An exclusive interview with Danny Jenkins, CEO and co-founder of ThreatLocker.
So, to start, what was the vision behind the creation of ThreatLocker, and how did it evolve?
When we started ThreatLocker, there were several reasons behind it, but one particular ransomware case in Australia stood out. I was asked to assist with recovery after an attack, and the CEO of the affected company called me after a week of trying to restore their data. They had paid the ransom but didn’t get their data back. He was in tears and told me, “I don’t understand what else I could have done.” He believed his business was gone despite using EDR and other security measures.
I told him, “You need to block all untrusted software.” But when I suggested this to the IT company, they pushed back, saying it was too difficult. I tried to prove my point, but at the time, it really was too hard to implement. That’s why ThreatLocker was created—to make blocking untrusted software and implementing whitelisting incredibly simple. That was our primary goal. Over time, we expanded into broader use cases, including ring-fencing, zero-trust controls, and a full endpoint protection suite. But at its core, our mission has always been to make whitelisting accessible and viable for every company in the world.
Everyone is talking about zero trust these days. How do you define it?
Zero trust is essentially a new term for the principle of least privilege. People often think of zero trust as a product-to-product interaction, but it’s not just a product—it’s a mindset. It means granting access only where it is absolutely required. That’s our focus: whitelisting is zero trust, ring-fencing is zero trust, network control is zero trust. It’s not a new concept—it’s just a new name for an existing security best practice.
So does your approach operate on a “deny by default” principle?
Yes, exactly—deny by default, allow by exception. But the way we implement this is by learning your environment, so it doesn’t become a burden for IT teams.
The endpoint protection market is very crowded. What makes ThreatLocker stand out?
Most cybersecurity vendors claim, “We’re better at detecting threats,” but the reality is that you can’t catch everything. We’re the only ones saying: “Limit the applications that can run, control what those applications can do.” Of course, we also offer EDR, but we take a fundamentally different approach.
The problem with the endpoint security market is that businesses keep chasing new solutions. A company might invest in an EDR tool like CrowdStrike and think, “Now we’re protected from ransomware.” But when an attack still happens, they buy another solution like SentinelOne. Then another. That’s why the market is so crowded—companies are chasing a problem that detection alone can’t solve.
We simplify things. We allow only what’s needed and block everything else. We track updates, we learn from your environment, and we make it easy to manage. It’s a straightforward, effective approach to security.
From a threat perspective, are you seeing any new attack trends, or is it the usual suspects like ransomware?
We’re seeing a lot of AI being used to generate new ransomware threats. AI-powered attacks are becoming more sophisticated—deepfake voices and videos, emails that are indistinguishable from legitimate communications, and ransomware that evades detection. The use of AI in cybercrime is evolving rapidly, and that’s something we need to stay ahead of.
What are your plans for the region? You have recently set up an office in Abu Dhabi. Is this a strategic market for you?
Yes, absolutely. We’ve already seen great success here. We’ve signed up 20 or 30 financial organizations across the UAE, Bahrain, and the surrounding regions. We’ve also onboarded the biggest airline in the region as a customer. The demand here is strong, and we’re excited to continue expanding.
What’s your message to the CISO community here?
My message is simple: you’re never going to catch every single bad actor. If you chase threats endlessly, you’ll always be playing defense. Instead, focus on what’s actually needed in your environment. Harden your security posture, and don’t overcomplicate things.
We’re here to help with that. Our tools are designed to make security easier, and our engineers are available to support onboarding. This isn’t about spending excessive time or money—it’s about taking practical, effective steps to protect your business. I’ve met with around 15 CISOs in the Middle East over the past two days, and it’s great to see them actively embracing security-first approaches.
