{"id":242864,"date":"2022-11-18T20:33:57","date_gmt":"2022-11-18T20:33:57","guid":{"rendered":"https:\/\/onsystemlogic.com\/?p=242864"},"modified":"2023-10-28T16:19:05","modified_gmt":"2023-10-28T16:19:05","slug":"nsa-offers-guidance-on-mitigating-sw-memory-safety-issues-onsystem-logic-offers-a-solution","status":"publish","type":"post","link":"https:\/\/onsystemlogic.com\/blog\/nsa-offers-guidance-on-mitigating-sw-memory-safety-issues-onsystem-logic-offers-a-solution\/","title":{"rendered":"NSA Offers Guidance on Mitigating SW Memory Safety Issues. OnSystem Logic Offers a Solution."},"content":{"rendered":"
[et_pb_section fb_built=”1″ _builder_version=”4.17.3″ _module_preset=”default” global_colors_info=”{}”][et_pb_row _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n
[\/et_pb_text][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” ul_line_height=”1.7em” global_colors_info=”{}”]<\/p>\n
The recent article, NSA Publishes Guidance on Mitigating Software Memory Safety Issues<\/a><\/em>, does a good job of summarizing NSA\u2019s guidance on mitigating software memory safety issues. The problem is real and its impacts are growing. The proof is found in the statements from Microsoft and Google that 70% of their bugs fall in this category and are often exploited for remote code execution (RCE).<\/span><\/p>\n But there are problems with the guidance<\/strong>. They are as follows:<\/span><\/p>\n The most important thing to do to mitigate a memory safety bug is to make sure that the bug cannot be used by an adversary to run code that is under its control AND can perform useful operations on the system. What I mean by useful operations is any type of operation that gives the adversary the ability to access important resources in the affected software. For example, the ability of the adversary to create dynamic code in the software under attack. There are operations like this that apply to all software and others that apply to specific software.\u00a0<\/span><\/p>\n If we learn the internal deterministic access patterns to these resources within EVERY piece of software running on a system, we can protect EVERY piece of software from adverse effects of memory software bugs without having access to source code, rewriting the software, caring about what language it is written in, or how it was compiled. These protections can work side by side with CFG, ASLR, etc. but do not require them or any other processor-specific security features that may or may not be present in order to implement CFG, ASLR, etc. The learning can be done in the QA environment of the software maker and\/or from customer machines that have deployed this capability to protect their servers and workstations.<\/span><\/p>\n Yes. OnSytem Logic has spent years to perfect this technology. Our software, OnSystem Defender<\/a>, is in actual use on thousands of servers and workstations. Not only does it mitigate memory safety issues of ALL software running on a machine, but it also protects against other classes of attacks like backdoors (e.g., SolarWInds), software supply chain issues, and unpatched\/unpatchable software.\u00a0\u00a0<\/span><\/p>\n [\/et_pb_text][et_pb_cta title=”Evaluate OnSystem Defender” button_url=”\/onsystem-defender-evaluation\/” button_text=”Sign Up” _builder_version=”4.18.0″ _module_preset=”default” header_font=”Open Sans Condensed|700|||||||” header_text_color=”#ffffff” body_text_color=”#ffffff” background_color=”#551f73″ custom_button=”on” button_text_color=”#ffffff” button_bg_color=”#45C1F0″ button_border_width=”0px” button_icon=”E||divi||400″ button_icon_color=”#ffffff” button_custom_padding=”12px|25px|12px|25px|true|true” box_shadow_style=”preset1″ box_shadow_color=”rgba(242,242,242,0.2)” global_colors_info=”{}” button_bg_color__hover_enabled=”on|desktop” button_bg_color__hover=”#45C1F0″ button_bg_enable_color__hover=”on” button_letter_spacing__hover_enabled=”on|hover” button_letter_spacing__hover=”1px”]<\/p>\n Sign up to evaluate <\/span>OnSystem Defender<\/span><\/i>, and to identify and recommend enhancements.<\/span><\/p>\n [\/et_pb_cta][et_pb_text _builder_version=”4.18.0″ _module_preset=”default” global_colors_info=”{}”]<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":" Learn about OnSystem Defender, OnSystem Logic’s solution to mitigate troublesome software memory safety issues.<\/p>\n","protected":false},"author":1,"featured_media":242466,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[42,40],"tags":[],"yoast_head":"\n\n
Does any product like this exist?<\/span><\/h2>\n
Related Links<\/h3>\n
\n