Vulnerability management is the process of reducing potential vulnerabilities in order reduce the likelihood of compromise of an endpoint or network. The vulnerability management process includes; Identifying - Analysing the outputs and results of vulnerability scans, penetration tests, firewall logs and network scans to identify anomalies and areas of potential weakness. Classifying - This part of the process involves ascertaining what level of risk the potential vulnerabilities pose to the organisation, prioritising them accordingly. Mitigating - This is the process of figuring out how to prevent the vulnerability from being exploited before a long term remedy is available (such as a patch from a vendor). Remediating - Putting a long term fix or process in place to mitigate against further vulnerability.