Get in Touch Close Menu

Vulnerability Management

Why Vulnerability Management


Dynamic scanning, agents, and cloud connectors combined with coverage of more than 62,000 vulnerabilities provide a holistic view of the exposure of an entire estate.


Threat data is combined with easy-to-understand risk scores to allow for the prioritisation and a high cadence of operations. Also, monthly and quarterly reports provide a high-level overview of strategic purposes and board reporting.


Analyse the threat with detailed reporting and console access. Consult with Sapphire’s security professionals who can assist with remediation of threats and re-testing vulnerability exploits.

Key Features

  • Continuous visibility of all exploitable vulnerabilities​
  • Risk based prioritisation of remediation​
  • Uncover Shadow IT via digital asset discovery​
  • Meet regulatory compliance needs​
  • Subject matter experts continually reviewing findings​
  • Full support of vulnerability management infrastructure
  • Comprehensive and bespoke reporting


1. What is vulnerability management?

Vulnerability management involves identifying, evaluating, remediating and re-testing security vulnerabilities. Integral to the security strategy and executed as part of a layered security posture, it allows organisations to identify and minimise risk.

2. What are the main types of vulnerability?

Hardware and software vulnerabilities are one of the key concerns for organisations. With more and more code being deployed in the enterprise environment, problems with insecure or poorly written software have been responsible for some of the most high-profile breaches to date.

3. What is the difference between vulnerability management and vulnerability assessment?

Vulnerability management is generally an ongoing process managed by people, process and technology, whereas a vulnerability assessment, or one-off scan, is a ‘point in time’ analysis.

4. What are vulnerability management tools?

Vulnerability management tools scan the attack surface and identify vulnerabilities to mitigate risk. Sapphire provides a cloud-based platform that helps with vulnerability detection and alerting. The platform monitors your networks, applications and critical systems and alerts on any vulnerabilities that could compromise business operations.

5. What is the difference between vulnerability management and patch management?

Vulnerability management involves identifying and reporting vulnerabilities in a network. Patch management is where software vulnerabilities are remediated by updating or patching the exploitable code.

6. Why do we need a vulnerability management program?

In most organisations, the attack surface is open to numerous vulnerabilities. Any externally visible connected asset can be compromised by an attacker, given enough time, focus and resources. Tracking and identifying this across any enterprise is a complex and continual process.

7. How do vulnerability scanners work?

Vulnerability scanners are automated tools that allow organisations to check if their systems or networks have security issues that attackers can exploit. Scanners may be deployed internally or externally giving visibility to both public and private vulnerabilities.

8.What does Sapphire offer?

Sapphire delivers a fully managed vulnerability management service, with customised customer-specific reports and dashboards​. In addition to this, we offer expert reviews of findings​. Our service offering includes:

  • Full scoping exercise of customer environment​
  • Dedicated management platform per customer​
  • Architecture and initial service start up​
  • Tracked through project management for full transparency

In addition to this, our managed service delivers a quarterly review of all platform components: patches, incremental updates and version upgrades and a quarterly systems health check.