How whitehats secure a 0day before patch?











up vote
1
down vote

favorite












I'm working on a thesis about the hacker community.



When a 0day is published, how can a whitehat secure his application/website between the time the 0day is published and the patch is developed?



Moreover, most of the time, this same 0day is used for months by blackhats, so are the blackhats ahead of whitehats?






zero-day black-hat white-hat







share|improve this question









New contributor




K.Fanedoul is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • To you, what is the definition of a "whitehat"? I could read your question in a couple ways depending on your definition.
    – schroeder
    22 mins ago










  • "The term "white hat" refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies that ensures the security of an organization's information systems" from wikipedia
    – K.Fanedoul
    10 mins ago










  • Ok, so then why would a whitehat have a website to secure? What website is that? Why is a whitehat responsible to apply protections? This is the source of my confusion.
    – schroeder
    7 mins ago












  • I suspect you are misusing the terms. I suspect you mean to say "criminals" and "defenders". How can defenders secure their assets after a 0day is published and before a patch is released?
    – schroeder
    4 mins ago










  • He may have a website to secure if his campany work with a website. For me white hats have to FIND vulnerabilies and then to FIX them. Maybe i'm wrong and they just need to find them
    – K.Fanedoul
    2 mins ago















up vote
1
down vote

favorite












I'm working on a thesis about the hacker community.



When a 0day is published, how can a whitehat secure his application/website between the time the 0day is published and the patch is developed?



Moreover, most of the time, this same 0day is used for months by blackhats, so are the blackhats ahead of whitehats?






zero-day black-hat white-hat







share|improve this question









New contributor




K.Fanedoul is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • To you, what is the definition of a "whitehat"? I could read your question in a couple ways depending on your definition.
    – schroeder
    22 mins ago










  • "The term "white hat" refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies that ensures the security of an organization's information systems" from wikipedia
    – K.Fanedoul
    10 mins ago










  • Ok, so then why would a whitehat have a website to secure? What website is that? Why is a whitehat responsible to apply protections? This is the source of my confusion.
    – schroeder
    7 mins ago












  • I suspect you are misusing the terms. I suspect you mean to say "criminals" and "defenders". How can defenders secure their assets after a 0day is published and before a patch is released?
    – schroeder
    4 mins ago










  • He may have a website to secure if his campany work with a website. For me white hats have to FIND vulnerabilies and then to FIX them. Maybe i'm wrong and they just need to find them
    – K.Fanedoul
    2 mins ago













up vote
1
down vote

favorite









up vote
1
down vote

favorite











I'm working on a thesis about the hacker community.



When a 0day is published, how can a whitehat secure his application/website between the time the 0day is published and the patch is developed?



Moreover, most of the time, this same 0day is used for months by blackhats, so are the blackhats ahead of whitehats?






zero-day black-hat white-hat







share|improve this question









New contributor




K.Fanedoul is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











I'm working on a thesis about the hacker community.



When a 0day is published, how can a whitehat secure his application/website between the time the 0day is published and the patch is developed?



Moreover, most of the time, this same 0day is used for months by blackhats, so are the blackhats ahead of whitehats?






zero-day black-hat white-hat




zero-day black-hat white-hat






share|improve this question









New contributor




K.Fanedoul is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




K.Fanedoul is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 23 mins ago









schroeder

72.5k29160194




72.5k29160194






New contributor




K.Fanedoul is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 1 hour ago









K.Fanedoul

63




63




New contributor




K.Fanedoul is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





K.Fanedoul is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






K.Fanedoul is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • To you, what is the definition of a "whitehat"? I could read your question in a couple ways depending on your definition.
    – schroeder
    22 mins ago










  • "The term "white hat" refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies that ensures the security of an organization's information systems" from wikipedia
    – K.Fanedoul
    10 mins ago










  • Ok, so then why would a whitehat have a website to secure? What website is that? Why is a whitehat responsible to apply protections? This is the source of my confusion.
    – schroeder
    7 mins ago












  • I suspect you are misusing the terms. I suspect you mean to say "criminals" and "defenders". How can defenders secure their assets after a 0day is published and before a patch is released?
    – schroeder
    4 mins ago










