Threatlocker x ConnectSecure
- Ryan Seymour
- Vrushali
This method shows how to use the built-in policy from Threatlocker to allow the ConnectSecure application to use PowerShell when ringfencing is blocking downloads for patching.
Setup Instructions
Navigate to https://portal.threatlocker.com and select Modules > Application Control.
2 Click "New Policy"
3 Click the "Policy Name*" field.
Type "ConnectSecure"
Create a description of the application policy. For this example, I will put "ConnectSecure Vulnerability Management"
Click the "Applies to" dropdown and select the organization level to apply the policy.
Click the "Application Name" field.
Search for "ConnectSecure"
Click "BUILT-IN\ConnectSecure CyberCNS (Built-In)"
10. Click "Create"
Next, we need to verify if PowerShell Ringfencing is in place. Select Applications.
Search for Powershell
Find the "Windows PowerShell Full Language Mode" application and if the actions are Blue that means ringfencing is in place and we need to select the application.
Click "Existing Policies"
Click on any / all policies with ringfencing enabled. Depending on the setup there might be multiple to take the next steps.
Under Internet restrictions, select the "Tags"
Click the Tag dropdown and search for "ConnectSecure"
Click "ThreatLocker\ConnectSecure (Built-In)"
Select the "Add" button
20, If File access Ringfencing is enabled - Click the "Path" field.
Want to make guides like this in seconds? Yes, it's really that fast
Need Support?
You can contact our support team by emailing support@connectsecure.com or visiting our Partner Portal, where you can create, view, and manage your tickets.
https://cybercns.freshdesk.com/en/support/login