Vulnerability Scanner Tuning -- CVSS 4.0 / CWE

Frameworks: CVSS 4.0 (FIRST.org), CWE (MITRE) Role: Security Engineer Time: 30-60 min Output: Tuned scan policy configuration, false positive analysis, severity override documentation, and cross-scanner correlation report

When to Use

If a target is provided via arguments, focus the review on: $ARGUMENTS

Use this skill when vulnerability scan results contain excessive false positives, when configuring or reconfiguring scan policies for new environments, when evaluating whether to use authenticated vs unauthenticated scanning, when scanner severity ratings do not align with actual risk, when onboarding a new scanner or comparing results across multiple scanners, or when scan performance (duration, resource consumption) needs optimization.

Do not use when: The task is triaging specific CVEs from scan output (use cve-triage), prioritizing patches from a remediation backlog (use patch-prioritization), or analyzing software composition (use sbom-analysis).