To our knowledge, no information security laws or standards currently explicitly name 0patch or 3rd-party patches as a method to achieve compliance. However, most of them accept mitigations with varying degrees of specificity, and many of our customers find 0patch to be accepted at least as a mitigation, if not an actual patch. Ultimately, whether 0patch patches count towards your compliance goals or not depends mostly on your auditor's interpretation.
Have more questions? Submit a request