Stack Execution Disable (SED)

Description

Stack Execution Disable (SED) is an indispensable tool for preventing buffer overflow attacks.  A buffer overflow attack is a type of attack common to all UNIX platforms.  SED has functionality to either detect or prevent the execution of a buffer overflow attack.  SED is mandated by PCI 3.2 and above

Features

  1. Provides the ability to monitor a system for processes that run on the stack (which could be a buffer overflow attack)
  2. Once your system has been properly prepared, it can prevent the execution of any type of buffer overflow attack
  3. Provides the ability to exempt a select set of executables that legitimately need to “run on the stack”

Service

see: Integration Assistance Flyer

Advertisements
%d bloggers like this: