Detecting and Removing Vulnerabilities

Vulnerability management has evolved from simply running a scanner on an application, computer, or network to detect common weaknesses. Scanning is an essential element of vulnerability management, but VM includes other technologies and workflow that contribute to a bigger picture required for controlling and removing vulnerabilities. The primary objectives of VM are to:

  •  Identify and fix faults in the software that affect security, performance, or functionality.
  •  Alter functionality or address a new security threat, such as updating an antivirus signature.
  •  Change a software configuration to make it less suscepti- ble to attack, run faster, or improve functionality.
  •  Use the most effective means to thwart automated attacks (such as worms, bots, and so on).
  •  Enable the effective improvement and management of security risks.
  •  Document the state of security for audit and compliance with laws, regulations, and business policy.

Consistent, ongoing vulnerability management is difficult, if not impossible to do on a manual basis. You have simply too many moving parts to juggle and act on in a timely and cost- effective manner. Repetitive tasks that regularly cycle through all devices are enormously time consuming – and an inefficient use of IT and network staff time.