ThreatLocker at scale
Multi-tenant operations, baseline templating, custom Cyber Hero workflows, Network Control + Detect at scale, audit evidence, and endpoint / customer offboarding.
Lessons
- 01 ~11 minOrganisation hierarchy and computer groups at scale
How parent / child organisations, computer groups, and per-org module enablement compose. What inherits across the tree, what doesn't, and the cross-tenant errors that cost MSPs incidents.
- 02 ~11 minBaseline templates and policy governance
Designing per-vertical baselines, version-controlling them, propagating updates without breaking customers, and the deployment-queue mechanics behind every policy change.
- 03 ~9 minCustomising Cyber Hero workflows
Approval categories, who-approves-what assignment at scale, the escalation seam from Cyber Hero to MSP to customer, and the audit trail that holds the whole flow together.
- 04 ~11 minNetwork Control and ThreatLocker Detect at scale
Host-firewall-as-policy across many customers, designing Detect rules from real telemetry, and tying Detect signals to response actions without flooding the on-call channel.
- 05 ~10 minAudit and compliance reporting
Pulling reports for Essential Eight, NIST 800-171, cyber-insurance questionnaires, and customer audits, plus the policy-decision documentation that makes audits defensible.
- 06 ~11 minEndpoint and customer offboarding
A ThreatLocker offboarding runbook for endpoints, Tamper Protection, Cyber Hero routing, stale policy cleanup, audit exports, API credentials, and customer cancellation handoff.
- Final quiz
Test what you learned. Wrong answers are explained on the spot.