Each day thousands of malicious files and scripts are created with malicious intent. These files are created by bad actors to cause damage to organisations and are designed to bypass traditional security measures such as Antivirus.
User Application Hardening is an activity undertaken by organisations to configure applications used by individuals to ensure that applications work correctly and securely within an organisation. User Application Hardening limits an application’s ability to be used in an unintended manner to compromise a system’s security
The tools and techniques used to implement User Application Hardening are varied and are dependent on each organisation’s specific business needs and the applications used by the organisations.
Bad actors use Microsoft files with embedded Macros as part of phishing emails targeting users within an organisation. When a user opens the file, the Macro executes, performing malicious activity. This technique is one of the most prolific ways of compromising an organisation’s network and has a very high success rate.
It is difficult for anti-virus software to determine which Macros are malicious; as the software may be behaving as designed.
The purpose of User Application Hardening is to create multiple layers of security to make it increasingly difficult for bad actors to comprise a User based application to compromise a user’s device. If one layer of security is breached, multiple security measures remain to protect the organisation’s computer systems.
The ACSC Essential Eight recommends hardening the configuration of User based applications that interact with the Internet (Web Browsers, Java, Flash, Adobe Acrobat Reader, etc).
User Application Hardening can be extended to remove the ability to use deprecated products (like Microsoft Internet Explorer 11) which are no longer supported by vendors and have known vulnerabilities.
The complexity of User Application hardening is that hardening rules need to be applied across multiple browsers, applications, and operating systems.
Introspectus helps organisations maintain control over the IT security of their business environment by automatically testing the effectiveness of User Application Hardening.
Introspectus checks the configuration of each application referencing the configuration of Group Policy, Local Policy, and application-specific policies. This information is analysed and a maturity score is generated for the organisation.
Introspectus generates real-time reports on the Maturity Level of an organisation’s User Application Hardening Controls against ACSC’s Essential Eight Maturity Model and any possible threats to user accounts. It confirms that:
Introspectus automatically tests the effectiveness of User Application Hardening on all endpoints daily across multiple browsers, applications, and operating systems.
Introspectus User Application Hardening controls and identifies any possible threats to user accounts.
Introspectus lets organisations confidently report to management that User Application Hardening is working effectively.