To disable specific vendor signatures in Cisco IPS sensors, follow these steps:

1. Login to the Adaptive Security Device Manager (ASDM) and navigate to Configuration ) ASA FirePOWER Configuration ) Policies ) Intrusion Policy ) Intrusion Policy.
2. Click on the Edit option for the Intrusion Policy you want to modify.
3. In the Intrusion Policy Management page, scroll down to the Rules option in the navigational panel and click on it. This will take you to the Rule Management page.
4. To disable a specific vendor signature, you can use the Filter bar option to search for the signature by keyword. For example, if you want to disable signatures related to a specific vendor, you can use the vendor name as a keyword in the filter bar.
5. Once the signatures are filtered, select the ones you want to disable.
6. Choose the option "Rule State" and configure the state of the selected rules as "Disable". This will disable the selected vendor signatures.
7. Click on OK to save the changes.

By following these steps, you can disable specific vendor signatures in Cisco IPS sensors.

Now, about the false positives from the category WEB-applications, they can be handled as follows:

1. If the alert is truly a false positive, you can customize your IPS sensor to ignore these alerts going forward.
2. Additionally, you can make use of Cisco's risk rating system to prioritize alerts and adjust the risk rating threshold for alert generation.
3. Lastly, Cisco provides alert verification features through which you can confirm whether the alert is a false positive or not.

Feel free to follow up if you have further questions or need more clarity on this.