Organizations are losing the endpoint security battle against new or unknown zero-day attacks. A recent Ponemon Study on endpoint security revealed that 68% of IT security experts say their company experienced one or more endpoint attacks that compromised data assets or IT infrastructure in 2019. Of those breaches, 80% were zero-day attacks – with the frequency of zero-day attacks expected to increase to 42% next year. These exploits frequently go beyond just endpoints. Some of the most impactful vulnerabilities announced in 2020 deal with externally facing network appliances such as firewalls, routers, VPN concentrators and other devices.
While there is no way to prevent zero-days, there are steps you can take to reduce the impact and/or severity of security incidents whether or not zero-days are involved.
To find out how you can shore up vulnerabilities, join CRITICALSTART’s TEAMARES Cory Mathews, Offensive Security Manager, and Rich Mirch, Senior Adversarial Engineer, for “Impact of Zero-Day Exploits on Breaches,” on Aug. 26 at 11 am CT for the third webinar in our series of webcasts exploring the world of cybersecurity breaches.
Key takeaways from this session include:
- What a zero-day is – and what it is not
- Using a zero-day to breach the perimeter and pivoting into sensitive areas within organizations
- Challenges and methods in defending against zero-days including patching, defense in-depth, and mature network and endpoint monitoring solution and team
- TEAMARES’ vulnerability research team’s success stories of discovering zero-days and developing full Proof-of-Concept exploits
- Examples of infamous zero-days and +1-day events such as WannaCry using NSA tools released by the Shadow Brokers