Infrastructure owners must regularly check their resources for the presence of malicious components. One of the ways in which a resource may become infected is as a result of “zero-day” vulnerability exploitation by cybercriminals. In this case, the developers of security tools used to protect the information system may be as yet unaware of the new threat. At the same time, experts may be investigating incidents related to the new threat. Moreover, some findings of these investigations may already be publicly available.