Home Essential 8 Application Control
Essential 8 - Application Control.
Application control is a security measure that prevents malicious code (malware) from running on systems. When properly implemented, it allows only approved applications – like executables, software libraries, scripts, installers, and drivers – to execute.
In addition to blocking malware, application control also stops the installation or use of unauthorized applications.
Essential 8 Maturity Level 2 Controls and our Solution.
- Allowed and blocked application control events are centrally logged.
- Event logs are protected from unauthorised modification and deletion.
- Event logs from internet-facing servers are analysed in a timely manner to detect cyber security events.
- Cyber security events are analysed in a timely manner to identify cyber security incidents.
- Cyber security incidents are reported to ASD as soon as possible after they occur or are discovered.
- Following the identification of a cyber security incident, the cyber security incident response plan is enacted.
- Application control is implemented on workstations.
- Application control is implemented on internet-facing servers.
- Application control is applied to user profiles and temporary folders used by operating systems, web browsers, and email clients.
- Application control is applied to all locations other than user profiles and temporary folders used by operating systems, web browsers, and email clients.
- Application control restricts the execution of executables, software libraries, scripts, installers, compiled HTML, HTML applications, and control panel applets to an organisation-approved set.
- Microsoft’s recommended application blocklist is implemented.
- Application control rulesets are validated on an annual or more frequent basis.
Our Security Operations team is always watching.
Monitoring and data analysis
We have a unique perspective across agencies, using our MDR and XDR expertise to detect, correlate, and block attacks.
Log ingestion optimisation
Our SOC Architecture team work with you to streamline Splunk log ingestion and optimise SIEM billing.
Incident management
Our SOC experts act pro-actively 24/7, containing and remediating threats before they impact your agency.
Advanced threat hunting
Our cyber-security analysts use anomaly detection and machine learning to detect and respond to unknown and advanced threats.
Specialised Staff
Our engineers are extensively trained to know both our systems and your agency, serving as your frontline of security 24/7.
Reporting
Weekly and monthly reports, covering key metrics, notable events, threat hunt results and other data or insights.
Trusted by leading
Australian organisations






















Contact us
Get in touch with our Essential 8 experts now.
We are always here to answer your enquiries.
- 1800 004 943
- Level 15, 2 Market Street Sydney, NSW, Australia