Vulnerability exploitation just became the #1 cause of data breaches. For application security professionals, this isn’t news — it’s decades of warnings finally showing up in the data. Join the authors of the reports that saw it coming.
The 2026 Verizon Data Breach Investigations Report made headlines for a reason: for the first time, exploitation of vulnerabilities surpassed credential theft as the #1 breach vector — appearing in 31% of all breaches, a 55% increase in the last year. For anyone who has spent time in application security, the surprise isn’t the finding. It’s that it took this long for the rest of the world to catch up.
Veracode’s own 2026 State of Software Security report — built from over 1.6 million applications — shows exactly why: 82% of organizations are carrying unresolved security debt, critical flaws with both high severity and high exploitability grew 36% in a single year, and only 26% of CISA KEV vulnerabilities were fully remediated. Attackers have done the math. This webinar is about helping defenders do it too.
Join the teams behind both reports — on the same stage, for the first time — for a direct conversation about what this data means for your security program right now.
What You’ll Learn:
- Why vulnerability exploitation is now #1 — what drove the shift and what it means for how you prioritize remediation
- The metrics security leaders should care about in 2026 — from time-to-remediation to exploitability exposure and security debt accumulation
- AI on offense and defense — how threat actors are using AI to scale attacks, and how AI-guided remediation can finally close the fix-rate gap
Speakers:
Alex Pinto
Director of Threat Intelligence | Lead, DBIR
Verizon
Chris Wysopal
Co-Founder & Chief Security Evangelist
Veracode
Sohail Iqbal
Chief Information Security Officer
Veracode
Natalie Tischler
Story Magician
Veracode
Can’t make it live? Register anyway and we will send over the recording as soon as it is available.