May 4, 2026—Risk events powered by TrendAI™ Zero Day Initiative™ now appear in Vulnerability Management and Threat and Exposure Management when a
zero-day vulnerability affecting software in your environment is identified. ZDI-powered
events generate before a CVE is publicly disclosed, giving you time to prepare, monitor,
and isolate affected assets ahead of any patch.
To help protect your assets, post-exploitation detection models monitor flagged assets
for suspicious behavior such as shell drops or lateral movement, and trigger workbench
alerts when activity is observed. For network-based vulnerabilities, virtual patching
is available through TippingPoint Intrusion Prevention rules that block exploitation
attempts at the network level while you wait for a vendor patch. For Windows application
vulnerabilities, application blocking lets you prevent vulnerable application versions
from launching on protected endpoints.
To use Application Blocking, endpoints must be protected by TrendAI Vision One™ Endpoint Security with Windows endpoint protection enabled.
For more information, see Vulnerability Management.