From the course: CISSP Cert Prep (2021): 6 Security Assessment and Testing

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Ethical disclosure

Ethical disclosure

From the course: CISSP Cert Prep (2021): 6 Security Assessment and Testing

Start my 1-month free trial

Ethical disclosure

- [Instructor] Vulnerability researchers and other cybersecurity professionals sometimes discover previously unknown vulnerabilities. These vulnerabilities might be flaws in a software application, operating system, hardware device, virtual appliance or any other element of the technology infrastructure. This knowledge can be both powerful and dangerous and it's incumbent upon security professionals to handle this information responsibly, and ethically. When a researcher discovers a vulnerability that nobody else has yet discovered, they have a zero-day vulnerability on their hands. This simply means that a vulnerability exists for which there is no known fix and in fact, most or all of the cybersecurity community is unaware of the vulnerability. This initial discovery marks the beginning of a period known as the window of vulnerability. During the window of vulnerability, the zero-day vulnerability is extremely effective…

Contents