We deploy vulnerable software every day, it's just that we don't know it is vulnerable until a CVE gets published #DevSecCon