Cybersecurity vendor ThreatLocker recently hosted its fifth annual Zero Trust World (ZTW) conference in Orlando, welcoming attendees from 28 countries to learn about Zero Trust principles and ThreatLocker offerings. Over two days, the event celebrated Zero Trust as a cybersecurity model and the ThreatLocker approach for achieving Zero Trust.

Industry leaders, managed service providers, security practitioners, and (most importantly) Forrester analysts attended. The event featured keynotes, track sessions, and hands-on interactive labs.

ThreatLocker CEO and Cofounder Danny Jenkins set the tone with a clear message that the best defense requires not only a strong grasp of technology but also a clear understanding of how adversaries think and operate. As you might expect, the event made it clear that the best defense against these adversaries is adopting a Zero Trust mindset.

ThreatLocker Gives Zero Trust Its Own Event

Giving a concept like Zero Trust its own event underscores the importance of the Zero Trust approach to ThreatLocker and its customers. The event kicked off with a keynote from Danny Jenkins that included the ThreatLocker origin story and the company’s mission to “change the paradigm of cybersecurity from default-allow to default-deny.”

Other keynote speakers and panelists included Reggie Fils-Aimé (former president and chief operating officer of Nintendo of America), Rob Allen (chief product officer, ThreatLocker), Art Ocain (VP of incident response and disaster recovery, Airiam), and Trina Ford (chief information security officer, iHeartMedia). Keelan Leyser, the “technology magician,” also wowed the ZTW crowd by combining technology and magic in interesting ways.

Hector Monsegur (aka Sabu) and former FBI agent Chris Tarbell led a compelling fireside chat about Hector’s former life as a hacker and the fed who caught him. Former Forrester analyst Chase Cunningham (aka Dr. Zero Trust) also delighted the crowd with an engaging keynote that touched on themes from the need to stop throwing money at unproven technologies to how security failures impact markets.

While each keynote was unique in its delivery and subject matter, the underlying messaging was clear: To fully reap the benefits of modern technologies, we must change how we approach them. This means that security pros should move away from compliance box-checking exercises and complacency and adopt a more proactive approach to prevention.

ThreatLocker also hosted multiple hacking labs, interactive sessions, and live demonstrations aimed at refining both offensive and defensive cybersecurity skills. This fusion of real-time demos with theoretical discussions provided hands-on context that benefited both industry leaders and practitioners alike.

ThreatLocker Embraces The Security Platform Approach

ThreatLocker announcements at ZTW 2025 included many new features:

  • ThreatLocker Insights: gathers intelligence from client endpoints to identify unusual application behaviors. This can help customers make decisions about whether or not an application should run and what controls should be in place.
  • ThreatLocker Patch Management: helps manage application updates from the same platform being used to control access to those applications. This further illustrates the trend of security vendors competing for proactive security budgets, especially against other endpoint management solutions. The release can potentially help reduce the number of vendors (and agents) on endpoints.
  • ThreatLocker User Store: provides ThreatLocker-vetted apps that users can freely install and use to create their own allowlisting policies. This has the potential to reduce user friction (and, therefore, improve user experience) by offering a marketplace of security-approved apps.
  • ThreatLocker Web Control: delivers centralized web access control and filtering via a browser extension. This capability competes with existing secure web gateway and cloud access security broker solutions, further evidence that ThreatLocker is branching into other security categories.
  • ThreatLocker Cloud Control: aims to help shut down phishing attacks and token theft by allowing only recognized IP addresses and networks to access Microsoft 365 environments. Phishing remains a primary attack method for compromising credentials. This capability promises to fight that by tying authentication not only to the user but also to the device that the user is using.
  • ThreatLocker Detect Dashboard: aggregates alerts and incident data into a dashboard with interactive charts, policy recommendations, and recommended remediations. Understanding that prevention alone is not enough to defend enterprises, this capability adds detection and response for ThreatLocker customers.

ThreatLocker was founded on the premise of taking a “default deny” approach to security, thereby enabling Zero Trust. The latest announcements expand on this original vision to include other security capabilities. This follows the cybersecurity industry trend of building platforms with multiple security capabilities instead of discrete, standalone (best-of-breed) capabilities by incorporating existing security functionality (endpoint detection and response, patching, web filtering, etc.) into its existing platform.

As always, it’s important to remember that Zero Trust is not a security solution; it’s a strategy. Adopting technologies to enable a Zero Trust approach to security is only a part of achieving Zero Trust.

For any questions about the ZTW conference, Zero Trust, or other security and risk topics, request an inquiry or guidance session with a Forrester analyst.