Glossary

A vendor-managed asset is an element of a company’s IT infrastructure controlled and managed by a vendor, so the company has no direct control over the asset. These assets may be known or unknown, and they can introduce serious vulnerabilities into the company’s network. Attack surface management solutions provide visibility into vendor-managed assets, how they’re connected to first-party assets, whether there are vulnerabilities, and how an exploit could impact the company’s first-party assets.

Vendor risk management ensures the business is not at risk for a data breach, operational outage, or other negative impacts due to its connections with third-party vendors and suppliers. These vendors are critical for day-to-day operations and efficiencies but can be a massive risk without monitoring risk from every angle.

A vulnerability is a weakness in a company’s systems that provides opportunities for cyber attackers to gain unauthorized access and carry out successful cyber attacks. Vulnerabilities can exist in security policies, security controls, application configurations, code, open ports, and every other area of a company’s information systems.

A vulnerability assessment is an evaluation of a discovered vulnerability to determine the level of risk it poses to the organization, such as how easily threat actors can exploit it and the sensitivity of the data that they can access. Vulnerability assessment is used to determine risk scores and prioritize risks.

Vulnerability management includes processes and solutions to continuously monitor a company’s IT systems, identify potential vulnerabilities, prioritize risks, mitigate risks, and report on incidents.

Vulnerability patching is the process of applying fixes to applications or systems that remediate a discovered vulnerability. They may be implemented as temporary mitigation efforts and incorporated into the next software release, or they may be permanent fixes that eradicate the vulnerability. Regularly checking for updates and installing the most current, secure software versions and patches released by the developers is part of the vulnerability management process.

Vulnerability scanning is an ongoing process of monitoring a company’s IT networks, systems, and software to identify potential security risks. Vulnerability scanning solutions automate this process and report on abnormal behavior discovered so security teams can take immediate action to remediate or mitigate vulnerabilities.