SE Labs Intelligence-Led Testing
A common criticism of computer security products is that they can only protect against known threats. When new attacks are detected and analysed security companies produce updates based on this new knowledge, which can then be applied to endpoint, network and cloud security software and services.
But in the time between detection of the attack and application of the corresponding updates, systems are vulnerable to compromise. Almost by definition at least one victim, the so-called ‘patient zero’, has to experience the threat before new protection systems can be deployed. While the rest of us benefit from patient zero’s misfortune, patient zero has potentially suffered catastrophic damage to its operations.