A SEF component is used to make the url:s of your Joomla website more Search Engine Friendly. But a good SEF component also gives security benefits. A default Joomla url tells the viewer a lot about the page visited; that it is a Joomla page and what components are used to produce that page. A SEF component masks that information and makes it harder for a hacker to find eventual security vulnerabilities.
The SEF component sh404SEF also includes a security component that stops various attacks on your website and sends you a warning whenever your site has been exposed to an attack. It also gives you the option to remove the generator tag from your site. The generator tag tells the world that your site is generated by Joomla. Of course it is a nice thing to give credit to Joomla, but there are other ways to pay back to the Joomla community that does not help hackers. If you do not tell the hacker that your website is built with Joomla, you make it a lot harder for him to know where to start hacking.