Remediate vulnerabilities in accordance with risk assessments.

Not all vulnerabilities identified by a vulnerability scan pose the same level of risk. Prioritize mitigation efforts to close the most critical vulnerabilities first. Track all vulnerability remediation to ensure completion; also track vulnerabilities that you have determined not to remediate.

Remediate the vulnerabilities identified by your vulnerability scans. This often involves applying security updates and patches to your systems. Document the discovered vulnerabilities in a plan of action and milestones document so that you can track your progress towards mitigating them. Prioritize mitigation efforts to close the most critical vulnerabilities first.