Glossary

    [resources, glossary, vulnerability-management]

    vulnerability management

    Vulnerability Management

    What is Vulnerability Management?

    Vulnerability management is the continuous process of identifying, assessing, reporting, managing, and remediating cyber-related vulnerabilities across all endpoints and systems in an organization.

    What is the vulnerability management cycle?

    Gartner defines the vulnerability management cycle in five steps.

    1. Assess: identify assets, scan, and report
    2. Prioritize: Assign value to the assets, gauge exposure, add threat context
    3. Act: remediate risks, mitigate risks, accept risk
    4. Reassess: Rescan systems and validate remediation
    5. Improve: Eliminate underlying issues, evolve process and SLAs, evaluate metrics

    Is there a difference between vulnerability management and vulnerability assessment?

    Vulnerability management and vulnerability assessment are different. Vulnerability management is an ongoing process as outlined in the cycle above. Vulnerability assessment is a one-time evaluation of a network or endpoint.

    Vulnerability management can feel overwhelming — but it doesn’t have to be. Learn how Axonius simplifies the process.