What is Zero day?

Understanding Zero day

A previously unknown vulnerability being exploited in software applications before the software vendor is aware of it and a patch or fix has been released. A zero-day vulnerability is a software security flaw that is unknown to the software vendor and has no available patch at the time of exploitation. Zero-day attacks leverage these unknown vulnerabilities giving defenders zero days to prepare making them particularly dangerous and difficult to detect using traditional signature-based security tools. These vulnerabilities are highly valued in criminal marketplaces. Zero-day defenses are addressed in standards like NIST SP 800-53 and various advanced threat protection frameworks. Organizations protect against zero-day threats through defense in depth behavioral analysis security by design and threat intelligence. For example a government agency might implement layered defenses against zero-day threats including behavior-based endpoint protection that can detect unusual process behaviors application whitelisting to prevent unauthorized code execution network monitoring for anomalous traffic patterns strict privilege limitation to reduce exploitation impact regular penetration testing to discover vulnerabilities before attackers and threat hunting to proactively search for signs of zero-day exploitation. Related terms Unknown vulnerability Unpatched vulnerability Exploit Advanced Persistent Threat APT Day zero attack Vulnerability disclosure Exploit development Threat intelligence Vulnerability management Advanced threat protection.