Hours, Not Days: The Race from Disclosure to In-the-Wild Exploitation

CEO and Founder, watchTowr
Patrick Garrity
Security Researcher, VulnCheck
Tod Beardsley
Director of Research, RunZero and CISA

In today’s threat landscape, the gap between vulnerability disclosure and active exploitation has narrowed to mere hours, sometimes minutes. This shrinking window leaves little room for delay, and traditional, reactive security approaches are no longer sufficient. This panel brings together leading voices in offensive security and vulnerability research: Benjamin Harris (CEO, watchTowr), Patrick Garrity (Researcher, VulnCheck), and Tod Beardsley (Director of Research, RunZero/CISA).

Together, they’ll explore the evolving speed of threat actor response post-disclosure, how automation and proactive threat intelligence are reshaping the early moments of a vulnerability’s life, and what defenders must do to keep up. The conversation will highlight how capabilities, such as real-time attacker telemetry, exploit intelligence, and cyber asset attack surface management, are enabling security teams to take decisive action earlier than ever before.

Drawing from real-world examples and original research, the panel will spotlight how organizations can shift left on defense and rapidly react to threats, enabling action before attackers strike. Attendees will gain insight into how platforms and research teams are helping organizations confidently answer the most critical question in the wake of a new vulnerability: “Are we affected?”

This panel is essential for anyone seeking to stay ahead of today’s accelerated exploitation timelines and rethink what early-stage vulnerability response can look like.