Many people use Vulnerability Assessment and Vulnerability Management as the same term — but they are different.
🔹 Vulnerability Assessment focuses on identifying weaknesses at a point in time:
✔️ Asset discovery
✔️ Scanning & misconfiguration checks
✔️ CVE identification
✔️ Severity scoring
🔹 Vulnerability Management is an ongoing process to reduce risk over time
✔️ Continuous scanning
✔️ Prioritization based on business impact
✔️ Patch coordination & remediation tracking
✔️ Validation and reporting
Assessment finds the problem. Management reduces the risk.
@OUPNarith
