What does ThreatLocker do when it cannot match applications to built-in definitions?

ThreatLocker is designed to enhance security by controlling which applications are allowed to run on a system. When it encounters an application that does not match any of its built-in definitions, the standard procedure is to create custom rules for that specific application. This approach ensures that legitimate software can continue to operate while also maintaining a strong security posture.

Creating custom rules allows administrators to tailor security measures according to specific needs and use cases without outright denying access to potentially necessary applications. This flexibility helps organizations avoid disruptions in their operations, facilitating updates and installations while still adhering to security protocols. Ultimately, this process balances security with usability, allowing for dynamic responses to new or unidentified applications in the environment.