Risk-based vulnerability management is the process of reducing vulnerabilities across the attack surface of an organization’s assets by prioritizing remediation based on the risks they pose.

Unlike other vulnerability management techniques, risk-based vulnerability management goes beyond just discovering vulnerabilities. It assists the IT experts to know vulnerability risks with threat context and knowledge about the impact on business.

Risk-based vulnerability management involves machine learning to link asset criticality, threat actor activity and vulnerability severity. It reduces vulnerability overload. This will help IT professionals focus on the vulnerabilities that pose the most risk.

Nowadays, defenders are overwhelmed with the job of managing security vulnerabilities. In 2017, 17,000 new vulnerabilities were reported, a rate equaling one new vulnerability every 6 minutes.

Nevertheless, the total number of vulnerabilities poses a problem for teams responsible for patching. Even if you have a competent security team, patching and testing can take a long time. This is based on the number of applications or systems and the types of resources involved.

The constant stream of new vulnerabilities and the extended process of fixing them make it hard to manage them effectively without a strategy to determine priority. If vulnerability management teams focus on fixing the wrong vulnerabilities at the initial stage, they may waste lots of time and effort while exposing their organizations to unnecessary risk.

For more information see: What is Risk-Based Vulnerability Management?