Vulnerability Management
Definition
Vulnerability management is the continuous process of identifying, evaluating, prioritizing, and remediating security vulnerabilities in systems, software, and configurations across an organization's IT environment.
Buyer context
A mature vulnerability management program goes beyond running periodic scans. It includes asset discovery, risk-based prioritization (accounting for exploitability and business impact), patch management, configuration hardening, and validation. Many SOC providers include vulnerability management or integrate vulnerability data into their detection workflows to provide better context for alert triage.