Trials and demos
How to buy

What is an exploit?

An exploit is a program, or piece of code, designed to find and take advantage of a security flaw or vulnerability in an application or computer system, typically for malicious purposes such as installing malware. An exploit is not malware itself, but rather it is a method used by cybercriminals to deliver malware.

Cisco Secure Endpoint

    How an exploit works

    How does an exploit work?

    For exploits to be effective, many vulnerabilities require an attacker to initiate a series of suspicious operations to set up an exploit. Typically, a majority of the vulnerabilities are result of a software or system architecture bug. Attackers write their code to take advantage of these vulnerabilities and inject various types of malware into the system.

    How do I defend against exploits?

    Many software vendors patch known bugs to remove the vulnerability. Security software also helps by detecting, reporting, and blocking suspicious operations. It prevents exploits from occurring and damaging computer systems, regardless of what malware the exploit was trying to initiate.

    The typical security software implemented by businesses to ward off exploits is referred to as threat defense as well as endpoint, detection, and response (EDR) software. Other best practices are to initiate a penetration testing program, which is used to validate the effectiveness of the defense.

    Types of exploits

    Known exploits

    After an exploit is made known to the authors of the affected software, the vulnerability is often fixed through a patch to make the exploit unusable. This information is made available to security vendors as well.  For publicly known cybersecurity vulnerabilities, there are organizations that list each vulnerability and provide an identification number, a description, and at least one public reference.

    Unknown exploits

    Exploits unknown to everyone but the people that developed them are referred to as zero-day exploits. These are by far the most dangerous exploits, as they occur when a software or system architecture contains a critical security vulnerability of which the vendor is unaware.

    The vulnerability becomes known when a hacker is detected exploiting the vulnerability, hence the term zero-day exploit. Once such an exploit occurs, systems running the exploit software are vulnerable to a cyber attack.  Either the vendor will eventually release a patch to correct the vulnerability or security software detects and blocks the exploit and resultant malware.

    Secure Endpoint free trial

    Resources

    Connect with us

    Network with your peers and learn more about security topics that interest you.

    Security Community Security announcements and events Security Blog Threat Research Blog Real-time threat info

    Related security topics

    What is the NIST Cybersecurity Framework? What is MITRE ATT&CK? What is threat hunting? What is cybersecurity? What is malware? What is ransomware? What is phishing? What is a DDoS attack?

    Useful Links

    Demos Trials Webinars