What mechanism does ThreatLocker use to evaluate application trust?

ThreatLocker employs signatures and reputation to evaluate application trust. This involves analyzing established signatures associated with known software applications along with their behavioral histories. By leveraging a database of application signatures, ThreatLocker identifies whether an application is legitimate or potentially harmful. The reputation aspect adds another layer by considering how widely an application is used and its history of security incidents, providing an indication of its trustworthiness in various environments.

This method ensures a comprehensive assessment of applications, allowing organizations to only permit those deemed safe, thereby enhancing their overall security posture. It contrasts with approaches like user reviews or market trends, which can be subjective and lack a standardized measure of risk. Network analysis might help in identifying unusual behaviors but does not inherently determine application trustworthiness in the way that signatures and reputation directly do.