DO integrate vulnerability management with other security tools. Security information and event management (SIEM) heads the list. Vulnerability management is a critical source of information for SIEM as part of your overall risk management program. As soon as a vulnerability or configuration issue is detected, the information should be fed to the SIEM tool to correlate with information from other sources, such as firewalls and intrusion protection systems.
Vulnerability management also integrates well with intrusion protection systems, which can use asset inventory and vulnerability information to determine which attacks represent real threats and which can be safely ignored.
If the vulnerability management tool includes application scanning, the results can be used to create or modify protection rules for Web application firewalls.