'Zero-Day Attack' is a term used to describe the threat of an unknown security vulnerability in computer software or application. Since the vulnerability is not known in advance, the exploits often occur without the users' knowledge.
Usually, a patch is required to resolve the issue, and it can only be released after the application developers are made aware of it, which is most of the time, they do not have enough time to address the issue.
67% of cyber-attacks, including phishing and ransomware, are accomplished in less than two hours. Most security products fail to detect these attacks within the first two hours when they are the most dangerous. Organisations are vulnerable to zero-day attacks since the average detection time is about 12 hours.
Today, Roksit's Dynamic Threat Database Cyber X-Ray contains approximately 500 million domains that are being classified continuously. Domains requested for the first time, which are not in the Cyber-Xray database, are marked as 'First-seen' domains by the artificial intelligence and are being classified immediately.
Roksit’s Positive Security Model allows any network connection attempt to a 'First-seen' domain to be temporarily blocked for a maximum of 10 minutes until it is classified as 'Allowed' according to network security policies.
Cyber X-Ray scores 'First-seen' domains in a maximum of 10 minutes with its artificial intelligence and deep learning algorithms.
To avoid false positives, malicious domain data is also gathered from nearly 400 Cyber Intelligence Centres, including the USOM, which strengthens the scoring process but does not affect the category per se.
The connection will not be allowed if the relevant domain falls into the 'Block' category according to network security policies. Users will only be able to access it after it has been labelled 'Allowed' or 'Whitelisted' by the affected network security policy.
As a result, the network is protected from Zero-Day attacks with Roksit’s Positive Security Model.