Vulnerability management is the continuous process of identifying, assessing, reporting, managing, and remediating cyber-related vulnerabilities across all endpoints and systems in an organization.
What is the vulnerability management cycle?
Gartner defines the vulnerability management cycle in five steps.
Assess: identify assets, scan, and report
Prioritize: Assign value to the assets, gauge exposure, add threat context
Act: remediate risks, mitigate risks, accept risk
Reassess: Rescan systems and validate remediation
Improve: Eliminate underlying issues, evolve process and SLAs, evaluate metrics
Is there a difference between vulnerability management and vulnerability assessment?
Vulnerability management and vulnerability assessment are different. Vulnerability management is an ongoing process as outlined in the cycle above. Vulnerability assessment is a one-time evaluation of a network or endpoint.
See the Axonius Platform for yourself with an interactive product tour, where we'll guide you through key applications of our Cybersecurity Asset Management and SaaS Management solutions.
Sign-up for a free full-access 30 day trial to learn how Axonius gives IT and security teams a comprehensive understanding of all assets, their relationships, and business-level context including devices, identities, software, SaaS applications, vulnerabilities and security controls, and more.
Request a demo to learn how the Axonius Platform provides a system of record for all digital infrastructure helping IT and security teams manage an always-expanding sprawl of devices, users, software, SaaS applications, cloud services, and the tools used to manage and secure them.
