Harmonizing Stakeholder Roles in Vulnerability Management
Zscaler , Friday, May 30th, 2025
Vulnerability management is a fundamental component of any effective security program, yet it often turns into a tug-of-war between stakeholders with wildly different priorities. Researchers unearth vulnerabilities, developers aim to ship products on tight deadlines, operators are tasked with reducing risk, and security leaders have to oversee the entire chaotic process. It's no wonder friction arises!
At the CVE/FIRST VulnCon 2025 & Annual CNA Summit, I had the opportunity to moderate a lively discussion titled 'Who's Vulnerability Is It Anyway? Harmonizing Stakeholder Roles in Vulnerability Management' featuring panelists Kayla Underkoffler (Zenity), Havaya Garti (Snyk), and James Berthoty (Latio Tech).
This blog captures highlights from the session, sheds light on these challenges, and explores how improved collaboration across teams can drive better security outcomes.
You can watch this session and the complete track from VulnCon 2025 on the FIRST YouTube channel.