Readying For A Zero-Day Attack: Expect The Unexpected

    Date18 Dec 2009
    3604
    Posted ByAlex
    Which vulnerabilities are the hardest for an enterprise to manage? None of them are easy, but the ones that are most lethal are the vulnerabilities you don't know about until an exploit hits. These flaws, known collectively as "zero-day" vulnerabilities, require a special type of vulnerability management. On the surface, in fact, it may seem that vulnerability management practices are not much use against a zero-day attack, since you can't "manage" a flaw you don't yet know about. But there are many steps you can take to prepare for the inevitable zero-day issue, and any good vulnerability management program should outline those steps, and how they will be implemented.

    The unfortunate reality is that planning for a zero-day attack is no different or less challenging than planning for a terrorist attack. Because a zero-day attack is by nature taking advantage of an unplugged hole in your defenses that you're unaware of, you have no choice but to absorb the first punch in this fight should an attacker exploit that particular vulnerability. Mitigating the damage caused by a new exploit is as much about disaster preparedness as it is about vulnerability management, and the best you can hope to do is soften the blow of such an attack when it comes.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Which Linux distribution(s) do you use?

    Message!

    Poll results are hidden from public viewing.

    You are not authorized to vote on this poll.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 5 answer(s).
    /component/communitypolls/?task=poll.vote
    7
    radio
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.