Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Proactive threat hunting is vital to zero-day vulnerability management

By Ariel Parnes
threat-intel-freepik1170x658.jpg
April 27, 2022

It’s well-known that zero-day vulnerabilities pose critical security risks until an effective patch is issued. But, patching a vulnerability doesn’t guarantee that an environment hasn’t already been exploited. It’s possible, even likely, that attackers found that zero-day vulnerability long before it was discovered or disclosed. Public disclosure is often delayed until patches are available, so attackers may have been in your environment for months, or even years, waiting for the right time to use the access they gained. This is especially important given the potential threats of cyber warfare from Russian threat actors, nation-state and criminal alike, launched against Ukraine and their supporters.


Vulnerabilities are Part of Software Development

The goal of software development is always to build and release high-quality, secure software. However, vulnerabilities are still introduced into the codebase unintentionally. This happens more often than you may think — every change in code or new product release may introduce a new vulnerability. There are a lot of variables as teams deploy code, moving fast to deliver to an increasingly demanding market. Many tools and training solutions can help reduce the likelihood of new vulnerabilities being introduced, yet it still happens. Risk Based Security released a report showing that 28,695 vulnerabilities were disclosed in 2021, a 23% increase from 2020. While vulnerabilities vary in terms of severity and exploitability, it’s undeniable that they continue to be discovered and disclosed. 


It’s Time for a New Approach to Thinking About Risk 

Unfortunately, the date of disclosure isn’t the date the vulnerability was first exploited. Malicious actors actively search for zero-day vulnerabilities — you may have no idea that they’re in your environment until you discover evidence through proactive hunting or they launch an attack that causes a critical incident for your organization. Even once such a vulnerability is found, disclosed, and patched, there’s no guarantee that it hasn’t already been exploited. Attacker dwell time, or the length of time a bad actor remains undetected in your system, affords them time to observe, discover weaknesses, and move laterally in your system. 


A proactive approach to zero-day vulnerabilities is conducting hunts based on the assumption that your organization has already been breached using one or more zero-day vulnerabilities. During these hunts, investigators search for forensic pieces of data that identify potentially malicious activity within your system or network, commonly referred to as indicators of compromise (IOCs). Proactive threat hunting uses an investigation team’s analysis of known adversaries to create a hypothetical attack focused on an area likely to be compromised, often containing sensitive data, source code, or something similarly valuable to the organization. Proactively hunting for threats can leverage technology and automation to search for threats automatically based on known vulnerabilities, the forensic footprint of vulnerabilities, and available threat intelligence. Combined with a skilled team that can identify which scenarios to search for, you can maximize your effectiveness when seeking unknown compromises. It’s important to run these types of hunts periodically and change the hypotheses you’re investigating to keep up with changing threats and your own changing environment. 


Patching is Still Important 

While adopting a proactive approach by assuming your organization has been breached by zero-day vulnerabilities and searching for IOCs is important, it doesn’t take the place of patching known vulnerabilities. Some attackers search for vulnerabilities before they’re disclosed, while others are incredibly quick to exploit a new vulnerability when it is disclosed. The Log4j vulnerability, for example, quickly resulted in Log4Shell exploitations extensively in the wild because it was easy to exploit with public exploits available. Attackers don’t just rely on newly released vulnerabilities though. They don’t need to. Many organizations fail to patch known vulnerabilities for years, offering an easy attack vector for attackers.


To build a more secure organization that can react quickly to newly disclosed vulnerabilities, it’s important to leverage existing prevention solutions, adopt a zero-trust posture, and close security holes opened by new vulnerabilities as quickly as possible. That’s not enough — you also need to focus on detection and response to discover backdoors and IOCs. Today, as we see ongoing attacks integrated into cyber warfare from nation-state actors and cybercriminals, it’s likely that the impacts will reach far beyond the physical borders of any conflict. To prepare for a potential cyberattack, you need to increase your ability to detect, patch, and remediate against an increase in zero-day vulnerabilities, proactively look for new IOCs and run them against your environment, stay up to date on relevant threat intelligence, run drills and exercises, so your team is ready to respond, and have data recovery and incident response plans in place. This readiness approach will increase your resilience and reduce the severity of impact if a critical incident occurs.

KEYWORDS: cyber security risk management security operations security vulnerabilities threat intelligence zero-day vulnerability

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Ariel parnes

Ariel Parnes is a co-founder and COO of Mitiga, a startup cloud incident readiness and response. He leads Mitiga’s cybersecurity research, readiness, and incident response teams. A retired Colonel in the Israeli Defense Forces’ 8200 Cyber Unit, Col. Parnes served for over 20 years in roles ranging from Intelligence and Information Technology to Offensive & Defensive Cyber Operations and Cyber Warfare. He was awarded the prestigious Israel Defense Prize for technological breakthroughs in the cyber field.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Dark figure coding on computer

    The cat and mouse ransomware game may threaten smaller organizations

    See More
  • half open laptop with colorful screen

    How threat hunting secures organizations: A proactive security strategy

    See More
  • cyber freepik

    Attackers exploiting zero-day vulnerability before enterprises can patch

    See More

Related Products

See More Products
  • threat and detection.jpg

    Surveillance and Threat Detection

  • contemporary.jpg

    Contemporary Security Management, 4th Edition

  • 9780128147948.jpg

    Effective Security Management, 7th Edition

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!