What is Vulnerability Management?
Vulnerability management is the continuous process of identifying, assessing, reporting, managing, and remediating cyber-related vulnerabilities across all endpoints and systems in an organization.
What is the vulnerability management cycle?
Gartner defines the vulnerability management cycle in five steps.
- Assess: identify assets, scan, and report
- Prioritize: Assign value to the assets, gauge exposure, add threat context
- Act: remediate risks, mitigate risks, accept risk
- Reassess: Rescan systems and validate remediation
- Improve: Eliminate underlying issues, evolve process and SLAs, evaluate metrics
Is there a difference between vulnerability management and vulnerability assessment?
Vulnerability management and vulnerability assessment are different. Vulnerability management is an ongoing process as outlined in the cycle above. Vulnerability assessment is a one-time evaluation of a network or endpoint.
Vulnerability management can feel overwhelming — but it doesn’t have to be. Learn how Axonius simplifies the process.