Which term describes the process of identifying and addressing weaknesses that could lead to a security breach?

Vulnerability management is the ongoing practice of identifying and addressing weaknesses that could lead to a security breach. It involves regularly scanning systems, applications, and configurations for known vulnerabilities, assessing risk based on how likely exploitation is and how critical the affected asset is, and prioritizing remediation actions such as applying patches, adjusting configurations, or implementing compensating controls. The process also includes verifying that fixes are correctly applied and monitoring for new vulnerabilities to keep risk at an acceptable level. By continuously discovering and closing gaps, this practice reduces the attack surface and helps prevent breaches. Shadow IT refers to unsanctioned tools that can create new risks; a baseline is a reference configuration; a stakeholder is a person or group with an interest. These terms describe other concepts, not the ongoing process of finding and fixing vulnerabilities.