← All glossary terms Glossary

What is Zero-Day?

A software vulnerability that attackers exploit before the vendor has released a fix, leaving no patch available when the attacks begin.

A zero-day is a security vulnerability that attackers know about and exploit before the software vendor has a patch available — the vendor has had "zero days" to fix it. Because there is no patch yet, traditional defences that rely on known signatures or available updates cannot help, which makes zero-days valuable to attackers and dangerous to defenders. Protection leans on defence in depth: behaviour-based detection that flags the exploit's actions, network controls that limit what a compromised system can reach, and rapid response once unusual activity is spotted.

  • A vulnerability exploited before the vendor has a patch available.
  • Signature- and patch-based defences can't help, since neither exists yet.
  • Defence in depth and behaviour-based detection limit the damage.

En français

Vulnérabilité du jour zéro (zero-day)

Une faille logicielle exploitée par des attaquants avant que le fournisseur n'ait publié de correctif.

Une vulnérabilité du jour zéro (zero-day) est une faille de sécurité que les attaquants connaissent et exploitent avant que le fournisseur du logiciel ne dispose d'un correctif — il a eu « zéro jour » pour la corriger. Comme aucun correctif n'existe encore, les défenses qui reposent sur des signatures connues ou des mises à jour disponibles n'aident pas, ce qui rend ces failles précieuses pour les attaquants et dangereuses pour les défenseurs. La protection mise sur la défense en profondeur : détection comportementale qui repère les actions de l'exploit, contrôles réseau qui limitent la portée d'un système compromis et intervention rapide.

Zero-Day: frequently asked questions

Why are zero-days so dangerous?

Because there's no patch and no known signature when they're first used, traditional defences miss them. Attackers can exploit the gap until the vendor releases — and you deploy — a fix.

How do you defend against zero-day attacks?

You can't patch what isn't fixed yet, so you layer defences: behaviour-based detection that flags the exploit's actions, network controls that limit a compromised system's reach, and rapid response when something looks wrong.

Want to talk through how this fits your environment?

Book a no-obligation consultation and we'll explain how this plays out for an organization like yours.

Talk to our team