Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits
RAND Corporation eBooks2017
Citations Over TimeTop 10% of 2017 papers
Abstract
Zero-day vulnerabilities — software vulnerabilities for which no patch or fix has been publicly released — and their exploits are useful in cyber operations, as well as in defensive and academic settings. This report provides findings from real-world zero-day vulnerability and exploit data that can inform ongoing policy debates regarding stockpiling (i.e., keeping zero-day vulnerabilities private) versus disclosing them to the public.
Related Papers
- → The Effect of Common Vulnerability Scoring System Metrics on Vulnerability Exploit Delay(2018)45 cited
- → Pangr: A Behavior-Based Automatic Vulnerability Detection and Exploitation Framework(2018)7 cited
- → Zero tolerance for zero tolerance?: Analyzing how zero tolerance discourse mediates police accountability activism(2015)4 cited
- → Zero Tolerance: Safe Schools or Zero Sense?(2006)9 cited
- → BM25 Algorithm Driven Search Tool for Linking Exploits to Vulnerabilities(2021)1 cited