  • He may have a website to secure if his campany work with a website. For me white hats have to FIND vulnerabilies and then to FIX them. Maybe i'm wrong and they just need to find them
    – K.Fanedoul
    2 mins ago


















  • To you, what is the definition of a "whitehat"? I could read your question in a couple ways depending on your definition.
    – schroeder
    22 mins ago










  • "The term "white hat" refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies that ensures the security of an organization's information systems" from wikipedia
    – K.Fanedoul
    10 mins ago










  • Ok, so then why would a whitehat have a website to secure? What website is that? Why is a whitehat responsible to apply protections? This is the source of my confusion.
    – schroeder
    7 mins ago












  • I suspect you are misusing the terms. I suspect you mean to say "criminals" and "defenders". How can defenders secure their assets after a 0day is published and before a patch is released?
    – schroeder
    4 mins ago










  • He may have a website to secure if his campany work with a website. For me white hats have to FIND vulnerabilies and then to FIX them. Maybe i'm wrong and they just need to find them
    – K.Fanedoul
    2 mins ago
















To you, what is the definition of a "whitehat"? I could read your question in a couple ways depending on your definition.
– schroeder
22 mins ago




To you, what is the definition of a "whitehat"? I could read your question in a couple ways depending on your definition.
– schroeder
22 mins ago












"The term "white hat" refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies that ensures the security of an organization's information systems" from wikipedia
– K.Fanedoul
10 mins ago




"The term "white hat" refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies that ensures the security of an organization's information systems" from wikipedia
– K.Fanedoul
10 mins ago












Ok, so then why would a whitehat have a website to secure? What website is that? Why is a whitehat responsible to apply protections? This is the source of my confusion.
– schroeder
7 mins ago






Ok, so then why would a whitehat have a website to secure? What website is that? Why is a whitehat responsible to apply protections? This is the source of my confusion.
– schroeder
7 mins ago














I suspect you are misusing the terms. I suspect you mean to say "criminals" and "defenders". How can defenders secure their assets after a 0day is published and before a patch is released?
– schroeder
4 mins ago




I suspect you are misusing the terms. I suspect you mean to say "criminals" and "defenders". How can defenders secure their assets after a 0day is published and before a patch is released?
– schroeder
4 mins ago












He may have a website to secure if his campany work with a website. For me white hats have to FIND vulnerabilies and then to FIX them. Maybe i'm wrong and they just need to find them
– K.Fanedoul
2 mins ago




He may have a website to secure if his campany work with a website. For me white hats have to FIND vulnerabilies and then to FIX them. Maybe i'm wrong and they just need to find them
– K.Fanedoul
2 mins ago










1 Answer
1






active

oldest

votes

















up vote
4
down vote













The person who discovers a security issue often reports it to the software vendor or developer first. This gives the software vendor time to fix the issue before publication. Then, after it is fixed the bug is publicly disclosed. This process is called responsible disclosure.



Sometimes, someone doesn't disclose the zero-day to the software vendor but uses it to hack other systems. Doing this can tip of security companies and disclose the bug, burning the zero-day.



I don't think your statement "most of the time, this same 0day is used since months by black hats" is true. This is true for some security issues, but a lot of zero-day bugs are found for the first time by white-hat hackers. I wouldn't say black hat hackers are ahead of white hat hackers. They both find security issues and some of these overlap. However, the offense has it easier than the defense in that the offense only needs to find one bug, and the defense needs to fix all the bugs.






share|improve this answer





















  • Thank's for the answer, I said that : "most of the time, this same 0day is used since months by black hats" because i have read a lot of black hats interview saying that they are using those 0day way before any publication
    – K.Fanedoul
    47 mins ago










  • Ah, because we all know that anonymous black hats are completely reliable sources ...
    – pjc50
    2 mins ago











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});






K.Fanedoul is a new contributor. Be nice, and check out our Code of Conduct.










draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f199672%2fhow-whitehats-secure-a-0day-before-patch%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
4
down vote













The person who discovers a security issue often reports it to the software vendor or developer first. This gives the software vendor time to fix the issue before publication. Then, after it is fixed the bug is publicly disclosed. This process is called responsible disclosure.



