Risk-Based Threat and Vulnerability Management is the combination of methods and tools to check your security control effectiveness and your risk posture.
Opposite to static vulnerability management and point in time security testing, Risk-Based Threat and Vulnerability Management utilizes different technologies dynamically to know your attack surface and prioritize remediations on a continuous and automated basis.
.
Advanced manual pen testing and vulnerability
assessment is still necessary, but it must be complemented by
machine learning-based tools for risk-based exposure assessment
to enable the anticipation of threats/attacks on baseline systems
and security.