As attack surfaces continue to expand, security teams must evolve the scope and approach of their vulnerability management programs.