After this lesson, you will be able to: Explain the vulnerability lifecycle (discover → prioritize → remediate → verify) and why it never ends.
Vulnerabilities are weaknesses in software, configuration, or process that an attacker could exploit. Vulnerability management is the continuous discipline of finding them faster than attackers can, and fixing the ones that matter most.
A vulnerability is a weakness (an unpatched server). A threat is something or someone that could exploit it (a ransomware crew). Risk is the likelihood × impact of a threat exploiting a vulnerability. You manage risk by reducing vulnerabilities, but not all vulnerabilities matter equally.
Discover (scan systems for known weaknesses), Prioritize (rank by severity and business impact), Remediate (patch, configure, or compensate), Verify (rescan to confirm the fix), Repeat, forever. The lifecycle never ends because new CVEs publish every day.
Coding mistakes (buffer overflows, injection flaws). Misconfigurations (S3 bucket public, default password). Outdated software (a 2017 OpenSSL with known CVEs). Architecture flaws (a single trust zone with no segmentation). Most real exploits chain two or three of these together.
Pick the cleanest answer.
Sign in and purchase access to unlock this lesson.