Are you currently experiencing an attack?

Are you currently experiencing an attack?

Summary

In cybersecurity, a Zero-Day refers to a vulnerability in a computer or software product—one that has been discovered by threat actors, but has not yet been discovered by the vendor or by security researchers.

Keep reading: Related Content

More Topics

Summary

In cybersecurity, a Zero-Day refers to a vulnerability in a computer or software product—one that has been discovered by threat actors, but has not yet been discovered by the vendor or by security researchers.

Zero-Days

In cybersecurity, a Zero-Day refers to a vulnerability in a computer or software product—one that has been discovered by threat actors, but has not yet been discovered by the vendor or by security researchers. (The name “zero-day” refers to the amount of time since the vulnerability became known to anyone in the latter group.) Although strictly speaking, any not-yet-known vulnerability is a zero-day, the name is usually associated with vulnerabilities that have been exploited by hackers. Often, the discovery of the exploit is the first indication to the vendor or to security researchers that the vulnerability exists.

Hackers are always seeking to discover new zero-days, because they can develop exploits for which there are not (yet) any countermeasures. Zero-day threats can be found in a wide variety of forms, from viruses to Advanced Persistent Threats (APT) to simple exploits of software bugs.

A zero-day vulnerability can be dormant for a long period of time until someone discovers and exploits it. There are several financial incentives for hackers to discover zero-days. “Black hats” want to find new types of attacks, while “white hats” might be seeking to earn bug bounties from the vendor. Some white-hat researchers only want to increase the overall security of the Internet. Vendors vary in their responsiveness when new zero-days are found; sometimes they issue a patch immediately, while in other cases, the white-hats feel compelled to write publicly about the vulnerability. They do this not only to inform users, but also to pressure the vendor to issue a patch. 

A zero-day vulnerability can be exploited via various attack vectors such as files and documents (Word, PDF, etc.), email attachments, or malicious code on websites. 

Zero-Day Patch

A Zero-Day Patch is an update that the vendor issues to close the zero-day vulnerability. However, until users update their software and install the patch, their systems are still at risk. Unfortunately, this is not always done immediately. The period of time between the release of the patch and the update of the software is crucial; during this time, the existence of the vulnerability is known to all, but the user’s system is still vulnerable to attack. 

How to Protect from Zero-Days

To prevent zero-day attacks, it is vitally important to keep your systems updated. This includes everything from your server OS to your security solution to your site and web applications: keeping the software up-to-date is the first line of defense against zero-days. 

Some cybersecurity providers offer solutions that include defense against zero-day vulnerabilities. Zero-day attacks are very challenging to prevent, because by definition, they have not been foreseen, and specific countermeasures have not yet been created. Therefore, a negative security model (which allows system access by default, unless the request matches known threat signatures) is ineffective. Only a positive security model (which denies system access by default, unless the request matches known characteristics of legitimate usage) can be effective against zero-days. 

Get your price quote

Fill out your email below, and we will send you a price quote tailored to your needs

This website uses cookies to ensure you get the best experience on our website.