Sometimes, someone doesn't disclose the zero-day to the software vendor but uses it to hack other systems. Doing this can tip of security companies and disclose the bug, burning the zero-day.



I don't think your statement "most of the time, this same 0day is used since months by black hats" is true. This is true for some security issues, but a lot of zero-day bugs are found for the first time by white-hat hackers. I wouldn't say black hat hackers are ahead of white hat hackers. They both find security issues and some of these overlap. However, the offense has it easier than the defense in that the offense only needs to find one bug, and the defense needs to fix all the bugs.






share|improve this answer





















  • Thank's for the answer, I said that : "most of the time, this same 0day is used since months by black hats" because i have read a lot of black hats interview saying that they are using those 0day way before any publication
    – K.Fanedoul
    47 mins ago










  • Ah, because we all know that anonymous black hats are completely reliable sources ...
    – pjc50
    2 mins ago















up vote
4
down vote













The person who discovers a security issue often reports it to the software vendor or developer first. This gives the software vendor time to fix the issue before publication. Then, after it is fixed the bug is publicly disclosed. This process is called responsible disclosure.



Sometimes, someone doesn't disclose the zero-day to the software vendor but uses it to hack other systems. Doing this can tip of security companies and disclose the bug, burning the zero-day.



I don't think your statement "most of the time, this same 0day is used since months by black hats" is true. This is true for some security issues, but a lot of zero-day bugs are found for the first time by white-hat hackers. I wouldn't say black hat hackers are ahead of white hat hackers. They both find security issues and some of these overlap. However, the offense has it easier than the defense in that the offense only needs to find one bug, and the defense needs to fix all the bugs.






share|improve this answer





















  • Thank's for the answer, I said that : "most of the time, this same 0day is used since months by black hats" because i have read a lot of black hats interview saying that they are using those 0day way before any publication
    – K.Fanedoul
    47 mins ago










  • Ah, because we all know that anonymous black hats are completely reliable sources ...
    – pjc50
    2 mins ago













up vote
4
down vote










up vote
4
down vote









The person who discovers a security issue often reports it to the software vendor or developer first. This gives the software vendor time to fix the issue before publication. Then, after it is fixed the bug is publicly disclosed. This process is called responsible disclosure.



Sometimes, someone doesn't disclose the zero-day to the software vendor but uses it to hack other systems. Doing this can tip of security companies and disclose the bug, burning the zero-day.



I don't think your statement "most of the time, this same 0day is used since months by black hats" is true. This is true for some security issues, but a lot of zero-day bugs are found for the first time by white-hat hackers. I wouldn't say black hat hackers are ahead of white hat hackers. They both find security issues and some of these overlap. However, the offense has it easier than the defense in that the offense only needs to find one bug, and the defense needs to fix all the bugs.






share|improve this answer












The person who discovers a security issue often reports it to the software vendor or developer first. This gives the software vendor time to fix the issue before publication. Then, after it is fixed the bug is publicly disclosed. This process is called responsible disclosure.



Sometimes, someone doesn't disclose the zero-day to the software vendor but uses it to hack other systems. Doing this can tip of security companies and disclose the bug, burning the zero-day.



I don't think your statement "most of the time, this same 0day is used since months by black hats" is true. This is true for some security issues, but a lot of zero-day bugs are found for the first time by white-hat hackers. I wouldn't say black hat hackers are ahead of white hat hackers. They both find security issues and some of these overlap. However, the offense has it easier than the defense in that the offense only needs to find one bug, and the defense needs to fix all the bugs.







share|improve this answer












share|improve this answer



share|improve this answer










answered 1 hour ago









Sjoerd

16.1k73856




16.1k73856












  • Thank's for the answer, I said that : "most of the time, this same 0day is used since months by black hats" because i have read a lot of black hats interview saying that they are using those 0day way before any publication
    – K.Fanedoul
    47 mins ago










  • Ah, because we all know that anonymous black hats are completely reliable sources ...
    – pjc50
    2 mins ago


















