Vulnerability management

What is enterprise vulnerability management? Why is it important to renew a vulnerability management program for enterprises?

Find more posts tagged with

cybersecurity

vulnerability assessment

penetration testing provider

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

SteveLavoie

Well, it think that vulnerability management is one of the basic tool to protect you. It is important to keep thing updated.

JDMurray

Start by understanding the difference between a "threat" and a "vulnerability" and how "exploit" is related to both.

chrisone

Lame analogy coming in 3, 2, 1....

Look at it this way. You have a house with a safe containing diamonds and gold. The house has a broken fence, broken cameras, opened windows, broken door locks, the safe is opened, safe is visible or accessible a few feet from the street, no camera system.
Vulnerability management would first be for you to identify all these issues, because you probably don't even know you have all these problems. Second purpose of vulnerability management would be to plan on fixing these issues and continue to identify any future problems with these systems.
I know I am forgetting this but I guess before you get to the vulnerability management you should understand your critical assets. Like do you know the diamonds and gold are valuable to you and you should take care of them?

I know its a simple analogy but hopefully will give you a simple idea of what vulnerability management.

SteveLavoie

@chrisone it look lame, but it isnt. The analogy is fine and explain in nice detail what is the broader concept of vuln management.

chrisone

Thanks @SteveLavoie

yoba222

Could you please provide some context as to why you're asking this question?

Severine

Thanks, Chrisone! for your reply

Hello yoda222, every day some new vulnerabilities or exploits are discovered, and cyber attackers try to exploit them, so when a vulnerability management program is built, there are several factors that are required to account for, that's why I wanted to know which factors are required to be considered while building vulnerability management programs? and how to renew it.