building-vulnerability-scanning-workflow
Installation
SKILL.md
Building Vulnerability Scanning Workflow
When to Use
Use this skill when:
- SOC teams need to establish or improve recurring vulnerability scanning programs
- Scan results require prioritization beyond raw CVSS scores using asset context and threat intelligence
- Vulnerability data must be integrated into SIEM for correlation with exploitation attempts
- Remediation tracking needs formalization with SLA-based dashboards and reporting
Do not use for penetration testing or active exploitation — vulnerability scanning identifies weaknesses, penetration testing validates exploitability.
Prerequisites
- Vulnerability scanner (Tenable Nessus Professional, Qualys VMDR, or OpenVAS/Greenbone)
- Asset inventory with criticality classifications (business-critical, standard, development)
- Network access from scanner to all target segments (agent-based or network scan)
- SIEM integration for scan result ingestion and correlation
- Patch management system (WSUS, SCCM, Intune) for remediation tracking