Home/ Glossary/ Zero-Day Vulnerability

Zero-Day Vulnerability (Zero-Day)

Security Glossary - Web Security

Definition: A zero-day vulnerability is a software flaw that is unknown to the vendor and has no available patch. The name comes from the fact that the vendor has had zero days to fix it. Zero-day exploits are attacks that take advantage of these unknown vulnerabilities, and they are considered the most dangerous because there is no specific defense until a patch is released.

Why You Should Care About Zero-Day

Zero-day vulnerabilities represent the highest risk category because traditional defenses (patching, WAF signature matching) do not work against unknown attack vectors. When attackers discover a zero-day before the vendor, they can exploit it freely until the vulnerability is discovered and patched.

While zero-day attacks are often associated with sophisticated threat actors and high-value targets, they also affect widely used software like web servers, CMS platforms, and JavaScript libraries. The Log4Shell vulnerability (CVE-2021-44228) was initially a zero-day that affected millions of applications.

Defense against zero-days relies on defense-in-depth: minimize attack surface (disable unused features, remove unused software), use the principle of least privilege, deploy WAFs with behavioral detection (not just signature matching), monitor for unusual activity, and maintain the ability to patch rapidly when a zero-day is disclosed.

How to Test for Zero-Day

Zero-day vulnerabilities cannot be detected by standard vulnerability scanners because they are unknown. Focus on defense-in-depth: strong security headers, CSP, minimal attack surface, up-to-date software, and monitoring for unusual behavior. Subscribe to security advisories for rapid response when zero-days are disclosed.

Run a Security Audit

Questions and Answers

How do I protect against zero-day attacks?
Use defense-in-depth: WAFs with behavioral detection, strict CSP, minimal software surface, network segmentation, and monitoring. Keep software updated so you are only vulnerable to true zero-days, not known vulnerabilities. Have a rapid patching process for when zero-days are disclosed.
Are zero-day attacks common?
Zero-day exploitation is increasing. Google's Threat Analysis Group tracks dozens of zero-days exploited in the wild each year. While individual sites are unlikely to be targeted with zero-days, zero-days in popular software (like WordPress plugins) can be exploited at scale.

Learn More

Common Vulnerabilities and Exposures OWASP Top 10 Web Application Firewall Security Headers Overview Penetration Testing
Disclaimer: DomainOptic provides automated informational scans only. Results do not constitute professional security advice, compliance certification, or a guarantee of security. Always verify findings independently.