Essential 8 1-4
Mitigation Strategies to Prevent Malware Delivery and Execution
1. Application Whitelisting
Application Whitelisting of approved/trusted programs to prevent execution of unapproved/malicious programs including .exe, DLL, scripts (e.g. Windows Script Host, PowerShell and HTA) and installers.
Sécurité Partner – Airlock Digital
2. Patch Applications
Patch Applications e.g. Flash, web browsers, Microsoft Office, Java and PDF viewers. Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications.
Sécurité Partner – Flexera
3. Configure Microsoft Office macro settings
Configure Microsoft Office macro settings to block macros from the internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.
4. User Application hardening
User application hardening. Configure web browsers to block Flash (ideally uninstall it), ads and Java on the internet. Disable unneeded features in Microsoft Office (e.g. OLE), web browsers and PDF viewers
The Government “ISM”;
Information Security Manual
The “ISM” is the definite set of guidelines on how the Australian Federal Government applies safeguards across the public service and agencies.
ASD Top 35 Mitigation Strategies;
A historical archive worthy of review
Sécurité partner Check Point have an archive of the original DSD 35, the progenitor to the Essential 8. The sad observation is that in spite of over a decade of improvements in IT security, avoidable errors are still the main cause of breaches.