ZDI was started on July 25, 2005 by TippingPoint and was initially led by David Endler and Pedram Amini.

[3] The "zero-day" in ZDI's name refers to the first time, or Day Zero, when a vendor becomes aware of a vulnerability in a specific software.

Due to lack of incentive and safety and confidentiality concerns, researchers and hackers are often deterred from approaching vendors when finding vulnerabilities in their software.

"[16] ZDI also adjudicates the Pwn2Own hacking competition which occurs three times a year,[17] where teams of hackers can take home cash prizes and software and hardware devices which they have successfully exploited.

This combination of concerns has led to the rise of third-party programs such as ZDI and others as places to report and sell vulnerabilities for security researchers.