loading
Loading content
loading
Also known as VM
Vulnerability management is the program that turns scan output into reduced risk over time. It runs as a loop: discover assets, scan them for weaknesses, prioritize what to fix, drive remediation, then rescan to verify the fix held. Each pass updates the picture, because new assets appear and new vulnerabilities get disclosed constantly.
The hard part is prioritization, not detection. A scanner can return thousands of findings, far more than any team can patch at once, so the program ranks them. A CVSS score gives a baseline severity, but a mature program weights it with exploit availability, exposure to the internet, and how critical the affected asset is. A medium-severity flaw on an internet-facing login page can outrank a critical one buried on an isolated host.
Vulnerability scanning supplies the raw findings, patch management closes many of them, and the discipline overlaps with exposure management, which widens the lens beyond software flaws to misconfigurations and identity risk.
In a Trickest workflow, the cycle runs as connected nodes: scheduled scans feed a deduplicated findings store, enrichment ranks each item, and tickets route to owners automatically, so verification closes the loop without manual chasing.
Related terms