Vulnerability management is the "cyclical practice of identifying, classifying, prioritizing, remediating, and mitigating" software vulnerabilities. Vulnerability management is integral to computer security and network security, and must not be confused with Vulnerability assessment.

Remediation occurs when the threat can be eradicated, while mitigation involves minimizing the damage as it cannot be fully eliminated. For example, Distributed Denial of Service (DDOS) mitigation routes suspicious traffic to a centralized location where it is filtered.