Free Essential Eight Assessment

What's Included in Your Assessment

Standalone assessments typically cost $5,000 – $15,000, with remediation quoted separately — both are included with DefenderSuite.

E8 Maturity Score

All 8 ASD controls scored at Level 0–3 against the ACSC standard.

The foundation for everything that follows — giving our specialists the precise starting point they need to take action on your behalf.

Vulnerability Report

Mapped to your exact environment and target maturity level.

Every finding tied directly to your compliance obligations — not a generic checklist, but a precise picture of what needs to change.

Remediation Roadmap

Prioritised action plan with your highest risks addressed first.

Every critical gap closed in the right sequence — control by control, until your target maturity level is reached and maintained.

Why Businesses Choose DefenderSuite

Standalone assessments

$5k–$15k

Paid upfront, before any remediation begins.
With no implementation support included.

Remediation quoted as separate cost

Multiple vendors, multiple invoices

Evidence outdated at next renewal

No single owner for your outcome

No clear timeline when controls go live

With DefenderSuite | 12-month plan

$0 – Free

One accountable partner to get compliant.
All included in your monthly plan.

Controls deployed with no disruption

Cybersecurity and compliance bundled

Continuous evidence as standard

Assessment actioned from day one

Maturity Level 1, 2 or 3 in 4–12 weeks

Real-World Impact

What is Driving Essential Eight Adoption

For Australian businesses — cyber insurance, rising incident costs, or government supply chain requirements.

cybercrime impact

$80,850 — Average Cost of a Cyber Incident in FY2024–25

Cybercrime costs rose 50% in a single year with 84,700 reports filed — businesses without Essential Eight controls are most exposed.
‍
Source: ASD Annual Cyber Threat Report 2024–25

Cyber Insurance

20–40% Premium Reduction With Documented E8 Controls

Australian cyber insurers are factoring Essential Eight controls into coverage decisions and premiums. Businesses that can evidence their controls pay less.

Source: Marsh, Australian Cyber Insurance Market Trends 2024

Government Supply Chains

70% of Government Entities Audited Suppliers in 2025

Essential Eight Maturity Level 2 is the standard. Businesses that evidence their controls are best placed to win and retain Australian Government contracts.

Source: ASD Commonwealth Cyber Security Posture 2025

One Partner.
Three Steps.
Fully Managed.

From your first assessment through to ongoing compliance. No assessment fee or separate remediation vendor.
‍12-month commitment, 10-user minimum.

Step 1

Score Your Environment

Book your assessment and we'll be in touch within 1 business day.

Within 5 business days you receive a maturity score across all 8 ASD controls — assessed against the ACSC methodology, the same standard auditors, insurers, and government bodies require.

Step 2

Deploy and Manage Controls

We deploy the right controls for your target maturity level.

Dedicated specialists handle deployment and ongoing management end to end — with no disruption to your business. Most organisations reach Maturity Level 2 within 4 to 12 weeks of starting.

Step 3

Keep Your Compliance Current

Continuous monitoring keeps your environment protected.

Your environment is continuously monitored and your controls kept current — so your compliance never lapses. Every month a formatted report is produced for boards, insurers, and government bodies.

Find the Right Level for Your Business

Not sure which maturity level you need?
Start with the assessment — we'll confirm your level and recommend the right plan within 5 business days.

Maturity Level 1

Meet cyber insurance requirements and demonstrates security intent to government clients.

Delivered through

From $35.95/user/month

What's included

Device, email, and identity protection. Microsoft 365 hardening, secure access verification, and monthly security reporting.

Achieve Level 1
Get Your Free Assessment

Our Clients, In Their Own Words

Protect pERSONAL data

Basketball WA exists to grow the game but behind the scenes, we're also custodians of personal information for tens of thousands of members, many of them children. That responsibility rests with us, and we need to take it seriously. DefenderSuite gave us the structure, the controls, and the confidence to know we're protecting that data the way we should be.

FABIAN ROSS

CEO
Basketball WA

COMPLIANCE CONFIDENCE

As a CA registered practice and registered tax agent, our obligations to the ATO and our professional body are significant. The data we handle sits at the intersection of some of Australia's strictest regulatory requirements. DefenderPro gave us the compliance framework to meet those obligations digitally with the same seriousness we apply to every other aspect of our practice.

Christelda Mott

Director
Superior Business Tax

ONE LESS THING TO CARRY

Our team's focus belongs on the people in our care, not on managing IT security. Knowing that side of the business is handled properly, and that we can demonstrate it when partners or regulators ask, has made a real difference to how we operate. It's one less thing to carry, and that matters in an industry where your attention should never be divided.

Maria Reid

General Manager
Companion Home Care

FAQs About The Essential Eight Assessment

Covering scope, methodology, deliverables, and what happens once your audit is complete.

If you still have questions, call us directly.

Phone

+ 61 1300 93 77 49

What does the Essential Eight assessment cover?

The audit assesses your environment across all 8 Essential Eight controls — application control, patch management, macro settings, user application hardening, administrative privileges, operating system patching, multi-factor authentication, and backups. Each control is assessed at Maturity Level 1, 2, and 3 against the ACSC's published criteria.

How is the assessment conducted?

Your environment is assessed directly — not through a self-reported questionnaire. Our team reviews your configurations, systems, and controls against the ACSC Essential Eight assessment methodology, with evidence collected per control at each maturity level threshold.

What do you receive at the end of the audit?

Four documents: a maturity assessment report scored across all 8 controls, a gap analysis with prioritised remediation findings, an executive summary formatted for board reporting, and an evidence pack structured for insurer submissions, government procurement, or DISP assessments.

What happens once the audit is complete?

For 12-month DefenderSuite subscribers, your remediation roadmap becomes the implementation plan for your plan's onboarding. Controls are deployed against your audit findings and monitored continuously, with monthly compliance reports tracking your progress against your target maturity level.

Which other compliance frameworks do you support?

DefenderSuite aligns to Australia's leading security frameworks including Essential Eight, the Information Security Manual (ISM), Protective Security Policy Framework (PSPF), SMB1001, ASD Hardening Guidelines, ASD Blueprint for Secure Cloud, and the Cyber Security Act. The tier you choose determines the maturity level achieved across each framework.

Book Your Free Assessment

Submit in 30 seconds — we’ll be in touch within 1 business day



Thank you

Thanks for reaching out. We will get back to you soon.