At the end of the day, a mature security organization is an organization in which every risk or vulnerability that is uncovered, regardless of its source, should be given the investment that would be needed protect the organization from the reported threat.
We've seen many organizations, including financial organizations, that have put in different defences based on the vulnerabilities that have been reported to them, in order to eradicate entire vulnerability classes or to protect consumers against security threats. Two-factor authentication is often used when you sign into a bank account.
The most common security vulnerabilities are usually pretty straightforward for companies to address, but especially with the data we have, we can help an organization to prioritize in-depth defences in order to better protect the organization in the long term.