What is a Zero-Day Vulnerability?
- A zero-day vulnerability is a previously unknown security flaw in software, hardware, or firmware that hasn’t yet been addressed by the responsible vendor. Coalition continuously monitors policyholders’ networks to protect against critical and emerging cyber threats, including zero-day vulnerabilities.
- The term “zero-day” refers to the fact that the vendor has “zero days” to respond when a vulnerability is first discovered. It typically means that both the vendor and the public learn about the flaw simultaneously, leaving the vendor no time to fix it before it becomes widely known.
- Zero-day vulnerabilities pose an elevated risk because attackers can exploit the flaw before a patch or mitigation is available. During this time, systems are particularly vulnerable to attacks like data exfiltration, malware deployment, or other cyber incidents.
- The discovery of a zero-day vulnerability triggers a race: attackers aim to exploit it, while vendors work to develop a patch to protect users. Sometimes vulnerabilities are uncovered because attackers are already exploiting them, making rapid response essential to minimizing risk. This highlights the importance of strong cybersecurity practices and proactive response to emerging threats.
Why Did I Receive a Zero-Day Notification?
- Coalition regularly scans the external footprint of policyholders and alerts them through Coalition Control™. In cases where zero-day vulnerabilities are detected, we run additional scans to determine if policyholders are impacted. If we find that a policyholder’s systems are vulnerable, we send a notification.
- We notify you when a zero-day vulnerability significantly increases your risk of a cyber attack. Our goal is to provide detailed information on the affected assets, so you can take action and reduce the risk of exploitation.
How Will I Know if I Have a Zero-Day Vulnerability?
- If a zero-day vulnerability is detected in your environment, you will be notified via email. Additionally, your Coalition Control™ account will show a high-priority alert, prompting you to take immediate action, as illustrated below.
What Should I Do if I Receive a Zero-Day Vulnerability Notification?
-
Follow the Guidance: Navigate to the specific page in Coalition Control™ dedicated to the zero-day vulnerability. Refer to the “How to resolve?” section for steps on addressing the issue.
-
Take Action: Once you’ve resolved the issue, update the status by clicking on the “Take Action” button within the alert. This will mark the vulnerability as resolved.
- Need Assistance?: If you have any questions, you can ask the Coalition Security Copilot, an AI-powered assistant that provides real-time, personalized guidance to help you manage and mitigate security risks.