Vulnerability management is the process of staying on top of vulnerabilities so the fixes can be more frequent and effective. Vulnerabilities in need of fixing must be prioritized based on which ones post the most immediate risk to the network. It’s handled in various ways by security companies working in the field, from training and best-practice implementations to filtering all the vulnerability noise down to just the most dangerous threats for a protected organization.
In cybersecurity, vulnerabilities are a big deal because without them, there would be very few breaches. But vulnerabilities on their own aren’t active threats, so it’s difficult for companies to figure out which to address, and in what order. This is especially true when the number of vulnerabilities climb to staggering levels — sometimes into the millions for larger networks.
Think of vulnerabilities like holes in a suit of armor. The holes might not instantly pose a problem, but probably will cause trouble eventually. Ideally, patching those holes before someone exploits one, sending an arrow through it for example, is a good idea. The problem in cybersecurity is that there are a lot of vulnerabilities.