What is a Vulnerability Management Program?
A Vulnerability Management Program is a continuous process organizations use to identify, assess, prioritize and remediate vulnerabilities and threats. The goal is to reduce the attack surface and prevent exploitation by not just malicious actors, but other manmade and natural threats. Patch management and vulnerability scanning are common activities found within a vulnerability management program.
An effective vulnerability management program integrates automated tools with skilled analysts and aligns with risk management and incident response processes.