A method for hardening an extensible firmware framework and system in which the framework is implemented. In accordance with the method, a resource access policy that defines rules to allow or disallow access to designated system resources, such as memory and I/O, is defined. During execution of firmware-based event handlers, event handler code may seek to access a designated system resource. In response thereto, access to the system resource may be determined based on a security status of a firmware-based event handler in consideration of any applicable rules defined by the resource access policy. For example, a resource access policy may allow only secure event handlers to access selected portions of memory, while preventing non-secure event handlers from accessing the same. In this manner, errant and malicious event handlers are prevented from damaging critical resources.