Zero Trust is a cybersecurity philosophy in which nothing (no users, no devices, etc.) is trusted by default, and everything is verified. Instead, all users, applications, network connections will be blocked by default until verified and expressly permitted. Once permitted, users, applications and network connections will only be allowed what is needed to carry out business, and nothing more.
A zero-day attack occurs when the developers are unaware of a vulnerability within a software, device, or network that becomes exploited by threat actors. The vulnerability, in this case, is known as a zero-day vulnerability. These "zero-day" vulnerabilities get their name from developers having zero days to implement responses and solutions for the exploited vulnerability.
