Fundamentals of Vulnerability Management

Get an introduction to protecting your network with this Fundamentals of Vulnerability Management training. Ken Underhill explains how to use automation to manage vulnerabilities and goes over the vulnerability management lifecycle. You’ll walk away with a solid framework and understanding of different types of vulnerabilities and assessments.

Course Content

Course Description

Target Audience

This course is designed for students looking to work in a defensive security role, but the course is beneficial for everyone.


It is recommended that students have some IT or cybersecurity knowledge, but it’s not required.

Supplementary Materials

The course includes downloadable step by step lab guides that can be found in the Resource section of the course.

Course Goals

By the end of this course, students should be able to:

  • Understand different types of vulnerabilities
  • Understand different types of vulnerability assessments
  • Understand the vulnerability management life cycle
  • What is Vulnerability Management?

    Vulnerability management is a continuous information security risk process that requires the oversight of management. The process encompasses a four-tier approach that includes discovery, reporting, prioritization, and response. Ideally, a solid vulnerability management framework will ensure that every process and sub-process within it is part of a continuous cycle that improves information security and reduces the chances that flaws in the design or code compromise the security of network assets.

    What Does the Vulnerability Management Training Course Cover?

    In our online Fundamentals of Vulnerability Management training course, you will learn to use popular scanning tools, how to prepare and deliver accurate progress reports, and how to implement improved system coverage. You will have a thorough understanding of vulnerability assessment and management and will be prepared to provide your organization with the knowledge and oversight required to automatically determine weaknesses (internally and externally) in network processes, report those vulnerabilities, and resolve them. This vulnerability management training is self-paced and contains 1.2 hours of clock time for the included lessons. Upon finishing the course, you will have earned 1.2 CEU/CPE and you will receive a Certificate of Completion.

    Why Take the Vulnerability Management Class?

    There is an increasing need for businesses and organizations to employ vulnerability assessments as the number of threats and cyber-attacks continue to grow. Many companies, business entities, and medical facilities now have to maintain compliance regarding vulnerability assessment and management. Due to the complexity and problem-solving aspects of vulnerability assessment, adhering to compliance-related rules and regulations can be an overwhelming endeavor for many organizations. However, for a properly trained and educated Vulnerability Management Analyst, it is much simpler. The job outlook for Vulnerability Management Analysts, and other related positions, is favorable, as cybercrime isn't going to go away any time soon. This area of information security is similar to penetration testing, but vulnerability assessment doesn't include exploitation. That means that understanding the content of this online training can be a huge benefit to IT professionals who currently work in penetration testing. In addition to a favorable job outlook, the earning potential for vulnerability assessment and management professionals is higher than many other industries. The average base pay for a Vulnerability Management Analyst is $73,891 per year.

    What Does a Vulnerability Management Analyst Do?

    As a Vulnerability Management Analyst, you will typically be responsible for configuring and operating network vulnerability scanning tools, creating reports to communicate results, and making recommendations to resolve any issues that are found. Additionally, you may find the following on job descriptions for the position: - Design and execute vulnerability and discovery scanning.

  • Develop, implement, and maintain vulnerability assessment scanning frameworks.
  • Prepare and deliver complex IT security reports that can be easily understood by executives and other stakeholders.
  • Coordinate, monitor, and support activities and procedures in the vulnerability management program.
  • Propose vulnerability assessment and management concepts and solutions, prepare presentations for other departments and stakeholders, and coordinate external vendor demonstrations.
  • Create and maintain Standard Operation Procedures (SOP) for the vulnerability management program or department, providing technical knowledge and training to operations, production, or other support teams.
  • Facilitate and coordinate vulnerability assessment and scanning, review and analyze assessment results, patching, and remediation tasks related to servers, storage, workstations, databases, applications, and network devices.
  • Help develop long-term vulnerability assessment strategies to address global IT security needs.
  • Provide leadership modeling for junior personnel and project teams.
  • * Provide technical skills training for junior personnel. The above list isn't all-inclusive, there may be additional or fewer job-related expectations depending on the organization.

    This course is part of a Career Path:
    System Administrator Certification, Training & Career Path
    The System Administrator Career Path is the perfect starting point for professionals with little background in IT or cybersecurity. Build your foundation of knowledge, skills, and abilities that will launch you into your next industry position.

    Instructed by

    Ken Underhill

    I'm a cybersecurity professional who has worked primarily in healthcare and as an adjunct professor of digital forensics. I have been instructing online for several years, primarily in business and health-related areas. I hold both the CEH (Certified Ethical Hacker)and CHFI (Computer Hacking Forensic Investigator) certifications from EC-Council and am a content reviewer/writer for both exams (no, I can’t give you the answer key lol). I began helping other professionals pass the CHFI exam after struggling in my first exam attempt. To date, I have helped tens of thousands of people around the world pass the CEH and CHFI exams.

    Cybrary Logo
    Certification Body
    Certificate of Completion

    Complete this entire course to earn a Fundamentals of Vulnerability Management Certificate of Completion