Reducing the Impact of Malware

Within today’s environment, many new vulnerabilities surface that, in most cases, have patches developed and implemented quickly. Installing application and operating systems patches is an imperative action needed to ensure these vulnerabilities don’t affect the integrity or availability of the organisation. Two of the Essential Eight strategies involve ensuring that patches have been applied across operating systems and applications within the organisation. Tenable can assist an organisation in tracking patching efforts and ensure applications or operating systems that are out of date are identified.

Another Essential Strategy is Application Control. Application Control is a security approach where only an approved list of applications are used on a system. Application Control defines and can ensure only trusted applications are executed and reduces the risk of malware affecting the system. Tenable is able to detect blacklisted applications that are on an asset to assist the organisation in complying with this strategy. Although at certain maturity levels the Application Control strategy does require the use of built in solutions like Microsoft’s AppLocker or Windows Defender Application Control. Some other third-party solutions are available.

This section will support the following Essential Eight Strategies:

• Patch Applications

• Application Control

• User Application Hardening

• Restrict Microsoft Office Macros

The end goal of this section is reducing the Impact of malware through the previously mentioned Essential Eight Strategies and their related ASD ISM controls. For convenience the Essential Eight to ISM Control mapping is at the end of this guide.