K2 claims victory over zero-day attacks February 21, 2019 https://www.zdnet.com/article/k2-claims-victory-over-zero-day-attacks/
No such thing since apps are constantly being updated and the new behavior must be integrated into the old behavior. In other words, the app has to be re-analyzed.
I believe Trusteer is also using such a method, but I have no idea how it works. They claim they can see if process memory has been modified in a malicious way, all done in real time.