With the advantage of internal positioning inside the application layer, ADR has the context necessary to spot attacks on both known and unknown vulnerabilities, including zero-day attacks at the application layer that XDR and WAFs miss.
Why focus on zero-day protection?
Over 4x increase in zero-day vulnerabilities between 2013 and 2023.
- There was a 50% increase in zero-days being exploited year-over-year, according to Google Threat Analysis and Mandiant.
- In October 2024, the National Security Agency (NSA) and the Cybersecurity an Infrastructure Security Agency (CISA) released a list of most-exploited vulnerabilities by APT groups: The list highlighted that the majority were zero days.
- When asked about the biggest current issues in regard to safeguarding applications and APIs, more than 71% of financial institutions surveyed said it was zero-day attacks (Contrast research, December 2024).
Can zero-day exploits be mitigated?
The ultimate goal is to either find vulnerabilities before they’re discovered and reported, let alone before exploit code is released and to fix them, or to have a protection mechanism in place that can defend against attacks even before they are known.
- Web Application Firewalls (WAFs) rely on known attack signatures. Updates and fixes are provided
after the fact. That is why organizations struggle to counter zero-day exploits. - Contrast Application Detection and Response (ADR) automatically establishes trust boundaries inside the application, both in custom code and libraries.
This added layer of protection is a powerful safeguard to mitigate breach consequences. Consider this:
- $4.88 million
The average cost of a data breach in 2024.1 - $1.38 million lower
The cost of breach when it is detected early.2
Learn more about Contrast ADR
To learn more about how ADR technology can protect your organization from zero-day attacks, download a copy of our ebook, Anatomy of a modern application attack.
1 Ponemon Institute, “The State of Vulnerability Management in DevSecOps,” 2022
2 2024 Verizon DBIR Report