In cybersecurity, what is a vulnerability?

A vulnerability refers to a weakness or flaw within a system, application, or network that can be exploited by a threat actor to gain unauthorized access, manipulate data, or otherwise compromise the security of the system. This definition highlights the inherent risk associated with vulnerabilities, as they can lead to significant security breaches if not adequately identified and mitigated. Understanding vulnerabilities is crucial for organizations as they form the basis for implementing effective security measures, such as patch management, vulnerability scanning, and overall risk management strategies.

The other options describe different concepts in cybersecurity. Protective measures against threats are known as security controls, while a type of security control usually refers to preventive, detective, or corrective measures implemented to safeguard information systems. An active security attack is a deliberate attempt to exploit vulnerabilities or weaknesses in a system, typically carried out by threat actors seeking to cause harm. Thus, it is clear that the definition of a vulnerability inherently centers around its potential for exploitation.