What is Vulnerability Management?

Vulnerability Management (VM) is the process of identifying the inventory, using tools to perform security tests on the project to identify vulnerabilities, catalog the vulnerabilities, and then patching/fixing those. It is an ongoing process and can be thought of as a part of continuous security testing.

The following components are there in this phase:

  • Vulnerability Management tools

People involved: Developers

Image: showing test machine, and VM tool machine

External sources


Why is it important in DevSecOps? 

Vulnerability Management tools fetch the reports generated by different tools to one dashboard and provide a holistic view of the threats/vulnerabilities. Such tools also provide integration with other components to notify the concerned people and follow up on the reported issues. This ensures that the vulnerabilities can be tracked and resolved efficiently. 

What will you learn in this section? 

[Incomplete, not released any challenge of this yet]

User Avatar

ArcherySec: Vulnerability Management ...

User Avatar

Defect Dojo: Managing Vulnerabilities