Google launched “Project Zero”

This post is also available in: עברית (Hebrew)

google_project_zero_Google announced that it has put together a team of cyber  security researchers to reduce threats online and aid third party companies by looking for potential vulnerabilities on their sites and helping to patch them.

According to a post on Google’s security blog, researcher Chris Evans said the Internet should be a safer place for users, and Project Zero is designed to make that a reality. “You should be able to use the web without fear that a criminal or state-sponsored actor is exploiting software bugs to infect your computer, steal secrets or monitor your communications,” he noted. Project Zero will set out to “improve the security of any software depended upon by large numbers of people, paying careful attention to the techniques, targets and motivations of attackers.” The team will keep an up-to-date external database listing all the bugs it discovers, and only report the vulnerabilities to the software’s vendor, not third parties.

The term “Project Zero” comes from the concept of a zero-day vulnerability, a previously unknown vulnerability discovered in the network and not by software manufacture