Why People Don't Want to Do Vulnerability Management?

Vulnerability management is starting to become a board level issue, right? Like we have half our customers are having to report on VM to the board every quarter as part of their overall security posture reporting. The problem and to your point is how do we get the folks that are actually the ones that are fixing vulnerabilities when it's not their primary job to want to do so? And I think that there's been two big contributing factors as to why folks don't, they're not motivated. There's always too much data, like just the volume is incredible. It's, hey, we have an SLA to fix all critical vulnerabilities within 12 days. You could literally spend your entire dev team