Zero-Day Vulnerabilities

Zero-Day vulnerabilities are vulnerabilities that are publicly known but for which vendors have not yet provided patches. Zero-day vulnerabilities create risks for organization.

Organizations must monitor zero-day vulnerabilities and prioritize remediating affected assets. Frequently vendors provide mitigation steps until a patch is available. Organization must prioritize these mitigation steps and the patches.

You must have an accurate inventory of your assets before you can monitor zero-day vulnerabilities. Lucidum ingests data from all the solutions in your environment. Lucidum’s Machine Learning algorithms then enrich the ingested data through deduplication, triangulation, and aggregation. This allows Lucidum to discover every asset and every account and user, even those not discovered by your security solutions, so you can protect your environment.

Apple Zero-Day Vulnerability Status Board #

apple_zero_day_vuln_status_dash1.png

In this example, the dashboard monitors a zero-day vulnerability for Mac assets that became known in the summer of 2022. Many of the devices in this example were intelligent conference room control ipads. These devices are orphans: nobody owns them but they are on the network and exploitable. This is another example of how Lucidum finds your “unknown unknowns”.

This dashboard includes charts for:

  • Vulnerable MacOS. Number of assets running a vulnerable version of MacOS.

  • % Vulnerable Macs. Percent of MacOS assets running a vulnerable version of MacOS.

  • Monterey Devices by Sub-Version. Number of assets running each version of MacOS Monterey.

  • Vulnerable MacOS Monterey Devices Over Time. Number of assets running a vulnerable version of MacOS over time. We should see this chart peak on the day the zero-day vulnerability is made public and then decrease as the IT department remediates the vulnerable devices.

  • Vulnerable iOS. Number of assets running a vulnerable version of iOS.

  • % Vulnerable iOS. Percent of iOS assets running a vulnerable version of iOS.

  • Vulnerable iOS Devices Over Time. Number of assets running a vulnerable version of iOS over time. We should see this chart peak on the day the zero-day vulnerability is made public and then decrease as the IT department remediates the devices.

  • Patched MacOS Monterey Devices Over Time. Number of assets running a vulnerable version of MacOS Monterey that have been patched, over time. We should see this chart increase as the IT department remediates the vulnerable devices.

  • Patched iOS Devices Over Time. Number of assets running a vulnerable version of iOS that have been patched, over time. We should see this chart increase as the IT department remediates the vulnerable devices.

Microsoft Exchange Zero-Day Vulnerability Status Board #

ms_exchange_zero_day_dash1.png

In this example, the dashboard monitors a zero-day vulnerability for Microsoft Exchange assets. This vulnerability became publicly known in the fall of 2022. Because it affects Exchange assets, many of the affected assets are public-facing.

This dashboard includes charts for:

  • Assets Vulnerable. Displays the total number of assets that are vulnerable to this zero-day vulnerability.

  • Top-10 Asset List by OS. Displays the top-10 assets that are vulnerable to this zero-day vulnerability, by operating system.

  • Assets Vulnerable Over Time. Displays the total number of assets that are vulnerable to this zero-day vulnerability, over time. We should see this chart peak on the day the zero-day vulnerability is made public and then decrease as the IT department remediates the devices.

  • Vulnerable Asset List. Displays the name of each vulnerable asset.

  • Top-10 Asset List by Department. Displays the top-10 assets that are vulnerable to this zero-day vulnerability, by department.

  • Public IP Address. Displays the number of devices that are that are vulnerable to this zero-day vulnerability and also have a public-facing IP address.

  • Top-10 Assets by Site. Displays the top-10 assets that are vulnerable to this zero-day vulnerability, by site.

Chrome Zero-Day Vulnerability Status Board #

chrome_2022_zero_day_cves_dash1.png

In this example, the dashboard monitors a zero-day vulnerability for the Chrome browser and applications.

This dashboard includes charts for:

  • Total Compute Assets. Displays the total number of Chrome compute assets.

  • Compute Assets w/Chrome CVEs. Displays the total number of Chrome compute assets with zero-day vulnerabilities.

  • Chrome Browsers w/Zero-Day CVEs. Displays the total number of Chrome browsers with zero-day vulnerabilities.

  • Data Sources Reporting. Displays the data sources that Lucidum used to ingest data about Chrome assets and this zero-day vulnerability.

  • Chrome Browsers w/Zero-Day CVEs by Location. Displays the total number of Chrome browsers with zero-day vulnerabilities, by location.

  • Computer Assets w/Chrome CVEs List. Displays the name of each Chrome compute asset and the number of high vulnerabilities on each Chrome compute asset.

  • Chrome Browsers w/Zero-Day CVEs by OS. Displays the total number of Chrome browsers with zero-day vulnerabilities, by operating system.

  • Chrome Browsers w/Zero-Day CVEs by Country. Displays the total number of Chrome browsers with zero-day vulnerabilities, by country.