Zero-day vulnerabilities are undisclosed holes in software packages that have not been publicly acknowledged or patched by the software provider.
Prisma Cloud has partnered with Exodus Intelligence, a security research firm that does original work on zero-days, to offer coverage for these types of vulnerabilities.
Zero-day vulnerabilities complement Prisma Cloud’s comprehensive coverage for CVEs.
Unlike zero-days, CVEs are publicly disclosed vulnerabilities that are reported by distributions, software vendors, and open source software projects.
You do not need to take any action to enable zero-day vulnerability scanning; it is enabled by default.
Zero-day vulnerabilities are reported in the Prisma Cloud Intelligence stream, and it is updated as new zero-days are identified.
Monitor > Vulnerabilities > Images
The following screenshot shows a report for the morello/java-test:latest container image.
The Prisma Cloud scanner has uncovered a zero-day vulnerability in a Java package.
Note that the vulnerability TYPE is marked as 0 Day.
to get the EIP (Exodus Intelligence Program) identifier for the zero-day and a link to the Exodus portal for more information.
The Exodus portal provides the following details:
A short description.
List of affected software versions.
You can optionally work with Exodus to purchase more detailed information about the threat.