Inside the ISS X-Force
When the sensors feeding into Internet Security Systems' Global Threat Operations Center detected a new XML HTTP vulnerability early last November, attacks exploiting that vulnerability already were occurring across the Internet.
That's when members of the X-Force, ISS' 200-person R&D team, knew they had a "level zero" on their hands. Zero, as in zero day, means there is no gap between the public discovery of a vulnerability by security researchers and the launch by hackers of an exploit based on that vulnerability.
[ Read more ]