Vulnerability Management is the process of identifying, evaluating, treating, and reporting on security vulnerabilities in systems and the software that runs on them.
Security Vulnerabilities, in turn, refer to technological weaknesses that allow attackers to compromise a product and the information it holds. This process needs to be performed continuously in order to keep up with new systems being added to networks, changes that are made to systems, and the discovery of new vulnerabilities over time.
Vulnerability Management Software can help automate this process. They’ll use a vulnerability scanner and sometimes endpoint agents to inventory a variety of systems on a network and find vulnerabilities on them. Once vulnerabilities are identified, the risk they pose needs to be evaluated in different contexts so decisions can be made about how to best treat them. For example, vulnerability validation can be an effective way to contextualize the real severity of a vulnerability.