From helpnetsecurity.com
From the get-go, too many organizations have an outdated idea of what vulnerability management entails. It’s not simply about scanning your networks for threats.
A holistic approach to vulnerability management includes identifying, reporting, assessing and prioritizing exposures. Crucially, it also involves risk context. Instead of merely scanning for security gaps, a comprehensive approach to vulnerability management shows you how those gaps could be exploited and the consequences that could occur.