Protect against Log4J without patching
Learn More
Protect against Log4J without patching
Learn More

UncategorizedZero Day Attack Prevention | Application Security | K2 Cyber Security


August 30, 2020 Timothy Chiu, VP of Marketing
Google Report Shows Zero Day Exploits On Track to Meet or Top Last Year’s Numbers

ZDNet recently reported on a new Google report from Google’s Project Zero security team, showing that eleven zero-days detected in the wild in the first half of 2020.  That puts 2020 on track to match or top last year’s total number, when Google researchers found 20 zero-day exploits.  This news corresponds with other reports this year showing an increase in zero day attacks.

Google’s report is based on Google’s internal statistics about in-the-wild zero-day usage going as far back as 2014, when the company began tracking zero day stats. Of the 20 zero-days tracked by Google in 2019, eleven of the 20 zero-days impacted Microsoft products. Two companies discovered half of all of 2019’s zero-days (Google discovered 7 and Kaspersky found 4).

With these continued stream of zero day attacks, it’s more important than ever to make sure you’ve got security for your web applications and application workloads.  It’s also important to remember that zero-day attacks are becoming more and more sophisticated.  With the ingenuity found in each new zero day attack, it’s more than likely the next big zero day attack will have no foundation in a past attack (since most security technologies like machine learning and artificial intelligence look at past attacks as a way to predict what a future attack will look like).  To detect the next new zero day attack we need to change the way we approach security.  We need to look at technologies that don’t rely on past attacks, for example, using deterministic security based on the application itself, rather than past attacks.

K2’s runtime deterministic application security platform monitors the application and has a deep understanding of the application’s control flows, DNA and execution.  By validating the application’s control flows, deterministic security is based on the application itself, rather than relying on past attacks to determine a zero day attack.  Deterministic security results in the detection of sophisticated zero day attacks.

K2’s Next Generation Application Workload Protection Platform addresses today’s need for runtime security in an easy to use, easy to deploy solution.  K2’s unique deterministic security detects new attacks without the need to rely on past attack knowledge, is lightweight, and adds under a millisecond of latency to the running application.  To aid in quick remediation of vulnerabilities, K2 also provides detailed attack telemetry including the code module and line number being in the code being attacked, while at the same time integrating with leading firewalls to do real time attacker blocking.

Change how you develop and protect your applications.

Find out more about K2 today by requesting a demo, or get your free trial.



Share this

Leave a Reply

Your email address will not be published. Required fields are marked *


K2 Cyber Security delivers the Next Generation Application Security Platform to secure web applications and container workloads against sophisticated attacks in OWASP Top 10 and provides exploitable vulnerability detection during pre-production. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production/QA servers for interactive application security testing to identify the location of the vulnerable code. K2’s solution generates almost no false positives, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools like Web Application Firewalls and host based EDR, finds missed exploitable vulnerabilities and dramatically reduces security cost. K2 Cyber Security is headquartered in the USA and provides cyber security solutions globally.


K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131