ThreatLocker CEO On ‘Accelerating’ Product Moves, IPO Plans

The cybersecurity vendor is broadening its product portfolio and eyeing an initial public offering as soon as 2027, ThreatLocker Co-founder and CEO Danny Jenkins tells CRN.

ThreatLocker is moving aggressively to expand its product portfolio in a bid to make it easier for MSPs and customers to adopt a “deny-by-default” cybersecurity strategy, even as the company considers going public in coming years, ThreatLocker Co-founder and CEO Danny Jenkins told CRN.

“I think that’s the big theme here — how do we make [the customer’s] drive toward a zero trust and least-privileged environment as easy as possible?” Jenkins said.

[Related: Why Ransomware Groups Are Now Much Scarier Than State Actors: Security Experts]

In the interview last week at ThreatLocker’s Zero Trust World 2025 conference in Orlando, Florida, Jenkins said the company roughly doubled the number of product announcements unveiled at the annual event.

The announcements by ThreatLocker included new products and capabilities in patch management, web filtering and cloud control. The vendor also unveiled its User Store — where employees can access pre-approved applications and browser extensions — as well as updates to its endpoint threat detection tool and its new ThreatLocker Insights data analytics offering.

In interviews with CRN, MSP executives applauded the product announcements last week, saying that ThreatLocker has excelled at supporting MSP partners and customers while picking its new territory for expansion wisely.

Crucially, the new ThreatLocker products are “included in our platform, which gives the MSP more for less money,” Jenkins said.

Meanwhile, ThreatLocker is considering pursuing an IPO as soon as 2027, he said. The company has begun working with investment banks and is aiming to go public once it reaches $500 million in annual recurring revenue, according to Jenkins.

ThreatLocker has not disclosed specific figures for its ARR so far, but it is “in the hundreds” of millions, he said.

What follows is an edited portion of CRN’s interview with Jenkins.

What do you see as the big theme of your product updates this year?

Our mission is about accelerating that drives to zero trust, blocking by default, allowing by exception. Most of our product announcements were really about improving that process — making it easier, giving more data to the customer, helping them understand what they should permit and shouldn't permit. In addition to that, also backing that up with our enhanced detection, our enhanced restrictions on the tech products, where we can build chained policies. I think that's the big theme here — how do we make [the customer’s] drive toward a zero trust and least-privileged environment as easy as possible? There's a lot of new products launched. The web [filtering] product is really going to help companies block malicious websites, block inappropriate websites, very, very easily — but also allow users to request data very seamlessly.

Why is “deny-by-default” so important given the state of the threat environment today?

Because we can't detect everything. There's millions of pieces of malware. AI is accelerating that. You don't even need to be a developer to write unique malware anymore. You can use AI. AI is really driving that forward. But if we block by default, it takes all that risk away. It says, “We’re in control of what happens. It's our environment, it's our business.” And in addition to that, it's now easier. The technology has come a long way. We're making it easier. It's easier for businesses. So the two things have met in the middle — where the perfect scenario now for any business is to only allow the software they need, only allow it to do what it does, restrict the websites that aren't needed, or at least the categories that aren't needed. And that puts you in a better scenario.

Would you say Zero Trust World is a much bigger show this year?

It’s double the people from last year, and it's also double the product [announcements] from last year. Everything with ThreatLocker has doubled in the last year — number of customers, revenue, employees. We're really just scaling at such an incredible level. There's probably five new products. A lot of them are not necessarily products — they're enhancements to the products. They don't cost anything. They're included in our platform, which gives the MSP more for less money.

Could you talk about the expansion into patch management — is that a brand-new category for you?

It's a new category for us. While we’ll patch the stuff that the rest of the guys will, our focus has been, how do we solve the problem of the stuff that isn't being patched? And also alert and notify you? So you’ll be able to see in one dashboard — very quickly — that this file executed, it's not patched. And then you can take an action to patch it, or you can take an action to block it.

How about the expansion into web filtering — what are your differentiators there?

I think the approval process is key. We need to make sure that we can respond very, very quickly to that user, and that's where web filtering has been absolutely key — getting that approval process [expedited]. And having the ability to do it on the endpoint, as opposed to relying on DNS, means we're also protecting people in their homes, protecting people on the road. These laptops are protected wherever they are.

What about differentiators for your new Insights product?

I think companies are constantly using data to analyze. But the way we've done it is so centralized and so fast. When we're querying real-time data, it's in milliseconds, and we're going to be able to do much more impressive things with it. Also, we're looking at this from, how do we figure out how good software works, as opposed to what's bad? When we look at Insights, there's thousands of files that are just one-time files, aren't used very often, and they're not necessarily good or bad. We don't know. Nobody knows. And that's the problem with malware detection. But I think when you're just focusing on the good, we can now build good policies really quickly.

I think what it comes down to is, how much more likely [is it that] customers and prospects are going to use ThreatLocker because it's simpler? We’re already blocking by default, but it's useless if everyone doesn't deploy it. So this helps us deploy, helps us learn, helps us categorize. And that's where ThreatLocker is going to win.

It sounds like you’ve expanded more heavily into serving large enterprise customers. Is that correct?

Traditionally we were more midsize enterprise. Now we’re seeing very large enterprises come in and use ThreatLocker, deploy ThreatLocker. Some of the biggest financial companies in the world are now using ThreatLocker. And even on [the MSP side], when we think about where our average MSP size was a few years ago, it was in the sub-1,000 [endpoints managed]. But now the average MSP size is probably in the 5,000 to 10,000 [endpoints] with some of them hitting 50,000 to 100,000 endpoints. That's because confidence in the product [is growing].

Given that the IPO window seems like it's opening up a little bit, is that something ThreatLocker is interested in pursuing?

Yes, we're planning for [pursuing an] IPO. We've started working with investment banks, getting all that stuff together. I’m in no major rush to IPO, but I think that is the plan for us. We will go public, and it will probably be somewhere in two-plus years, depending on markets and other things. In the meantime, we have plenty of access to private capital.

So you think 2027 at the earliest for that?

I think 2027. We want to be at $500 million revenue, probably, before we do that. It’s not 2021, where companies were [going public] very early on.

In terms of the threat landscape, are you expecting AI is going to have a big impact on ransomware?

It already has. We’re seeing more and more undetectable ransomware, more and more undetectable reverse shells. And AI's playing a huge part in that. The world has changed. Two years ago, there were a few million people, maybe 20 million people, that were capable of writing ransomware. And most of those people were smart people that had jobs, and weren't going to write ransomware. Now there's 2 to 4 billion people, because they have access to ChatGPT. So the number of people that have access to these tools has greatly increased.

What other threats are changing that you have seen?

I think the biggest thing we're seeing is a big increase in phishing. And the damage from ransomware is increasing faster than the number of ransomware attacks. How much damage they do, how much planning they're willing to do, is definitely increasing.

Close