This document discusses the need for vulnerability management. It notes that vulnerabilities pose a serious risk to organizations by exposing networks to cyber attacks. Vulnerabilities can come from programming bugs, faulty software configurations, and human error. They are constantly being discovered in widely used software. Without vulnerability management, networks can fall victim to attacks within a day of being connected to the internet. The document advocates for continuous vulnerability management to proactively identify and eliminate vulnerabilities before they can be exploited.