This discipline deals with core security such as vulnerability management, threat management, compliance testing, and penetration testing. Vulnerability management is a complex endeavor in which enterprises track their assets, monitor and scan for known vulnerabilities, and take action by patching the software, changing configurations, or deploying other controls in an attempt to reduce the attack surface at the resource layer. Threat modeling and security testing are also part of activities in order to identify the vulnerabilities effectively. This discipline is aimed at proactively inspecting the infrastructure which runs the cloud to address new security threats using vulnerability scanning, virtual patching, and other aspects of security testing and response.