Vulnerability management is a pro-active approach to managing network security. It includes
- Checking for vulnerabilities: This process should include regular network
testing or use of an automated tool like a vulnerability scanner.
- Identifying vulnerabilities: This involves analyzing network scans and pen test results,
firewall logs or vulnerability scan results to find anomalies that suggest a malware
attack or other malicious event has taken advantage of a security vulnerability, or could possibly
- Verifying vulnerabilities: This process includes ascertaining whether the identified
vulnerabilities could actually be exploited on servers, applications,
networks or other systems. This also includes classifying the severity of a vulnerability and the
level of risk it presents to the organization.
- Mitigating vulnerabilities: This is the process of figuring out how to prevent
vulnerabilities from being exploited before a patch
is available, or in the event that there is no patch. It can involve taking the affected part of
the system off-line (if it's non-critical), or various other work-arounds.
- Patching vulnerabilities: This is the process of getting patches -- usually from the vendors of the affected software or hardware -- and applying them to all the affected areas in a timely way. This is sometimes an automated process, done with patch management tools. This step also includes patch testing,