VulnCheck Security Architect Scott Moore will be presenting “The Myth of the Meteoric Rise in Vulnerabilities” at BSides Knoxville 2026 on May 22, 2026.
This session challenges the common narrative that rising vulnerability counts reflect declining software security. While CVE disclosures increased significantly in recent years, the rise is often influenced by reporting incentives, expanded coverage across ecosystems, and academic initiatives, rather than a direct increase in exploitable risk. Scott Moore will examine the structural drivers behind CVE growth and explain how inflated counts can distort risk perception, misdirect remediation efforts, and obscure real progress in secure development.
About Scott Moore, Security Architect
Scott brings decades of experience working with vulnerability data. He created and contributed to IBM’s X-Force Database and served as a Security Architect for the IBM PSIRT, where he helped operate IBM’s CVE Numbering Authority (CNA). Scott has issued more CVEs than any other individual. At VulnCheck, he will focus on scaling our CVE issuance through automation. Scott is passionate about all things vulnerability-related and may be the only person who claims to love CPE.