ThreatLocker | Voters

ThreatLocker

Cory Gegg

What is kind of use case do you need for this integration?
Dashboard, widgets and reports for Reviewing and reporting on Several manual tasks in Threatlocker
Do you have the dataset API in your mind already?
Yes
ActionLog ApprovalRequest Computer ComputerCheckin MaintenanceMode Organization Report Tag ThreatLockerVersion
Do you have widgets design already?
No
Do you have bot use case already?
Yes
Deleting inactive Computers Org onboarding and offboarding Setting administrator permissions.
Can you help to connect with the vendor to provide the help needed to do the development?
Yes
Where is the API documentation URL?
https://portalapi.b.threatlocker.com/swagger/index.html
Will pay?
no, I will not pay

Created by Homard Parnacio

April 16, 2025

Darryl Cresswell

Feature Request: ThreatLocker Integration for MSPBots
Summary:
ThreatLocker is a critical component of an MSP’s cybersecurity stack. To enhance operational visibility and automation, MSPBots should integrate with ThreatLocker to provide real-time, accurate reporting and actionable insights.
Key Requirements:
1) Device Security Status Reporting
-> Display the status of all workstations per client (e.g., Secured, Learning Mode, etc.).
-> Enable bots to alert if any client machine is not in SECURED mode.
2) Offline & Inactive Device Monitoring
-> Report devices that are OFFLINE or INACTIVE.
-> Offline for an extended period may indicate:
-> -> The machine is no longer in production (license waste).
-> -> Agent installation issues.
-> Same concern applies to INACTIVE status.
3) Agent Version Tracking
-> ThreatLocker portal shows outdated agents needing updates.
-> MSPBots should provide a widget to display agent versions and highlight outdated agents.
Widgets Needed:
-> Client-Level Table View:
-> -> Devices per client with:
-> -> -> Checked-in status.
-> -> -> Security mode.
-> -> -> Agent version.
Global Widgets Across All Clients:
-> Total devices Offline and Inactive.
-> All machines not in Secured mode.
-> All devices with outdated ThreatLocker agents.
Why This Matters:
ThreatLocker is now a mainstream MSP security tool. Given its importance, this integration is long overdue. It would:
-> Improve security posture monitoring.
-> Automate alerts for compliance gaps.
-> Support billing accuracy by identifying unused licenses.
-> Address the original poster’s request for billing information visibility.

Gary Harlam

Would love to see billing information - total devices per client