Essential 8 - Application Control.
Application control is a security measure that prevents malicious code (malware) from running on systems. When properly implemented, it allows only approved applications—like executables, software libraries, scripts, installers, and drivers—to execute.
In addition to blocking malware, application control also stops the installation or use of unauthorized applications.
Essential 8 Maturity Level 2 Controls and our Solution.
| Allowed and blocked application control events are centrally logged. |  |
| Event logs are protected from unauthorised modification and deletion. | |
| Event logs from internet-facing servers are analysed in a timely manner to detect cyber security events. | |
| Cyber security events are analysed in a timely manner to identify cyber security incidents. | |
| Cyber security incidents are reported to ASD as soon as possible after they occur or are discovered. | |
| Following the identification of a cyber security incident, the cyber security incident response plan is enacted. |
| Application control is implemented on workstations. |  |
| Application control is implemented on internet-facing servers. | |
| Application control is applied to user profiles and temporary folders used by operating systems, web browsers and email clients. | |
| Application control is applied to all locations other than user profiles and temporary folders used by operating systems, web browsers and email clients. | |
| Application control restricts the execution of executables, software libraries, scripts, installers, compiled HTML, HTML applications and control panel applets to an organisation-approved set. | |
| Microsoft’s recommended application blocklist is implemented. | |
| Application control rulesets are validated on an annual or more frequent basis. |
Our Security Operations team is always watching.
