// THREAT DETECTION AND DATA PRIVACY TERM
Risk Mitigation
Risk mitigation is the process of taking specific actions to reduce the probability or impact of a potential threat. It involves implementing safeguards and countermeasures to protect assets from identified risks.

TECHNICAL DEFINITION
Risk mitigation is a core function of cybersecurity risk management that involves deploying security controls, countermeasures, and procedural safeguards to reduce the likelihood or impact of threats exploiting vulnerabilities in IT systems, networks, and organizational assets.
BACKGROUND
Computer security is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information disclosure, theft, or damage to hardware, software, or data, as well as to the disruption or misdirection of the services they provide.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- Risk reduction
- Threat mitigation
- Risk treatment
- Countermeasure implementation
- Exposure reduction
- Vulnerability remediation
USAGE NOTE
This strategy is chosen when a risk is deemed unacceptable in its current state but cannot be entirely eliminated or transferred.
DEVELOPERS
Organizations developing technology related to Risk Mitigation.
Develops the Tenable One exposure management platform, which provides technology to continuously discover, assess, and prioritize vulnerabilities and cyber risks across an organization's entire attack surface, from IT to cloud to OT.
Offers a comprehensive security platform that includes technologies for risk mitigation such as the Cortex XSOAR for security orchestration and automated response (SOAR) and Prisma Cloud for managing security posture and compliance in cloud environments.
Provides the Falcon platform, a cloud-native solution that uses AI and threat intelligence to offer endpoint security, cloud security, and identity protection, enabling organizations to proactively identify and mitigate threats and vulnerabilities.
Develops the Insight Platform, which integrates vulnerability management, SIEM, and application security technologies to provide unified visibility and analytics, helping security teams reduce their attack surface and mitigate risks.
A leader in threat intelligence and incident response, Mandiant develops technology platforms like Mandiant Advantage that provide threat intelligence, security validation, and attack surface management to help organizations understand and mitigate the risks posed by sophisticated attackers.
As a major defense contractor, Lockheed Martin develops intelligence-driven cybersecurity solutions. It created the Cyber Kill Chain framework, a widely used model for understanding and mitigating the stages of a cyberattack.
Develops the Fortinet Security Fabric, a broad, integrated, and automated cybersecurity platform. Its technology helps organizations manage and mitigate risk by providing unified control and visibility across the entire digital attack surface.
A U.S. federal agency that develops and promotes tools, frameworks, and information sharing platforms to help public and private sector partners manage and mitigate cyber risks. They provide services like vulnerability scanning and risk assessments.