The process of identifying, analyzing, and prioritizing security vulnerabilities in a network or system.