Once the existing vulnerabilities in the security system are duly identified, they are segregated for further process of vulnerability management. This includes a thorough scrutiny of the identified vulnerabilities, ascertaining their level of impact and extent of outreach with respect to the damage-causing capability. After ascertaining whether or not do they pose an imminent threat to the servers or applications, these vulnerabilities are classified and dealt with accordingly.
Post classification of the vulnerabilities into the appropriate categories for treatment, a suitable remedy or solution framework is then worked upon, in order to mitigate the risk and effect on the company data and security system at large. This process of filling up the prevalent gaps causing such vulnerabilities is done prior to patching as a part of vulnerability management, in case a patch isn’t available at a particular point of time, or if an urgent measure is to be taken on an immediate basis.

There are a number of ways in which this process can be completed, including the removal of the affected part of the website/system or network altogether from the online zone by making it offline, as per its significance. There are other work-around as well, which can help in shielding the area of vulnerability impact till the time it can be patched.

The final stage of vulnerability management is the patching of the identified vulnerabilities by adhering to a systematic process that involves getting the appropriate patches, usually from the vendors, to apply to the affected software or hardware in the right way within the right time. In order to choose the right sort of patch for a vulnerability, it is wise for the technical experts to perform patch testing and then make the selection as per the results best suited. This completes the process of vulnerability management, encompassing aspects such as acceptance of risk and risk remediation.