Zero-Day Vulnerability Best Practices
A zero-day event is when a previously unknown vulnerability is discovered in a popular open-source component. This is often before the project has a chance to release a fix; giving the community no time to react and little options to move forward.
Lifecycle customers with Continuous Monitoring enabled will quickly learn where their environment is at risk and using enforcement, halt any builds from automatically deploying. This gives your development team time to respond and fix the issue; limiting the risk to the organization.
Scan your apps regularly
The best defense against 0-day events is to analyze your applications through every build to stop them from automatically deploying with newly discovered critical risks
Set notifications for continuous monitoring so new risk is immediately reported when discovered
Use the Dashboard for an organization-wide view of the total impact of the vulnerable component. Use the advanced search to find the component applications that are not continuously monitored nor regularly scanned.
Create a playbook for handling 0-day vulnerability events
0-Day Vulnerability events are inevitable. Develop a plan now for responding to these events, and review it with your stakeholders.
Have a designated captain to organize communications and follow up on action items
The remediation strategy needs to be determined on a per-app basis. Avoid waiving the vulnerability for all applications until the impact is known.
Focus on confirming the exploitability when the component is found in your most critical public applications
Share lessons learned with the rest of the organization for a uniform response and reduce double work