SecFrame Explorer
3/3
// Level 3 · Controls

Maturity Level 1

Essential Eight Maturity Level 1 — opportunistic adversaries.

E8-1.ML1Critical

Application Control (ML1)

Prevent execution of unapproved/malicious programs on all workstations and servers.

E8-2.ML1Critical

Patch Applications (ML1)

Apply patches/updates for online services and other apps within timelines based on vulnerability severity.

E8-3.ML1High

Configure Microsoft Office Macro Settings (ML1)

Block macros from the internet; only allow vetted macros from trusted locations or digitally signed.

E8-4.ML1High

User Application Hardening (ML1)

Disable Flash, web ads, Java, and unneeded browser/Office features; enable ASR rules.

E8-5.ML1Critical

Restrict Administrative Privileges (ML1)

Limit privileged accounts; separate admin and standard accounts; use just-in-time access.

E8-6.ML1Critical

Patch Operating Systems (ML1)

Apply OS patches/updates in line with severity-based timelines; use modern, supported OS versions.

E8-7.ML1Critical

Multi-Factor Authentication (ML1)

Use phishing-resistant MFA for users of internet-facing services and privileged users.

E8-8.ML1High

Regular Backups (ML1)

Backup critical data and configs; store securely; test restoration; protect from modification/deletion.