To a cyber criminal, vulnerabilities on a network are hidden, high-value assets. Their targeted exploitation may result in unauthorized entry into a network, which can expose confidential information, provide fuel for stolen identities, cause theft of business secrets, violate privacy provisions of laws and regulations, or paralyze business operations. New vulnerabilities appear every day due to flaws in software, faulty configuration of applications and infrastructure, and human error. Whatever their source, vulnerabilities do not go away by themselves. Their detection, removal and control require vulnerability management (VM) - the calibrated, continuous use of software tools and workflow that proactively purges exploitable risks.

This guide describes the need for Vulnerability Management. It introduces the sources of vulnerabilities and their related fallout, then relates why the nature of modern threats to the network requires automated technology to counter sophisticated exploits.