On April 10, 2024, Palo Alto Networks disclosed a zero-day vulnerability (CVE-2024-3400) in its VPN product after observing active exploitation at multiple organizations. This vulnerability is just one of many to be disclosed in recent months (Cisco, Ivanti and likely others) resulting in organizations to take rapid action to reduce the likelihood of exploitation. Steven Taylor, who recently led Incident Management at Palo Alto Networks and now a Consulting Director at MorganFranklin Cyber, plans to share insights from the frontline (publicly available), ongoing persistence from threat actors and practical steps to reduce cyber risk when a critical vulnerability is disclosed by a software provider.