Defining Vulnerability Risk Management (and How to Build a Modern VRM Program)

Defining Vulnerability Risk Management (and How to Build a Modern VRM Program)

Once upon a time (just a handful of years ago), vulnerability management programs focused solely on servers, running quarterly scans that targeted only critical systems.



But that was then, and you can’t afford such a limited view in the now. Truth is, vulnerability exploitation now happens indiscriminately across the modern attack surface—from local and remote endpoints to on-prem and cloud infrastructure to web applications and containers. Security teams must start thinking about their organization’s risk more holistically, since their adversaries will take advantage of any available entryway into the network. In short—attackers aren’t siloed in their approach, so you shouldn’t be siloed in yours.


A logical first step? Expanding the way you think about vulnerability risk management to not just include traditional IT infrastructure, but also cloud-based or virtualized assets and applications. Let’s dive deeper into the VRM considerations for each layer.


Enhancing vulnerability management—on-prem and in the cloud


Today, your security team has more on its plate than ever before. You’re tasked with monitoring a vast attack surface, including systems and software in corporate data centers and on cloud platforms, running in physical, virtualized, and container environments.


Your vulnerability management solution should be able to keep pace with these ever-increasing demands for visibility. On top of protecting critical infrastructure that keeps the network in motion, it should also work with DHCP connections, VMware, AWS, Azure, and other virtual and cloud platforms. For many teams who are increasing their cloud adoption, a primary goal is to eliminate blind spots in your environment by integrating with cloud platforms, detecting when new devices are deployed, and automatically assessing them.


You can take ..