Modern software teams are inundated with vulnerability alerts. Although open-source dependencies make up most applications, many organizations still prioritize remediation based on worst-case severity rather than real-world risk. This leading to unnecessary upgrades, avoidable regressions, delayed releases, and wasted effort on vulnerabilities that pose no actual threat.

We have addressed these challenges in our upcoming 2026 release of ProGet, helping teams assess vulnerabilities in context and focus remediation on what is truly exploitable in their environment.

To demonstrate these upcoming changes, we recently hosted a webinar titled “Vulnerability Management in ProGet 2026,” and the recording is now available on YouTube. In this session, Mike Goulis showed how ProGet reduces vulnerability noise, prioritizes real-world risk, and enables more consistent remediation decisions through contextual analysis and actionable assessments:

In this webinar, we showcased several new vulnerability management features coming in ProGet 2026:

⭐ Risk Profiles for Context-Aware Evaluation: ProGet 2026 introduces tailored Risk Profiles that evaluate vulnerabilities based on your environment and application behavior rather than relying solely on generic severity scores.

⭐ Categories and Assessments that Drive Action: New “Categories” and “Assessment Types” in ProGet 2026 will categorize vulnerabilities based on real work impact in your organizations environment and assess them as either Monitor, Remediate, or Contain to guide teams with the right response.

⭐ Customizable Assessments and Alerts: Teams can customize assessment types, reduce unnecessary alerts, and align vulnerability management with internal workflows and policies.

Whether you’re a developer, DevOps engineer, security lead, or application owner, the webinar offers a practical look at what’s coming in the next release.