Google Project Zero is a group of security agents to discover 0-day susceptibility. This Google assigned team makes all their efforts to discover and report bugs/vulnerabilities. These vulnerabilities will be stored in an external database and error reports sent directly to the vendors without any third-party interference. Google is continuously trying every efficient method to ensure web security and fix bugs without producing any inconvenience to web users. The main objective of this ethical hacker’s team is to enhance security protection in systems across the internet.
“Zero-day”
Zero-Day is a term that we can solve this issue.
Google project zero
- Google manages time and resources to discover the attacker and bugs to accomplish the objective.
- The company is hiring a third-party vendor to find discoveries on the terms of attack.
- Hawkes implements the idea of creating a coalition of the researcher’s team to enhance the power of project zero.
What’s new in Google Project Zero?
The team is modifying its issue disclosure policy to give vendors extra time to install patch to ensure security. In the recent policy, project zero will hold 90 days to reveal regarding the issue and resolution. The users require to install the patch to remain protected from hackers.
Google is happy with the recent “vulnerabilities report” i.e. 97.7% bugs are fixed with the present policy as a comparison to 6 months ago.
Initiatives:
- The new disclosure policy is a 12-month trial. The outcomes will be responsible for the decision to make this policy in the long term.
- Google project zero will implement faster patch development for more improvement within 90 days. This will let them discover the exploits more quickly.
- Improving patch adoption: now the users can get information about the bugs and how we can resolve it to ensure the web users that they are actually getting a benefit of fixing.
- Project zero wants to enhance consistency.
Closure:
Project Zero designates to improve patch adoption for the welfare of the users. Google will implement this 12-month trial policy of 90-days to convert this policy for the long term. This time of 90 days will be beneficial for engineers to cover small exploit modifications of the bugs. Google is recruiting the world’s intelligent security engineers to uncover the dangerous vulnerability across the internet.
