Enable memory protection mechanisms
Summary
The system should enable memory protection mechanisms, such as ASLR and DEP.
Description
empty
Supported In
This requirement is verified in following services
| Plan | Supported |
|---|---|
| Machine | 🔴 |
| Squad | 🟢 |
References
- CAPEC™-123. Buffer manipulation
- CAPEC™-679. Exploitation of Improperly Configured or Implemented Memory Protections
- MITRE ATT&CK®-M1029. Remote data storage
- MITRE ATT&CK®-M1034. Limit hardware installation
- PDPO-9A_66G. Powers exercisable in relation to premises and electronic devices
- CMMC-MP_L2-3_8_1. Media protection
- ISO/IEC 27002-7_10. Storage media
- ISO/IEC 27002-8_1. User endpoint devices
- OWASP ASVS-8_3_6. Sensitive private data
- OWASP MASVS-V8_6. Resilience requirements - Impede dynamic analysis and tampering
- OWASP MASVS-V8_7. Resilience requirements - Impede dynamic analysis and tampering
- CWE TOP 25-400. Uncontrolled Resource Consumption
- ISO/IEC 27001-7_10. Storage media
- ISO/IEC 27001-8_1. User endpoint devices
- CASA-8_3_6. Sensitive Private Data
Vulnerabilities
free trial
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.