diff --git a/crates/cli/src/command.rs b/crates/cli/src/command.rs
index 7de9252..0fe9d4d 100644
--- a/crates/cli/src/command.rs
+++ b/crates/cli/src/command.rs
@@ -50,7 +50,16 @@ pub async fn execute(cmd: Command) -> Result<(), Box<dyn Error>> {
             pkg_dir,
             recursive,
             api_keys: _,
-        } => scan::execute(cpe_feed.feed_dir, out_dir, pkg_dir, recursive, cfg.api_keys).await,
+        } => {
+            scan::execute(
+                cpe_feed.feed_dir,
+                out_dir.unwrap_or(cfg.scan_results_dir),
+                pkg_dir,
+                recursive,
+                cfg.api_keys,
+            )
+            .await
+        }
 
         Command::KnownExploitedVulns {} => known_exploited_vulns::execute().await,
     }
@@ -97,7 +106,7 @@ pub enum Command {
         cpe_feed: CpeFeedOpt,
 
         #[structopt(short = "o", long = "out-dir", env = "VULNER_OUT_DIR")]
-        out_dir: PathBuf,
+        out_dir: Option<PathBuf>,
 
         #[structopt(short = "p", long = "pkg-dir", env = "VULNER_PKG_DIR")]
         pkg_dir: Option<PathBuf>,
diff --git a/crates/cli/src/conf.rs b/crates/cli/src/conf.rs
index f423371..c534d73 100644
--- a/crates/cli/src/conf.rs
+++ b/crates/cli/src/conf.rs
@@ -7,11 +7,13 @@
 
 use serde::{Deserialize, Serialize};
 use std::env;
+use std::path::{Path, PathBuf};
 use structopt::StructOpt;
 
 #[derive(Serialize, Deserialize, Debug)]
 pub struct VulnerConfig {
     version: u8,
+    pub scan_results_dir: PathBuf,
     pub api_keys: ApiKeys,
 }
 
@@ -23,11 +25,21 @@ pub struct ApiKeys {
 
 impl std::default::Default for VulnerConfig {
     fn default() -> Self {
+        let home_dir = env::var("HOME").unwrap_or_else(|_| "/tmp".to_owned());
+        let vulner_dir = Path::new(&home_dir).join(crate::NAME);
+
         Self {
             version: 0,
-            api_keys: ApiKeys {
-                nvd_api_key: Some("".to_owned()),
-            },
+            scan_results_dir: vulner_dir.join("scan-results"),
+            api_keys: ApiKeys::default(),
+        }
+    }
+}
+
+impl std::default::Default for ApiKeys {
+    fn default() -> Self {
+        Self {
+            nvd_api_key: Some("".to_owned()),
         }
     }
 }