Security Congress Abstract
Proof-of-concept vulnerability exploits are the new “force majeure” that is directly impacting application security. Zero-day exploits are being bought and sold on the dark web and packaged into weaponized containers by nation-state actors. The race between cyber offense and defense has evolved. Organizations need to closely monitor the dark web for emerging exploit kits and prepare their defense accordingly. Shown is how to identify vulnerability researchers and open source projects to find defects prior to public or even embargoed discussions beginning.