Detectify's approach to handling zero-day vulnerabilities (0-days) involves a responsible and transparent process that prioritizes collaboration with vendors, researchers, and customers to mitigate risks without exposing them to potential attacks. A 0-day, often discovered by both malicious and ethical hackers, is a security flaw without an existing patch, and its discovery can impact all users of the affected technology. Detectify, through its bug bounty platform Detectify Crowdsource, occasionally receives 0-day submissions but chooses not to scan for them immediately to avoid leaving clients vulnerable. Instead, they validate the vulnerability and work with vendors to develop a solution within a 45-day disclosure period, which can be extended if necessary. By collaborating with top ethical hackers and automating vulnerability research, Detectify aims to democratize cybersecurity knowledge and help secure web applications with both known and patched 0-day vulnerabilities.