Intermediate Vocabulary #collocations #security #vulnmgmt

Vulnerability Management Collocations

5 exercises on the language of finding and fixing flaws — the verbs and identifiers used in advisories, remediation tickets, and DevSecOps pipelines.

Key patterns in this set
  • patch / remediate a vulnerability — apply the fix
  • CVE (one flaw) vs CWE (weakness class) vs CVSS (score)
  • zero-day — exploited before a patch exists; shrink the attack window
  • scan for vulnerabilities — automated SCA / SAST / DAST
  • harden a system — tighten config to cut the attack surface
0 / 5 completed
1 / 5
A remediation ticket reads:

"Upstream has released a fix for the Log4j flaw. We need to ___ this vulnerability across all affected services before the end of the sprint."

Which verb is the standard collocation for fixing a security flaw by applying a code/version fix?