A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to extract, from a website vulnerability scanner log, a uniform resource locator (URL) and a vulnerability score and vulnerability classification associated with the URL. The at least one processor is further configured to generate an application vulnerability graph comprising connected nodes that are associated with a field of the URL. The nodes are labeled to indicate the associated field of the URL and color coded based on the vulnerability score. The nodes are also associated with the vulnerability classification. The at least one processor is further configured to enable or disable security protection against a user-selected vulnerability classification of a user-selected node by generating web application firewall security rules and/or web application firewall relaxation rules.