general

Zero-Day

A previously unknown vulnerability that is exploited before the software vendor is aware of it or has released a patch. Zero-day attacks are particularly dangerous because no defense or fix exists at the time of discovery.

Extended Explanation

Zero-day vulnerabilities are highly valued in both criminal and intelligence communities. They can be sold on underground markets for significant sums. Organizations can mitigate zero-day risks through defense-in-depth strategies, behavioral detection, network segmentation, and keeping systems updated with the latest security patches.

Related Terms

Exploit

general

A piece of code, technique, or method that takes advantage of a vulnerability to compromise a system. Exploits can be de...

Patch Management

general

The process of acquiring, testing, and deploying software updates (patches) to fix vulnerabilities and improve functiona...

Vulnerability

general

A weakness in a system, application, or process that can be exploited by a threat actor to gain unauthorized access or c...

Back to Glossary