Vulnerability management is an arm of our security spider that has its own set of processes and procedures:

Vulnerability management provides the capability to find the issues that already exist on our network by scanning against systems and reconciling findings from a vulnerability database. A basic process of understanding this is depicted in the following simple vulnerability management process:

Vulnerability databases are repositories of information about vulnerabilities that have been identified in systems and in software. They are classified by a Common Vulnerabilities and Exposure (CVE) identification that has a number, a brief description, and a public source, which is where it came from. The ratings for each vulnerability are dependent on what tool or database is doing the adjudication. However, the majority of tools start with a Common Vulnerability Scoring System (CVSS), since it is an open source application of understanding and communicates the impacts of vulnerabilities that exist in an environment.