What is the SSVC framework?

Stakeholder-Specific Vulnerability Categorization (SSVC) is a decision-tree model developed by SEI and CISA to prioritize vulnerabilities based on risk, exploitation status, and organizational impact.

How does this skill use CISA KEV data?

The skill automatically queries the CISA Known Exploited Vulnerabilities (KEV) catalog to determine if a vulnerability is being actively exploited, which heavily influences the triage priority.

Does it require specific API keys?

While it can function with public endpoints, an NVD API key is recommended for higher rate limits when processing large batches of vulnerability data.

Can I integrate this with existing security scanners?

Yes, it is designed to ingest and process scan results from popular tools including Nessus, OpenVAS, and Qualys via CSV or XML exports.

What are the remediation tiers produced by this skill?

It categorizes vulnerabilities into four outcomes: Track (remediate in 90 days), Track* (60 days), Attend (14 days), or Act (immediate remediation within 48 hours).

SSVC Vulnerability Triage

Name: SSVC Vulnerability Triage
Author: mukul975

bymukul975

•

4,121

•

セキュリティとテスト

Prioritizes cybersecurity vulnerabilities using CISA’s Stakeholder-Specific Vulnerability Categorization (SSVC) framework to generate actionable remediation plans.

This skill implements the Stakeholder-Specific Vulnerability Categorization (SSVC) framework to help security teams move beyond generic CVSS scores by incorporating real-world context. By evaluating exploitation status through CISA KEV and EPSS data, technical impact, automatability, and mission prevalence, it categorizes vulnerabilities into one of four actionable tiers: Track, Track*, Attend, or Act. This is ideal for security operations centers (SOCs) and vulnerability management teams who need to automate data ingestion from scanners like Nessus or OpenVAS and apply a standardized, risk-based prioritization logic that aligns with CISA and SEI best practices.

主な機能

01Implements the CISA SSVC decision-tree methodology for vulnerability prioritization

02Generates structured triage reports with defined remediation SLAs and action items

03Supports data ingestion from Nessus, OpenVAS, and Qualys vulnerability scanners

04Evaluates technical impact, automatability, and mission prevalence for risk scoring

054,121 GitHub stars

06Automates integration with CISA Known Exploited Vulnerabilities (KEV) and EPSS APIs

ユースケース

01Automating the prioritization of daily vulnerability scan results to reduce alert fatigue

02Improving security program maturity by transitioning from CVSS to evidence-based SSVC triage

03Standardizing security team workflows for incident response and patch management

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mukul975/anthropic-cybersecurity-skills triaging-vulnerabilities-with-ssvc-framework

For use in Claude.ai and ChatGPT

主な機能

01Implements the CISA SSVC decision-tree methodology for vulnerability prioritization

02Generates structured triage reports with defined remediation SLAs and action items

03Supports data ingestion from Nessus, OpenVAS, and Qualys vulnerability scanners

04Evaluates technical impact, automatability, and mission prevalence for risk scoring

054,121 GitHub stars

06Automates integration with CISA Known Exploited Vulnerabilities (KEV) and EPSS APIs

ユースケース

01Automating the prioritization of daily vulnerability scan results to reduce alert fatigue

02Improving security program maturity by transitioning from CVSS to evidence-based SSVC triage

03Standardizing security team workflows for incident response and patch management