpoint access, and the ability to secure remote desktop connections without requiring open network ports. The system also supports Federal Information Processing Standards (FIPS), enabling organisations to maintain compliance with government security requirements.
ThreatLocker says the update completes its broader Zero Trust platform, which applies a “deny-by-default” model across applications, endpoints, networks, storage and SaaS services.
Under the Zero Trust framework, no user, device or connection is automatically trusted. Access is continuously verified based on identity, device status and network conditions before being granted.
The company said integrating network and cloud access controls into the existing platform allows organisations to implement Zero Trust principles across their entire digital environment through a single management system, with the aim of reducing alert fatigue and stopping breaches before they occur.
Image Credit: MySecurity Media
