Targeted lockdown of a computer system for an identified vulnerability is provided. The targeted lockdown includes configuring a vulnerability lockdown module implemented on a computer system to perform targeted actions to change a configuration of the computer system. The computer system may be scanned by a vulnerability scanner configured to identify vulnerabilities. In response to identifying a vulnerability, the vulnerability may be communicated to the vulnerability lockdown module and the vulnerability lockdown module may implement a vulnerability lockdown mode by causing the computer system to perform the targeted actions to change the configuration of the computer system by restricting functionality of portions of the computer system affected by the identified vulnerability.