# Vulnerability management architecture

This document provides an overview of Fleet's vulnerability management architecture.

## Introduction

Vulnerability management in Fleet identifies and manages software vulnerabilities in the device fleet. This document provides insights into the design decisions, system components, and interactions specific to the Vulnerability management functionality.

## Architecture overview

The Vulnerability management architecture enables the identification, tracking, and remediation of software vulnerabilities across a fleet of devices. It compares installed software versions with known vulnerabilities and provides information about affected devices.

To learn more, read our [vulnerability processing](https://fleetdm.com/guides/vulnerability-processing), [software filtering](https://fleetdm.com/guides/filtering-software-by-vulnerability), and [remediating the xz vulnerability with Fleet](https://fleetdm.com/guides/remediating-the-xz-vulnerability-with-fleet).

## Key components

## Architecture diagram

```
[Placeholder for Vulnerability Management Architecture Diagram]
```

## Vulnerability identification flow

## Vulnerability data sources

## Vulnerability scoring

## Vulnerability remediation

## Integration with external systems

## Related resources

- [Vulnerability processing guide](https://fleetdm.com/guides/vulnerability-processing)
- [Software filtering guide](https://fleetdm.com/guides/filtering-software-by-vulnerability)
- [Remediating the cx vulnerability with Fleet guide](https://fleetdm.com/guides/remediating-the-xz-vulnerability-with-fleet)
- [Software Product Group Documentation](../../product-groups/software/) - Documentation for the Software product group
- [Software Development Guides](../../guides/software/) - Guides for Software development