Enable memory protection mechanisms
Summary
The system should enable memory protection mechanisms, such as ASLR and DEP.
Description
ASLR and DEP help to mitigate buffer overflow attacks, a common method used by attackers to exploit vulnerabilities in software. Buffer overflows consist in injecting malicious code into a program's memory, and ASLR and DEP mechanisms make it harder for attackers to predict the location of specific memory regions.
Supported In
This requirement is verified in following services
Plan | Supported |
---|---|
Essential | 🔴 |
Advanced | 🟢 |
References
- CAPEC™-123. Buffer manipulation
- CAPEC™-679. Exploitation of Improperly Configured or Implemented Memory Protections
- MITRE ATT&CK®-M1029. Remote data storage
- MITRE ATT&CK®-M1034. Limit hardware installation
- PDPO-9A_66G. Powers exercisable in relation to premises and electronic devices
- CMMC-MP_L2-3_8_1. Media protection
- ISO/IEC 27002-7_10. Storage media
- ISO/IEC 27002-8_1. User endpoint devices
- OWASP ASVS-8_3_6. Sensitive private data
- ISO/IEC 27001-7_10. Storage media
- ISO/IEC 27001-8_1. User endpoint devices
- CASA-8_3_6. Sensitive Private Data
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.