Method and system for dynamic and comprehensive vulnerability management

What is claimed is: 1. A system for dynamic and comprehensive vulnerability management comprising: at least one processor; and at least one memory unit coupled to the at least one processor, the at least one memory unit having stored therein instructions which when executed by any set of the one or more processors, perform a process for dynamic and comprehensive vulnerability management, the process for dynamic and comprehensive vulnerability management including: obtaining vulnerability management data; obtaining scanner data representing one or more scanner tests configured to discover one or more vulnerabilities in an asset; obtaining remedy data representing two or more remedies associated with vulnerabilities scanned for by the one or more scanner tests, the two or more remedies including a first remedy of automatic re-sizing of buffers and buffer pools and a second remedy of automatic re-setting or changing a response time; correlating the remedy data with vulnerabilities discoverable by the scanner tests; obtaining asset data associated with an asset; analyzing the vulnerability management data and the asset data to automatically identify a relevant scanner test in the scanner data to be applied to the asset; determining an ideal time to deploy the relevant scanner test on the asset; automatically deploying the relevant scanner test on the asset at, or before, the ideal time; if a vulnerability is identified by the relevant scanner test, identifying the remedy in the remedy data associated with the identified vulnerability; automatically applying the identified remedy to the asset; automatically re-deploying the relevant scanner on the asset to determine if the identified vulnerability has been corrected; and if the identified vulnerability is present after the remedy associated with the identified vulnerability has been applied taking protective action to mitigate the vulnerability. 2. The system for dynamic and comprehensive vulnerability management of claim 1 wherein the vulnerability management data is open-ended to allow for the addition, deletion, and modification of vulnerabilities and vulnerability characteristics represented by the vulnerability management data. 3. The system for dynamic and comprehensive vulnerability management of claim 1 wherein the scanner data is open-ended to allow for the addition, deletion, and modification of scanner tests represented by the scanner data. 4. The system for dynamic and comprehensive vulnerability management of claim 1 wherein the remedy data is open-ended to allow for the addition, deletion, and modification of remedies represented by the remedy data. 5. The system for dynamic and comprehensive vulnerability management of claim 1 wherein at least one of the vulnerabilities discoverable by the one or more scanner tests are vulnerabilities included in the group of vulnerabilities consisting of: the existence of a known weakness pattern in the asset; an incorrect buffer length; the inability of the asset to patch correctly; a lack of security requirements, or insufficient security requirements associated with the asset; the existence of a known vulnerable version of software or code; code written in a language, or version of a language, known to be vulnerable to attack; lack of encryption, or the proper level of encryption; no checks of buffer lengths; no checks of the integrity of arguments; and any combination thereof. 6. The system for dynamic and comprehensive vulnerability management of claim 1 wherein at least one of the remedies associated with vulnerabilities discoverable by the scanner tests is selected from the group of remedies consisting of: automatic application of a software patch; automatic installation of a software version update; automatic deletion of an asset component; automatic replacement of an asset component; automatic notification of a contact entity associated with the asset of the vulnerability and the need to correct the vulnerability; an automatic change to a configuration; and any combination thereof. 7. The system for dynamic and comprehensive vulnerability management of claim 1 wherein at least one of the one or more assets is selected from the group of assets consisting of: a file; an application development process; an application; a virtual machine; an instance in a cloud infrastructure; storage capability allocated to an instance in a cloud infrastructure; processing capability allocated to an instance in a cloud infrastructure; hardware allocated to an instance in a cloud infrastructure; software allocated to an instance in a cloud infrastructure; a cloud infrastructure access system; and any combination thereof. 8. The system for dynamic and comprehensive vulnerability management of claim 1 wherein the ideal time to deploy the relevant scanner test on the asset is determined based on deploying the relevant scanner test at a time where minimum resources are required to correct the vulnerability being scanned for. 9. The system for dynamic and comprehensive vulnerability management of claim 1 wherein the protective action taken is selected from the group of protective actions consisting of: closing one or more accounts associated with the asset; closing down a service that is the asset or is associated with the asset; closing down an instance that is the asset or is associated with the asset; destroying a data store that is the asset or is associated with the asset; blocking Internet access to the asset; closing down any communication channels that are the asset or are associated with the asset; upgrading the asset; replacing the asset; and any combination thereof. 10. A system for dynamic and comprehensive vulnerability management comprising: at least one processor; and at least one memory unit coupled to the at least one processor, the at least one memory unit having stored therein instructions which when executed by any set of the one or more processors, perform a process for dynamic and comprehensive vulnerability management, the process for dynamic and comprehensive vulnerability management including: obtaining vulnerability management data; obtaining scanner data representing one or more scanner tests configured to discover one or more vulnerabilities in an asset; obtaining remedy data representing one or more remedy procedures associated with vulnerabilities discoverable by the one or more scanner tests, the one or more remedy procedures indicating an associated vulnerability correction time period within which the vulnerability must be corrected, the remedy data further including two remedies including a first remedy of automatic re-sizing of buffers and buffer pools and a second remedy of automatic re-setting or changing a response time; correlating the remedy data with vulnerabilities discoverable by the scanner tests; obtaining asset data associated with an asset; analyzing the vulnerability management data and the asset data to automatically identify a relevant scanner in the scanner data to be applied to the asset; determining an ideal time to deploy the relevant scanner test on the asset; automatically deploying the relevant scanner test on the asset at, or before, the determined ideal time; if a vulnerability is identified by the relevant scanner test, identifying the remedy procedure in the remedy data associated with the identified vulnerability; automatically implementing the identified remedy procedure; automatically re-deploying the relevant scanner test on the asset to determine if the identified vulnerability has been corrected; and if the identified vulnerability is present after the defined vulnerab