Setting up alerts for 0-day vulnerabilities

[wmoussa-gc]

Context A zero-day is a vulnerability or security hole in a computer system unknown to its owners, developers or anyone capable of mitigating it. Until the vulnerability is remedied, threat actors can exploit it in a zero-day exploit, or zero-day attack.

Goal As a Forms developer, I want to set up an alert for 0-day vulnerabilities, so that Ii can be notified immediately when such vulnerabilities are discovered.

Standard Operating Procedure If a zero-day vulnerability is affecting Forms:

• Immediately shutdown the system or disconnecting it from the network
• Activate the incident response and communication plan
• Kick off forensic analysis to identify the entry point, affected systems, and potential data breaches
• Patch and update. This might involve creating a temporary fixes until a permanent solution is available.
• Collaborate with CCCS

[wmoussa-gc]

Conversation with security team: https://gcdigital.slack.com/archives/CS2L5CHKK/p1707403949309809