sevco.io

ThreatLocker

Overview

Threatlocker is a zero-trust security solution that offers a unified approach to protecting users, devices, and networks against the exploitation of zero day vulnerabilities.

Available Integrations

Product(s)Supported Asset Type(s)Integration Type
ThreatLockerDevicesSource

Why You Should Integrate

Integrating with ThreatLocker will allow for more insight into your devices by reporting computers with valuable information in Sevco.

How Does the Integration Work

This integration pulls the All-Computers" or "All Computers - Including Child Organizations" report to get device information for all devices discovered by ThreatLocker.

This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.

⚠️

Please review the configuration instructions in the section below before setting up permissions for apps.

Configuration

  1. Choose an Access Schema: A schema is a configuration template that defines a specific way to connect, authenticate, and interact with an external product. The following are the available schemas:
    • InstanceID/Auth Key: Will authenticate using your ThreatLocker InstanceID and Auth Key.

InstanceID/Auth Key

FieldDescriptionExample
Instance IDThe instance ID is the single letter found in your portal URL. (Ex. https://portal.x.threatlocker.com)x
Skip TLS Certification Validation*Skip certificates validation when using a certificate that is self-signed or unable to be validated through a proper certificate authority.
Auth Key*The Auth Key provided by ThreatLockerABCDEF0123456789
  1. Add an Integration: Select the integration(s) you'd like to add.

    • Collect devices
FieldDescriptionExample
Organization IDThe Organization ID that you would like to pull devices fromABCDEF0123456789
  1. Configure General Information: OPTIONAL: You can use the following fields to provide additional information about your configuration.
FieldDescriptionExample
Name (optional)Uniquely identifiable attribute of the configuration to delineate other similar configurations with the existing organization.DMZ network
Contact Person (optional)A placeholder to input a name or email address of a contact associated with the integration.Jane Doe
Link to Console (optional)A placeholder to input a link to the console of the product Sevco is integrating with for quick reference and access when configuring or editing the integration.www.product.com/devices
Email me about frequent errorsSelect this toggle to receive an email whenever an Integration has a ≥30% error rate in a 24-hour period.n/a
  1. Activate Config: Select "Activate" to enable this configuration and begin pulling data.

Source Documentation

Creating Credentials

For information about authenticating your integration, contact your Threatlocker representative.

Required Permissions

The account used must have permission to pull all reports.

Contact Us

If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].

Tags: <on-prem/cloud>,