In additon to other vulnerabilities, Twistlock also scans for zero-day vulnerabilities.
Zero-day vulnerabilities are undisclosed holes in software packages that have not been publicly acknowledged or patched by the software provider. Twistlock has partnered with Exodus Intelligence, a security research firm that does original work on zero-days, to offer coverage for these types of vulnerabilities.
Zero-day vulnerabilities complement Twistlock’s comprehensive coverage for CVEs. Unlike zero-days, CVEs are publicly disclosed vulnerabilities that are reported by distributions, software vendors, and open source software projects.
Twistlock reports zero-day vulnerabilities alongside CVE vulnerabilities.
You do not need to take any action to enable zero-day vulnerability scanning; it is enabled by default. Zero-day vulnerabilities are reported in the Twistlock Intelligence stream, and it is updated as new zero-days are identified.
Open Console.
Go to Monitor > Vulnerabilities > Images.
The following screenshot shows a report for the morello/java-test:latest container image. The Twistlock scanner has uncovered a zero-day vulnerability in a Java package. Note that the vulnerability TYPE is marked as 0 Day.
Click VIEW DETAILS to get the EIP (Exodus Intelligence Program) identifier for the zero-day and a link to the Exodus portal for more information.
The Exodus portal provides the following details:
A short description.
Attack impacts.
List of affected software versions.
CVSS score.
You can optionally work with Exodus to purchase more detailed information about the threat.