Vulnerability management describes the ongoing process of identifying, classifying, and remediating security holes. Each step of the process is part of a continuous cycle focused on improving security in a computer, network, or communications infrastructure. Vulnerability management reduces the likelihood that flaws in code or design compromise an organization’s overall security posture. It proactively seeks out exposures and evaluates risks by finding, prioritizing, and mitigating security vulnerabilities.
The term vulnerability management can be confused with vulnerability scanning. Despite the fact that they are related, there is an important difference between the two. Vulnerability scanning consists of using a computer program to identify vulnerabilities in networks, computer infrastructure, or applications. Vulnerability management is the broader process that provides a continuous overview of vulnerabilities in an IT environment, taking into account things such as risk assessment, risk acceptance, and remediation strategies.
Security scan tools, vulnerability assessment tools, and vulnerability scanner software are important parts of a robust vulnerability management approach.
Learn more about vulnerability management in WhiteHat Sentinel.