  • Thank's for the answer, I said that : "most of the time, this same 0day is used since months by black hats" because i have read a lot of black hats interview saying that they are using those 0day way before any publication
    – K.Fanedoul
    47 mins ago










  • Ah, because we all know that anonymous black hats are completely reliable sources ...
    – pjc50
    2 mins ago
















Thank's for the answer, I said that : "most of the time, this same 0day is used since months by black hats" because i have read a lot of black hats interview saying that they are using those 0day way before any publication
– K.Fanedoul
47 mins ago




Thank's for the answer, I said that : "most of the time, this same 0day is used since months by black hats" because i have read a lot of black hats interview saying that they are using those 0day way before any publication
– K.Fanedoul
47 mins ago












Ah, because we all know that anonymous black hats are completely reliable sources ...
– pjc50
2 mins ago




Ah, because we all know that anonymous black hats are completely reliable sources ...
– pjc50
2 mins ago










K.Fanedoul is a new contributor. Be nice, and check out our Code of Conduct.










draft saved

draft discarded


















K.Fanedoul is a new contributor. Be nice, and check out our Code of Conduct.













K.Fanedoul is a new contributor. Be nice, and check out our Code of Conduct.












K.Fanedoul is a new contributor. Be nice, and check out our Code of Conduct.
















Thanks for contributing an answer to Information Security Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f199672%2fhow-whitehats-secure-a-0day-before-patch%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

What visual should I use to simply compare current year value vs last year in Power BI desktop

Image
0 I have column SubToBind that shows current year ratio and column PY SubToBind which shows previous year ratio. How can I simply create a card that would be displaying them both in a nice way? Something like that: I cannot achieve that with regular card, I also tried Card with States by OKViz but also unable to see both values. In KPI visual - I dont like the word "Goal", it will confuse end users. Are there any cards or other visuals that would do the job? Thanks powerbi dax powerbi-embedded share | improve this question edited Jun 11 '18 at 20:11 Oleg
Read more

Alexandru Averescu

Image
Alexandre Averescu Alexandru Averescu Naissance 3 avril 1859 Babele, Ismail  (ro) près de Izmaïl (principauté de Moldavie) Décès 2 octobre 1938 (à 79 ans) [ 1 ] Bucarest Origine   Roumanie Arme cavalerie Grade Maréchal Années de service 1901-1917 Commandement chef d'état-major général 2 e  armée 3 e  armée Groupe d'armée sud armée du Danube Conflits Guerre russo-turque de 1877-1878 Deuxième guerre balkanique Première Guerre mondiale Faits d'armes Bataille de Turtucaia/Tutrakan Bataille de Mărăști Distinctions Autres fonctions 3 fois président du Conseil des ministres ministre des Affaires étrangères ministre sans portefeuille conseiller de la Couronne modifier   Alexandre Averescu (en roumain : Alexandru Averescu .mw-parser-output .prononciation>a{background:url("//upload.wikimedia.org/wikipedia/commons/thumb/8/8a/Loudspeaker.svg/11px-Loudspeaker.svg.png")center
Read more

Trompette piccolo

Image
Ne doit pas être confondu avec trompette de poche. Trompette piccolo en si bémol, avec des branches d'embouchure différentes pour le si bémol (la plus courte) ou la (la plus longue) Trompette piccolo La trompette piccolo est la plus petite de la famille des trompettes. Elle joue une octave plus haut que la trompette standard en si bémol. La plupart des trompettes piccolo sont conçues pour jouer dans les deux tonalités de si bémol ou la, en utilisant une branche d'embouchure différente pour chaque tonalité. Le tube de la trompette piccolo en si bémol a une longueur moitié de celle de la trompette normale en si bémol. Des trompettes piccolo en sol, fa, ut sont également fabriquées, mais elles sont rares. La trompette soprano en ré, aussi connu comme la « trompette Bach », a été inventée vers 1890 par le facteur belge Victor-Charles Mahillon pour jouer les parties hautes de la trompette dans la musique de Bach et Haendel. La trompette piccolo moderne permet aux
Read more