"There are very few true zero day attacks."
Come, one, Rich? How do YOU know? Given that we know (and you yourself state) that there very few ways to prevent, block or even detect it ... What might be more true is that an average security-sloppy enterprise has more to fear and more to lose from "stale" attacks; however, it is NOT the same as to say that there are few 0days out there.
I am stunned when folks make those claims. BTW, check out this list that Pete Lindstrom maintains on public exposures of 0day attacks. But how many were used and are not on his (or anybody's) list? Ominous silence is the answer :-)