The continuous practice of identifying classifying, prioritizing, remediating, and mitigating software vulnerabilities within this.