Vulnerability Management

Vulnerability management is more than scanning, it’s a continuous, business‑aligned process of identifying, assessing, prioritising, and fixing security weaknesses before attackers can exploit them.

This pillar is your starting point for practical, real‑world guidance on building and maintaining a strong vulnerability management program that actually works in an organisation, not just on paper.

• 
  How to Build a Vulnerability Management Program
  by Tayven
  March 21, 2026
  Series: Vulnerability Management This article outlines practical steps for developing a modern vulnerability management program, based on real-world experience, covering free tools, patching, and reporting. Read my previous article in the series: Free Vulnerability Scanning with OpenVAS: Essential Eight. A Real-World Guide A vulnerability scanner alone will not secure your organisation. Effective security requires a… Read more: How to Build a Vulnerability Management Program
• 
  Free Vulnerability Scanning with OpenVAS: Essential Eight
  by Tayven
  January 26, 2026
  When it comes to the ASD Essential Eight (E8), one of the hardest parts isn’t implementing the controls, it’s proving you’re actually maturing. Auditors want evidence, not promises. The good news is that you don’t always need expensive vulnerability management platforms to get there. I’ve previously used OpenVAS (Open Vulnerability Assessment System), a completely free,… Read more: Free Vulnerability Scanning with OpenVAS: Essential Eight