Zero-Day vulnerabilities are software flaws which are generally only known to a small number of security researchers and hackers. These vulnerabilities are sometimes exploited even before the software vendor is aware of them. |
But even after they are fixed, deployment of patches to the entire user base may take a significant amount of time - giving attackers time to actively exploit them.
As such, if these vulnerabilities fall into the wrong hands - or when they have been discovered by threat actors in the first place - they can quickly cause havoc across entire infrastructures - which usually caught off-guard.
Since no signatures exist, only active monitoring with tools that use malware-agnostic methods like EventSentry can effectively detect these attacks in a timely fashion and prevent lateral movement and a large-scale infection.