Mike Vizard talks with Kate Scarcella and Tracy Ragan about the growing weaponization of software vulnerabilities and the security risks created when governments and threat actors withhold vulnerability disclosures. They discuss why DevSecOps teams need better visibility into deployed software, stronger SBOM practices and more automation to identify and remediate post-deployment vulnerabilities. The conversation also explores AI security risks, human oversight and the need for closer collaboration between developers, security teams and data scientists.