Introducing Illumio Insights — breakthrough AI-powered observability, detection, and containment.
Read more

Experienced a Breach?

|
Contact Us
|
+1 855 426 3983
back to glossary

Vulnerability Management

Vulnerability management is the process of discovering, prioritization, remediation, and ongoing measurement and reporting of security vulnerabilities in software and systems. This process is essential for organizations to understand and address vulnerabilities to minimize their "attack surface."

A reliable management solution will regularly scan for new vulnerabilities in order to limit the risk of cybersecurity breaches. Without this, discovered security gaps may be exploitable for long periods. Attackers can capitalize on this to target organizations.

Why do you need vulnerability management?

A vulnerability is defined as any means by which an attacker can access sensitive information or infect a workload. Complete vulnerability management offers security teams the needed insights to understand any weaknesses in corporate applications, and network. It allows security teams to properly manage and patch vulnerabilities that pose risks to the applications and network, thus protecting organizations from threat actors and the possibility of a breach.

What is management vs. assessment?

A vulnerability assessment is a part of a complete vulnerability management system. Organizations will likely run multiple vulnerability assessments to get a systematic overview of the vulnerabilities in their applications and network. This assessment identifies and prioritizes vulnerabilities to inform their action plan.

What is vulnerability management framework?

Vulnerability management requires a structured approach in order to discover and remediate all vulnerabilities. Even one undiscovered vulnerability could be exploited by attackers to infect a workstation or capture sensitive information. A rigid process repeated continually ensures that attack surfaces are reduced before they are taken advantage of.

The process can be broken down into the following steps:

  1. Assessment and identification
  2. Prioritization
  3. Remediation
  4. Measure

Identification

Following are application types in which to identify security vulnerabilities:

  1. Thick client or desktop application
  2. Thin client or web-based applications
  3. Cloud-based applications (AWS)
  4. Microservices

This initial part is to scan for and identify vulnerabilities in an environment. Systems that would be scanned can include employee laptops and desktops, servers and databases, firewalls, and network infrastructure.

Prioritization

After vulnerabilities are identified, they need to be prioritized so they are dealt with in the appropriate order according to organizational vulnerability management plans. Vulnerability management technology offers risk scores for vulnerabilities - Common Vulnerability Scoring System (CVSS) scoring is a common one. These scores help prioritize vulnerabilities by severity so companies know which vulnerabilities to address first.

Remediate

After a vulnerability has been identified and prioritized, organizations must determine how (even if) they will address the vulnerability. The first and best option is applying security patches so a vulnerability can’t be exploited.          

Mitigate

At times, patches are not yet available. Sometimes patching is not always possible on older systems outside the vendor support window. Or at times, patching cannot be done right away, and the company must wait for the proper change window. When these situations arise, mitigation using compensating controls is a common way to address vulnerabilities. Micro-segmentation is a common risk mitigation technique to reduce attack surfaces while organizations find time to patch. Isolating the vulnerable workloads from the rest of the network prevents attackers from moving laterally until patches are applied.

Accept

At times, an organization may decide to accept the vulnerability without patching or taking mitigation steps. When vulnerabilities are considered very low risk, merely acknowledging they may happen since they are more trouble than they are worth addressing.

Continuous measurement

Ongoing analysis and measurement of a vulnerability management program is essential in understanding the progression of metrics like time to discover/identification and time to remediation. With an understanding of these metrics, teams can strive for continuous improvement. Additionally, the reporting of these metrics can assist with compliance initiatives that include vulnerability management.

These metrics are also crucial to reporting. Measurements should be taken to executives to report on the effectiveness of vulnerability management or when seeking additional budget to identify and remediate vulnerabilities.

What are the features of a good vulnerability management system?

Here are a handful of high-level capabilities that good systems will provide:

  • IT asset and application discovery and inventory
  • Real-time monitoring and vulnerability scanning of every asset; understanding of business risk of each asset
  • Recommended security actions based on vulnerability assessment and business risk
  • Prescriptive fixes to address

Learn more

Rapidly tackle patch and vulnerability management with vulnerability maps from Illumio. Learn how you can combine data from your vulnerability scanner with Illumio's real-time maps to measure and reduce risk exposure.

back to glossary

Vulnerability Management

blog posts

Cyber Resilience

The Business of Cybercrime: What a Former FBI Assistant Director Wants Every CISO to Know

Learn why CISOs must adopt a business-minded approach to cybersecurity and how Zero Trust can help close the gap between risk and resilience.
read now
Cyber Resilience

5 Things I Learned From a Former FBI Most-Wanted Hacker

Learn five eye-opening lessons from Brett Johnson, former most-wanted cybercriminal, on deception, trust, and why Zero Trust is more important than ever.
read now
Zero Trust Segmentation

What Nonprofits are Teaching the Cybersecurity Industry

Learn from nonprofit cybersecurity expert Dr. Kelley Misata on how mission-driven organizations are approaching security with empathy, purpose, and a listen-first mindset.
read now

Vulnerability Management

briefs

Brief

Illumio Insights

Learn about the first cloud detection and response (CDR) solution built on an AI security graph.

read now

Vulnerability Management

demos

No items found.

Vulnerability Management

guides

Guide

The Big Book of Breaches

The year’s most devastating attacks, how they happened, and what you can do about them

read now
Guide

The Cloud Resilience Playbook

Learn how to combat, contain, and conquer breaches in the cloud with microsegmentation.

read now

Vulnerability Management

infographics

No items found.

Vulnerability Management

reports

No items found.

Vulnerability Management

webinars

webinar

Illumio and IBM: Building Resiliency for DORA Compliance

January 17, 2025, marks a crucial deadline for financial institutions across the EU. Are you ready to meet the Digital Operational Resilience Act (DORA) compliance requirements? Learn about the crucial role Zero Trust Segmentation plays in building cyber resilience for DORA compliance.

learn more
webinar

DORA Compliance: The Critical Role of Zero Trust Segmentation

Raghu Nandakumara and Russell Goodwin explain DORA's requirements for cyber resilience and how Illumio can help you achieve compliance.

learn more
webinar

Illumio Partner Webinar

learn more

Vulnerability Management

videos

Video

Illumio Sentinel Integration Demo

Watch how Illumio's integration with Microsoft Sentinel streamlines SecOps, strengthens compliance, and accelerates cyber incident response.

read now

Vulnerability Management

blog posts

No items found.

Vulnerability Management

guides

No items found.

Vulnerability Management

webinars

No items found.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?

Learn more