What is Vulnerability Management?


Vulnerability Management (VM) is the process of identifying the inventory, using tools to perform security tests on the project to identify vulnerabilities, catalog the vulnerabilities, and then patching/fixing those. It is an ongoing process and can be thought of as a part of continuous security testing.


The following components are there in this phase:

  • Vulnerability Management tools


People involved: Developers


External sources

https://www.hitachi-systems-security.com/blog/difference-vulnerability-assessments-vulnerability-management/ 


Why is it important in DevSecOps? 

Vulnerability Management tools fetch the reports generated by different tools to one dashboard and provide a holistic view of the threats/vulnerabilities. Such tools also provide integration with other components to notify the concerned people and follow up on the reported issues. This ensures that the vulnerabilities can be tracked and resolved efficiently. 

User Avatar

ArcherySec: Vulnerability Management ...

User Avatar

Defect Dojo: Managing Vulnerabilities