Readying For A Zero-Day Attack: Expect The Unexpected


Readying For A Zero-Day Attack: Expect The Unexpected

In new report, Dark Reading describes methods for managing previously unknown vulnerabilities

By Randy George

Which vulnerabilities are the hardest for an enterprise to manage? None of them are easy, but the ones that are most lethal are the vulnerabilities you don’t know about until an exploit hits. These flaws, known collectively as “zero-day” vulnerabilities, require a special type of vulnerability management.

On the surface, in fact, it may seem that vulnerability management practices are not much use against a zero-day attack, since you can’t “manage” a flaw you don’t yet know about. But there are many steps you can take to prepare for the inevitable zero-day issue, and any good vulnerability management program should outline those steps, and how they will be implemented.

The unfortunate reality is that planning for a zero-day attack is no different or less challenging than planning for a terrorist attack. Because a zero-day attack is by nature taking advantage of an unplugged hole in your defenses that you’re unaware of, you have no choice but to absorb the first punch in this fight should an attacker exploit that particular vulnerability. Mitigating the damage caused by a new exploit is as much about disaster preparedness as it is about vulnerability management, and the best you can hope to do is soften the blow of such an attack when it comes.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: