Login
ShadowLatch Management Portal
ShadowLatch Management Portal
ShadowLatch gives IT and security teams a focused way to enforce application, network, USB, and device policy with readable decisions and account controls that stay out of the way.
PowerShell tried to launch an unsigned remote support tool.
Why it matched
The launch was unknown, user-writable, and inherited a blocked parent context.
Blocked items can move into allow or deny decisions with clear target, scope, duration, and audit context.
Policy rows explain what they do, where they apply, and when another rule may conflict.
Settings keep profile, subscription, MFA, users, IP allowlist, and endpoint notification controls together.
ShadowLatch is built for teams that need real enforcement, fast policy decisions, and a portal that makes security operations feel deliberate instead of cluttered.
Block unauthorized launches at the endpoint with policy the operator can understand.
Use scope, priority, conflict hints, and audit prompts to keep policy maintainable.
Keep enforcement decisions connected instead of spread across disconnected tools.
Events stay tied to the rule and account state that produced the decision.
Observe execution context
Capture process, user, parent, path, and device state immediately.
Evaluate policy
Check process, parent, user, device, and network context together.
Enforce instantly
Block unknown launches, device events, or disallowed network behavior fast.
Review and tune
Keep every decision understandable and reusable as policy.
Stop script-driven launches while preserving normal user access.
if process == "chrome.exe" and parent.process == "powershell.exe" then block
Restrict outbound behavior to the systems the app actually needs.
if process == "acctsuite.exe" and destination not_in approved_finance_hosts then block network access
Keep removable media policy explicit and reviewable.
if device.type == "usb-storage" and device.approved != true then block mount
Fewer emergencies.
Less sprawl.
Faster onboarding.
Cleaner rollouts.
Less firefighting.
More policy confidence.
Reduced exposure.
Better investigations.
Fewer compromises.
Clearer policy control.
Better evidence.
Less ambiguity.
| Capability | ShadowLatch | ThreatLocker | Traditional AV / EDR | General endpoint platform |
|---|---|---|---|---|
| Deny-by-default application control | Yes | Yes | Usually no | Inconsistent |
| Human-readable rule creation | Designed to be clear | Powerful but heavier | Limited | Varies |
| Device restrictions | USB-aware control path | Available | Often partial | Not always central |
| Network-aware enforcement | Integrated | Adjacent controls | Detection-first | Fragmented |
Control what runs with deny-by-default enforcement and practical exception handling.
Restrict new USB storage and other device events with approval-aware policy.
Apply destination-aware restrictions where application identity alone is not enough.
Separate owner, billing, security admin, analyst, and read-only responsibilities cleanly.
Give teams a faster start for common app, device, and network controls.
Keep policy outcomes visible enough for review, onboarding, and executive confidence.
Choose how much telemetry, enforcement, and ownership you want without forcing every customer into the same data posture.
Lightweight enforcement with no cloud logging by default.
Network visibility plus control for teams that need short retention and search.
Application control for privacy-sensitive environments.
Full control with centralized visibility for the broadest customer fit.
Full control while keeping data in your environment instead of ours.
The full security platform tier with visibility, export, retention, and analytics headroom.
Use your account email to start checkout. Billing management is available after login.
See what gets blocked, why it matched, and how an admin turns evidence into policy.
Enroll the first endpoint, confirm account readiness, and verify the first useful controls.
Begin with practical application, USB, and network controls instead of an empty rules page.
Where do I manage devices, rules, billing, and downloads?
Operational management lives in the ShadowLatch customer console at shadowlatch.com/Manage, while the public site handles marketing and trial entry.
How does billing work?
Trial checkout starts from this site, and ongoing payment methods, invoices, subscription changes, and cancellation handling are designed to stay simple through Stripe-backed customer flows.
What platforms are supported today?
The current production path is centered on Windows endpoints, with the broader customer experience organized to support onboarding, downloads, billing, and account management cleanly.
ShadowLatch helps teams stop unauthorized execution, create precise policies quickly, and manage app, network, and device control from one clean platform.